diff --git a/.github/workflows/push-again.yml b/.github/workflows/push-again.yml index 329dc6b90..bd3fcd2fb 100644 --- a/.github/workflows/push-again.yml +++ b/.github/workflows/push-again.yml @@ -16,6 +16,7 @@ jobs: name: Build and push images if: ${{ github.ref == 'refs/heads/main' }} runs-on: ubuntu-latest + environment: publishing steps: - name: Free more space id: free_space @@ -39,12 +40,6 @@ jobs: with: path: 'release' ref: ${{ github.event.inputs.release }} - - - name: Azure CLI login - id: az_login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZ_ACR_CREDS }} - name: Build and push id: build_and_push @@ -54,12 +49,14 @@ jobs: STUB_REGISTRY: ${{ secrets.STUB_REGISTRY }} STUB_REGISTRY_BASE_PATH: ${{ secrets.STUB_REGISTRY_BASE_PATH }} SECONDARY_REGISTRY_BASE_PATH: ${{ secrets.SECONDARY_REGISTRY_BASE_PATH }} + TOKEN_NAME: ${{ secrets.TOKEN_NAME }} + PASSWORD: ${{ secrets.PASSWORD }} run: | set -e # ACR login ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)') - az acr login --name $ACR_REGISTRY_NAME + az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD # Setup build CLI cd "$GITHUB_WORKSPACE/ref" diff --git a/.github/workflows/push-dev.yml b/.github/workflows/push-dev.yml index 80b8c5738..6001c6e3b 100644 --- a/.github/workflows/push-dev.yml +++ b/.github/workflows/push-dev.yml @@ -15,6 +15,7 @@ jobs: page-total: [70] fail-fast: false runs-on: devcontainer-image-builder-ubuntu + environment: publishing steps: - name: Free more space id: free_space @@ -29,12 +30,6 @@ jobs: id: checkout uses: actions/checkout@v3 - - name: Azure CLI login - id: az_login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZ_ACR_CREDS }} - - name: Build and push dev tags id: build_and_push env: @@ -44,12 +39,14 @@ jobs: STUB_REGISTRY: ${{ secrets.STUB_REGISTRY }} STUB_REGISTRY_BASE_PATH: ${{ secrets.STUB_REGISTRY_BASE_PATH }} SECONDARY_REGISTRY_BASE_PATH: ${{ secrets.SECONDARY_REGISTRY_BASE_PATH }} + TOKEN_NAME: ${{ secrets.TOKEN_NAME }} + PASSWORD: ${{ secrets.PASSWORD }} run: | set -e # ACR login ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)') - az acr login --name $ACR_REGISTRY_NAME + az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD # Build and push dev images yarn install diff --git a/.github/workflows/push-manual-dev.yml b/.github/workflows/push-manual-dev.yml index 33736959e..e981e8dcb 100644 --- a/.github/workflows/push-manual-dev.yml +++ b/.github/workflows/push-manual-dev.yml @@ -12,6 +12,7 @@ jobs: name: Build and push images if: ${{ startsWith(github.ref, 'refs/heads/') }} runs-on: devcontainer-image-builder-ubuntu + environment: publishing steps: - name: Free more space id: free_space @@ -35,12 +36,6 @@ jobs: with: path: 'release' ref: ${{ github.event.inputs.release }} - - - name: Azure CLI login - id: az_login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZ_ACR_CREDS }} - name: Build and push id: build_and_push @@ -50,12 +45,14 @@ jobs: STUB_REGISTRY: ${{ secrets.STUB_REGISTRY }} STUB_REGISTRY_BASE_PATH: ${{ secrets.STUB_REGISTRY_BASE_PATH }} SECONDARY_REGISTRY_BASE_PATH: ${{ secrets.SECONDARY_REGISTRY_BASE_PATH }} + TOKEN_NAME: ${{ secrets.TOKEN_NAME }} + PASSWORD: ${{ secrets.PASSWORD }} run: | set -e # ACR login ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)') - az acr login --name $ACR_REGISTRY_NAME + az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD # Setup build CLI cd "$GITHUB_WORKSPACE/ref" diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 747da222d..d8b6cdefe 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -15,6 +15,7 @@ jobs: page-total: [70] fail-fast: false runs-on: devcontainer-image-builder-ubuntu + environment: publishing steps: - name: Free more space id: free_space @@ -33,12 +34,6 @@ jobs: id: get_tag_name run: echo "::set-output name=tag::$(echo "${{ github.ref }}" | grep -oP 'refs/tags/\K(.+)')" - - name: Azure CLI login - id: az_login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZ_ACR_CREDS }} - - name: Build and push id: build_and_push env: @@ -48,12 +43,14 @@ jobs: STUB_REGISTRY: ${{ secrets.STUB_REGISTRY }} STUB_REGISTRY_BASE_PATH: ${{ secrets.STUB_REGISTRY_BASE_PATH }} SECONDARY_REGISTRY_BASE_PATH: ${{ secrets.SECONDARY_REGISTRY_BASE_PATH }} + TOKEN_NAME: ${{ secrets.TOKEN_NAME }} + PASSWORD: ${{ secrets.PASSWORD }} run: | set -e # ACR login ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)') - az acr login --name $ACR_REGISTRY_NAME + az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD # Build and push images yarn install diff --git a/.github/workflows/version-history.yml b/.github/workflows/version-history.yml index f9b3937a1..31c8aaf54 100644 --- a/.github/workflows/version-history.yml +++ b/.github/workflows/version-history.yml @@ -29,7 +29,7 @@ jobs: name: Update version history if: ${{ github.ref == 'refs/heads/main' || github.event.base_ref == 'refs/heads/main' }} runs-on: ubuntu-latest - environment: documentation + environment: publishing permissions: contents: write pull-requests: write @@ -48,12 +48,6 @@ jobs: id: checkout uses: actions/checkout@v3 - - name: Azure CLI login - id: az_login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZ_ACR_CREDS }} - - name: Get image info id: Get_image_info env: @@ -61,12 +55,14 @@ jobs: REGISTRY_BASE_PATH: ${{ secrets.REGISTRY_BASE_PATH }} STUB_REGISTRY: ${{ secrets.STUB_REGISTRY }} STUB_REGISTRY_BASE_PATH: ${{ secrets.STUB_REGISTRY_BASE_PATH }} + TOKEN_NAME: ${{ secrets.TOKEN_NAME }} + PASSWORD: ${{ secrets.PASSWORD }} run: | set -e # ACR login ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)') - az acr login --name $ACR_REGISTRY_NAME + az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD yarn install RELEASE_STRING=$(echo "${{ inputs.release }}" | grep -oP 'refs/(heads|tags)/\K(.+)')