From 46e19dec9f68440fbec3e9f5d2585f80331118b1 Mon Sep 17 00:00:00 2001 From: Opeyemi Date: Thu, 19 Oct 2023 15:40:04 +0100 Subject: [PATCH] [DEVOPS-1566] - add DCT test workflow (#158) * add DCT test workflow * Fix typo * Add suggestion * update the test to only reference mssql utility * UPDATE: project name to repo var --- .github/workflows/DCT-test.yml | 49 ++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/workflows/DCT-test.yml diff --git a/.github/workflows/DCT-test.yml b/.github/workflows/DCT-test.yml new file mode 100644 index 0000000..bb62c2a --- /dev/null +++ b/.github/workflows/DCT-test.yml @@ -0,0 +1,49 @@ +--- +name: Test DCT + +on: + workflow_dispatch: {} + +env: + _AZ_REGISTRY: bitwardenprod.azurecr.io + +jobs: + test-dct: + name: Pull and push images to DH to test DCT + runs-on: ubuntu-22.04 + env: + _REPO: mssqlmigratorutility + _IMAGE_TAG: latest + steps: + + - name: Login to Azure - Prod Subscription + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 + with: + creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} + + - name: Login to Azure ACR + run: az acr login -n ${_AZ_REGISTRY%.azurecr.io} + + ########## DockerHub ########## + - name: Setup DCT + id: setup-dct + uses: bitwarden/gh-actions/setup-docker-trust@082f5e05ed97c3601c6f3179250b1a761c4d647f + with: + azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} + azure-keyvault-name: "bitwarden-ci" + + - name: Pull and tag image from ACR + run: | + docker pull $_AZ_REGISTRY/$_REPO:$_IMAGE_TAG + docker tag $_AZ_REGISTRY/$_REPO:$_IMAGE_TAG bitwarden/$_REPO:$_IMAGE_TAG + + - name: Push image to Docker Hub + env: + DOCKER_CONTENT_TRUST: 1 + DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }} + run: docker push bitwarden/$_REPO:$_IMAGE_TAG + + - name: Log out of Docker and disable Docker Notary + run: | + docker logout + echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV