DEVOPS-499: Push releases also to aquasec reg

aquasecurity · Dec 23, 2024 · 287a632 · 287a632
1 parent a6ecb69
commit 287a632
Showing 1 changed file with 54 additions and 36 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -1,8 +1,8 @@
 name: Release
 on:
   push:
-    tags:
-      - "v*"
+    branches:
+      - lihiz_aqua_reg
 env:
   GH_USER: aqua-bot
   AQUA_DOCKERHUB_REPO: aquasec
@@ -19,48 +19,66 @@ jobs:
       - name: Create bundle
         run: make bundle
 
-      - name: Login to GitHub Packages Container registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ vars.GHCR_USER || env.GH_USER }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+#      - name: Login to GitHub Packages Container registry
+#        uses: docker/login-action@v3
+#        with:
+#          registry: ghcr.io
+#          username: ${{ vars.GHCR_USER || env.GH_USER }}
+#          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Deploy policy bundle to ghcr.io (for backwards compatibility)
-        run: |
-          tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
-          for tag in ${tags[@]}; do
-              echo "Pushing artifact with tag: ${tag}"
-              oras push ghcr.io/${{ github.event.repository.owner.name }}/trivy-policies:${tag} \
-              --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
-              --annotation "org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
-              --annotation "org.opencontainers.image.revision=$GITHUB_SHA" \
-              bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
-          done
+#      - name: Deploy policy bundle to ghcr.io (for backwards compatibility)
+#        run: |
+#          tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
+#          for tag in ${tags[@]}; do
+#              echo "Pushing artifact with tag: ${tag}"
+#              oras push ghcr.io/${{ github.event.repository.owner.name }}/trivy-policies:${tag} \
+#              --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
+#              --annotation "org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
+#              --annotation "org.opencontainers.image.revision=$GITHUB_SHA" \
+#              bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
+#          done
 
-      - name: Deploy checks bundle to ghcr.io
-        run: |
-          tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
-          for tag in ${tags[@]}; do
-              echo "Pushing artifact with tag: ${tag}"
-              oras push ghcr.io/${{ github.repository }}:${tag} \
-              --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
-              bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
-          done
+#      - name: Deploy checks bundle to ghcr.io
+#        run: |
+#          tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
+#          for tag in ${tags[@]}; do
+#              echo "Pushing artifact with tag: ${tag}"
+#              oras push ghcr.io/${{ github.repository }}:${tag} \
+#              --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
+#              bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
+#          done
+
+#      - name: Login to Docker Hub
+#        uses: docker/login-action@v3
+#        with:
+#          username: ${{ secrets.DOCKERHUB_USER }}
+#          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+#      - name: Deploy checks bundle to Docker Hub
+#        run: |
+#          tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
+#          repo="${{ vars.DOCKERHUB_REPOSITORY || env.AQUA_DOCKERHUB_REPO }}/${{ github.event.repository.name }}"
+#          for tag in ${tags[@]}; do
+#              echo "Pushing artifact with tag: ${tag}"
+#               oras push docker.io/${repo}:${tag} \
+#              --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
+#              bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
+#          done
 
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
+      - name: login to Aqua Container Registry
+        uses: azure/docker-login@v2
         with:
-          username: ${{ secrets.DOCKERHUB_USER }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          login-server: ${{ secrets.AQUSEC_ACR_REGISTRY_NAME }}
+          username: ${{ secrets.AQUASEC_ACR_USERNAME }}
+          password: ${{ secrets.AQUASEC_ACR_PASSWORD }}
 
-      - name: Deploy checks bundle to Docker Hub
+      - name: Deploy checks bundle to Aqua Container Registry
         run: |
           tags=(latest ${{ env.RELEASE_VERSION}} ${{env.MINOR_VERSION }} ${{ env.MAJOR_VERSION }})
-          repo="${{ vars.DOCKERHUB_REPOSITORY || env.AQUA_DOCKERHUB_REPO }}/${{ github.event.repository.name }}"
+          repo="${{ secrets.AQUSEC_ACR_REGISTRY_NAME }}/${{ github.event.repository.name }}"
           for tag in ${tags[@]}; do
               echo "Pushing artifact with tag: ${tag}"
-               oras push docker.io/${repo}:${tag} \
+               oras push ${repo}:${tag} \
               --artifact-type application/vnd.cncf.openpolicyagent.config.v1+json \
               bundle.tar.gz:application/vnd.cncf.openpolicyagent.layer.v1.tar+gzip
-          done
+          done