mirror of
https://github.com/serokell/xrefcheck.git
synced 2024-09-11 13:37:36 +03:00
Fix docker image upload (#63)
* Fix docker image upload The previous way of uploading images to dockerhub exposed our password. Prevent this from happening by using a separate script instead of calling skopeo directly. Co-authored-by: Zhenya Vinogradov <zhenyavinogradov@gmail.com>
This commit is contained in:
parent
f8fb8b50ca
commit
aee39ef06e
@ -25,12 +25,12 @@ steps:
|
|||||||
branches: master
|
branches: master
|
||||||
- command:
|
- command:
|
||||||
- nix-build docker
|
- nix-build docker
|
||||||
- nix run -f ci.nix pkgs.skopeo -c skopeo --insecure-policy copy --dest-creds "serokell:${DOCKERHUB_PASSWORD}" "docker-archive:$(readlink result)" "docker://docker.io/serokell/xrefcheck:latest"
|
- nix run -f ci.nix pkgs.skopeo -c ./scripts/upload-docker-image.sh "docker-archive:$(readlink result)" "docker://docker.io/serokell/xrefcheck:latest"
|
||||||
label: Push to dockerhub
|
label: Push to dockerhub
|
||||||
branches: master
|
branches: master
|
||||||
- command:
|
- command:
|
||||||
- nix-build docker
|
- nix-build docker
|
||||||
- nix run -f ci.nix pkgs.skopeo -c skopeo --insecure-policy copy --dest-creds "serokell:${DOCKERHUB_PASSWORD}" "docker-archive:$(readlink result)" "docker://docker.io/serokell/xrefcheck:${BUILDKITE_BRANCH}"
|
- nix run -f ci.nix pkgs.skopeo -c ./scripts/upload-docker-image.sh "docker-archive:$(readlink result)" "docker://docker.io/serokell/xrefcheck:${BUILDKITE_BRANCH}"
|
||||||
label: Push release to dockerhub
|
label: Push release to dockerhub
|
||||||
if: |
|
if: |
|
||||||
build.branch =~ /^v[0-9]+.*/
|
build.branch =~ /^v[0-9]+.*/
|
||||||
|
7
scripts/upload-docker-image.sh
Executable file
7
scripts/upload-docker-image.sh
Executable file
@ -0,0 +1,7 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# SPDX-FileCopyrightText: 2021 Serokell <https://serokell.io>
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: MPL-2.0
|
||||||
|
|
||||||
|
skopeo --insecure-policy copy --dest-creds "serokell:${DOCKERHUB_PASSWORD}" "$1" "$2"
|
Loading…
Reference in New Issue
Block a user