[DEVOPS-1566] - add DCT test workflow (#158)

* add DCT test workflow * Fix typo * Add suggestion * update the test to only reference mssql utility * UPDATE: project name to repo var
bitwarden · Oct 19, 2023 · 46e19de · 46e19de
1 parent 0ba963b
commit 46e19de
Showing 1 changed file with 49 additions and 0 deletions.
diff --git a/.github/workflows/DCT-test.yml b/.github/workflows/DCT-test.yml
@@ -0,0 +1,49 @@
+---
+name: Test DCT
+
+on:
+ workflow_dispatch: {}
+
+env:
+ _AZ_REGISTRY: bitwardenprod.azurecr.io
+
+jobs:
+ test-dct:
+ name: Pull and push images to DH to test DCT
+ runs-on: ubuntu-22.04
+ env:
+ _REPO: mssqlmigratorutility
+ _IMAGE_TAG: latest
+ steps:
+
+ - name: Login to Azure - Prod Subscription
+ uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
+ with:
+ creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+
+ - name: Login to Azure ACR
+ run: az acr login -n ${_AZ_REGISTRY%.azurecr.io}
+
+ ########## DockerHub ##########
+ - name: Setup DCT
+ id: setup-dct
+ uses: bitwarden/gh-actions/setup-docker-trust@082f5e05ed97c3601c6f3179250b1a761c4d647f
+ with:
+ azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
+ azure-keyvault-name: "bitwarden-ci"
+
+ - name: Pull and tag image from ACR
+ run: |
+ docker pull $_AZ_REGISTRY/$_REPO:$_IMAGE_TAG
+ docker tag $_AZ_REGISTRY/$_REPO:$_IMAGE_TAG bitwarden/$_REPO:$_IMAGE_TAG
+
+ - name: Push image to Docker Hub
+ env:
+ DOCKER_CONTENT_TRUST: 1
+ DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
+ run: docker push bitwarden/$_REPO:$_IMAGE_TAG
+
+ - name: Log out of Docker and disable Docker Notary
+ run: |
+ docker logout
+ echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV