webapitest/.drone.yml

---
kind: pipeline
type: docker
name: build-and-package

steps:
  - name: build-test-publish
    image: nexus.khongisa.co.za/sdk:10.0
    commands:
      - dotnet restore --source https://nexus.khongisa.co.za/repository/nuget-group/index.json --no-cache
      - dotnet build --configuration Release --no-restore
      - dotnet test --configuration Release --no-build
      - dotnet publish --configuration Release --no-build

  - name: docker-build-and-push
    image: plugins/docker
    settings:
      registry: nexus.khongisa.co.za
      repo: nexus.khongisa.co.za/webapitest
      tags: [ "${DRONE_BUILD_NUMBER}", "latest" ]
      username: { from_secret: docker_username }
      password: { from_secret: docker_password }

  - name: vulnerability-scan
    image: aquasec/trivy:0.50.1
    environment:
      TRIVY_USERNAME: { from_secret: docker_username }
      TRIVY_PASSWORD: { from_secret: docker_password }
    commands:
      - trivy image --image-src remote --exit-code 1 --severity CRITICAL nexus.khongisa.co.za/webapitest:${DRONE_BUILD_NUMBER}

trigger:
  branch:
    - main
  event:
    exclude:
      - promote

---
kind: pipeline
type: docker
name: deploy-to-uat

depends_on:
  - build-and-package

steps:
  - name: uat-deployment
    image: appleboy/drone-ssh
    settings:
      host: { from_secret: ssh_host }
      username: { from_secret: ssh_user }
      password: { from_secret: ssh_password }
      script:
        - echo $DOCKER_PASSWORD | docker login nexus.khongisa.co.za -u $DOCKER_USERNAME --password-stdin
        - docker pull nexus.khongisa.co.za/webapitest:latest
        - docker stop webapi 2>/dev/null || true
        - docker rm webapi 2>/dev/null || true
        - docker run -d --name webapi --restart unless-stopped -e ASPNETCORE_ENVIRONMENT=Development -p 4000:8081 nexus.khongisa.co.za/webapitest:latest
    environment:
      DOCKER_USERNAME: { from_secret: docker_username }
      DOCKER_PASSWORD: { from_secret: docker_password }

trigger:
  event:
    - promote
  target:
    - staging