Add QA latest image tagging to Release workflow (#1898)

2025-05-20 11:04:31 -05:00 · 2022-03-03 14:00:49 -05:00 · 2022-03-03 14:00:49 -05:00 · 5f613ebc44
commit 5f613ebc44
parent 17b22ca5a9
1 changed files with 43 additions and 12 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -161,13 +161,6 @@ jobs:
          echo "GitHub event: $GITHUB_EVENT"
          echo "Github Release Option: $RELEASE_OPTION"

-      - name: Setup DCT
-        id: setup-dct
-        uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff
-        with:
-          azure-creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
-          azure-keyvault-name: "bitwarden-prod-kv"
-
      - name: Checkout repo
        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579

@ -179,10 +172,17 @@ jobs:
          echo "SERVICE_NAME: $SERVICE_NAME"
          echo "::set-output name=service_name::$SERVICE_NAME"

+      ########## DockerHub ##########
+      - name: Setup DCT
+        id: setup-dct
+        uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff
+        with:
+          azure-creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+          azure-keyvault-name: "bitwarden-prod-kv"
+
      - name: Pull latest selfhost image
        env:
          SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
-          RELEASE_OPTION: ${{ github.event.inputs.release_type }}
        run: |
          if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
            docker pull bitwarden/$SERVICE_NAME:latest
@ -193,7 +193,6 @@ jobs:
      - name: Tag version and latest
        env:
          SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
-          RELEASE_OPTION: ${{ github.event.inputs.release_type }}
        run: |
          if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
            docker tag bitwarden/$SERVICE_NAME:latest bitwarden/$SERVICE_NAME:dryrun
@ -202,9 +201,6 @@ jobs:
            docker tag bitwarden/$SERVICE_NAME:$_BRANCH_NAME bitwarden/$SERVICE_NAME:latest
          fi

-      - name: List Docker images
-        run: docker images
-
      - name: Push version and latest image
        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
        env:
@ -215,6 +211,41 @@ jobs:
          docker push bitwarden/$SERVICE_NAME:$_RELEASE_VERSION
          docker push bitwarden/$SERVICE_NAME:latest

+      - name: Log out of Docker and disable Docker Notary
+        run: |
+          docker logout
+          echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV
+
+      ########## ACR ##########
+      - name: Login to Azure - QA Subscription
+        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
+        with:
+          creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
+
+      - name: Login to Azure ACR
+        run: az acr login -n bitwardenqa
+
+      - name: Tag version and latest
+        env:
+          SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
+          REGISTRY: bitwardenqa.azurecr.io
+        run: |
+          if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
+            docker tag bitwarden/$SERVICE_NAME:latest $REGISTRY/$SERVICE_NAME:dryrun
+          else
+            docker tag bitwarden/$SERVICE_NAME:$_BRANCH_NAME $REGISTRY/$SERVICE_NAME:$_RELEASE_VERSION
+            docker tag bitwarden/$SERVICE_NAME:$_BRANCH_NAME $REGISTRY/$SERVICE_NAME:latest
+          fi
+
+      - name: Push version and latest image
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+        env:
+          SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
+          REGISTRY: bitwardenqa.azurecr.io
+        run: |
+          docker push $REGISTRY/$SERVICE_NAME:$_RELEASE_VERSION
+          docker push $REGISTRY/$SERVICE_NAME:latest
+
      - name: Log out of Docker
        run: docker logout