From 907b332c94a6642f8d7a4d84659cc2e938db9a0a Mon Sep 17 00:00:00 2001 From: Govind Kamat Date: Sat, 21 Dec 2024 10:07:45 -0800 Subject: [PATCH] Push image to Docker Hub staging repository on a successful build. Signed-off-by: Govind Kamat --- .github/workflows/docker-build.yml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index da87a35d..519d561c 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -29,11 +29,29 @@ jobs: version: 'v0.9.1' - uses: actions/checkout@v4 + - name: Configure Role to Acquire Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.BENCHMARK_DOCKERHUB_ROLE }} + aws-region: us-east-1 + + - name: Retrieve Password + id: retrieve-password + run: | + DOCKERHUB_PASSWORD=`aws secretsmanager get-secret-value --secret-id jenkins-staging-dockerhub-credential --query SecretString --output text` + echo "::add-mask::$DOCKERHUB_PASSWORD" + echo "dockerhub-password=$DOCKERHUB_PASSWORD" >> $GITHUB_OUTPUT + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.BENCHMARK_DOCKERHUB_USERNAME }} + password: ${{ steps.retrieve-password.outputs.dockerhub-password }} + - name: Docker Build ${{ matrix.platform }} run: | docker buildx version tag=osb/osb-`echo ${{ matrix.platform }} | tr '/' '-'` set -x - docker buildx build --platform ${{ matrix.platform }} --build-arg VERSION=`cat version.txt` --build-arg BUILD_DATE=`date -u +%Y-%m-%dT%H:%M:%SZ` -f docker/Dockerfile -t "$tag" -o type=docker . + docker buildx build --platform ${{ matrix.platform }} --build-arg VERSION=`cat version.txt` --build-arg BUILD_DATE=`date -u +%Y-%m-%dT%H:%M:%SZ` -f docker/Dockerfile -t "$tag" --push . set +x - docker images | grep "$tag"