-
Notifications
You must be signed in to change notification settings - Fork 45
/
docker-entrypoint.sh
85 lines (75 loc) · 2.29 KB
/
docker-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/sh
set -e # Exit immediately if anything below exits with non-zero status.
export CI_PIPELINE_RUN=true
if
[ "$UFFIZZI_USER" ] &&
[ "$UFFIZZI_SERVER" ] &&
[ "$UFFIZZI_PASSWORD" ];
then
uffizzi login --username "${UFFIZZI_USER}" --server "${UFFIZZI_SERVER}" --email
if [ "$UFFIZZI_PROJECT" ];
then
uffizzi project set-default "${UFFIZZI_PROJECT}"
fi
else
if [ "$OIDC_TOKEN" ];
then
uffizzi login_by_identity_token --oidc-token "${OIDC_TOKEN}" --access-token "${ACCESS_TOKEN}" --server "${UFFIZZI_SERVER}"
elif
[ "$REQUEST_TOKEN" ] &&
[ "$REQUEST_TOKEN_URL" ];
then
OIDC_TOKEN=$(curl -sLS "${REQUEST_TOKEN_URL}&audience=uffizzi" -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $REQUEST_TOKEN")
uffizzi login_by_identity_token --oidc-token "${OIDC_TOKEN}" --access-token "${ACCESS_TOKEN}" --server "${UFFIZZI_SERVER}"
elif
[ "$ACTIONS_ID_TOKEN_REQUEST_TOKEN" ] &&
[ "$ACTIONS_ID_TOKEN_REQUEST_URL" ];
then
OIDC_TOKEN=$(curl -sLS "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=uffizzi" -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN")
uffizzi login_by_identity_token --oidc-token "${OIDC_TOKEN}" --access-token "${ACCESS_TOKEN}" --server "${UFFIZZI_SERVER}"
else
echo "Specify environment variables to login before executing Uffizzi CLI."
echo "UFFIZZI_USER, UFFIZZI_SERVER, UFFIZZI_PASSWORD, and optionally UFFIZZI_PROJECT"
echo "or"
echo "REQUEST_TOKEN, REQUEST_TOKEN_URL and UFFFIZZI SERVER"
fi
fi
if
[ "$DOCKERHUB_USERNAME" ] &&
[ "$DOCKERHUB_PASSWORD" ];
then
uffizzi connect docker-hub --update-credential-if-exists
fi
if
[ "$DOCKER_REGISTRY_USERNAME" ] &&
[ "$DOCKER_REGISTRY_PASSWORD" ] &&
[ "$DOCKER_REGISTRY_URL" ];
then
uffizzi connect docker-registry --update-credential-if-exists
fi
if
[ "$ACR_USERNAME" ] &&
[ "$ACR_PASSWORD" ] &&
[ "$ACR_REGISTRY_URL" ];
then
uffizzi connect acr --update-credential-if-exists
fi
if
[ "$AWS_ACCESS_KEY_ID" ] &&
[ "$AWS_SECRET_ACCESS_KEY" ] &&
[ "$AWS_REGISTRY_URL" ];
then
uffizzi connect ecr --update-credential-if-exists
fi
if
[ "$GCLOUD_SERVICE_KEY" ];
then
uffizzi connect gcr --update-credential-if-exists
fi
if
[ "$GITHUB_USERNAME" ] &&
[ "$GITHUB_ACCESS_TOKEN" ];
then
uffizzi connect ghcr --update-credential-if-exists
fi
exec uffizzi "$@"