# Pushes a Docker image without needing access to the Docker daemon
# 
# Pushing an image to a container registry authenticated:
#   DOCKER_USERNAME - Woodpecker CI Secret which is the container registry username
#   DOCKER_PASSWORD - Woodpecker CI Secret which is container registry password
#
#   Adjust branches to test things.
#
#   This configs the clone to skip SSL verification. FIXME with a real cert insert.
#
pipeline:
  publish-docker-image:
    image: plugins/kaniko
    settings:
      repo: core.harbor.0.tus.us.bluequartz.xyz/k8s/bin
      tags: latest,v2.0.0-${CI_COMMIT_SHA:0:8}
      dockerfile: Dockerfile
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
branches: master