From e7bd31c0090a2eb7f7bc8255db315369974c0d31 Mon Sep 17 00:00:00 2001
From: Matt Bishop <mbishop@bitwarden.com>
Date: Wed, 6 Nov 2024 13:56:12 -0500
Subject: [PATCH] Check for secrets on Docker builds (#4985)

---
 .github/workflows/build.yml | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 17e3e999ec..26a347781d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -115,12 +115,33 @@ jobs:
           path: ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip
           if-no-files-found: error
 
+  check-akv-secrets:
+    name: Check for AKV secrets
+    runs-on: ubuntu-22.04
+    outputs:
+      available: ${{ steps.check-akv-secrets.outputs.available }}
+    permissions:
+      contents: read
+
+    steps:
+      - name: Check
+        id: check-akv-secrets
+        run: |
+          if [ "${{ secrets.AZURE_PROD_KV_CREDENTIALS }}" != '' ]; then
+            echo "available=true" >> $GITHUB_OUTPUT;
+          else
+            echo "available=false" >> $GITHUB_OUTPUT;
+          fi
+
   build-docker:
     name: Build Docker images
     runs-on: ubuntu-22.04
     permissions:
       security-events: write
-    needs: build-artifacts
+    needs:
+      - build-artifacts
+      - check-akv-secrets
+    if: ${{ needs.check-akv-secrets.outputs.available == 'true' }}
     strategy:
       fail-fast: false
       matrix: