[PM-13362] Add private key regeneration endpoint #2640
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Container registry cleanup | |
on: | |
pull_request: | |
types: [closed] | |
env: | |
_AZ_REGISTRY: "bitwardenprod.azurecr.io" | |
jobs: | |
build-docker: | |
name: Remove branch-specific Docker images | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Log in to Azure - production subscription | |
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 | |
with: | |
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} | |
- name: Log in to Azure ACR | |
run: az acr login -n $_AZ_REGISTRY --only-show-errors | |
########## Remove Docker images ########## | |
- name: Remove the Docker image from ACR | |
env: | |
REF: ${{ github.event.pull_request.head.ref }} | |
SERVICES: | | |
services: | |
- Admin | |
- Api | |
- Attachments | |
- Events | |
- EventsProcessor | |
- Icons | |
- Identity | |
- K8S-Proxy | |
- MsSql | |
- Nginx | |
- Notifications | |
- Server | |
- Setup | |
- Sso | |
run: | | |
for SERVICE in $(echo "${{ env.SERVICES }}" | yq e ".services[]" - ) | |
do | |
SERVICE_NAME=$(echo $SERVICE | awk '{print tolower($0)}') | |
IMAGE_TAG=$(echo "${REF}" | sed "s#/#-#g") # slash safe branch name | |
echo "[*] Checking if remote exists: $_AZ_REGISTRY/$SERVICE_NAME:$IMAGE_TAG" | |
TAG_EXISTS=$( | |
az acr repository show-tags --name $_AZ_REGISTRY --repository $SERVICE_NAME \ | |
| jq --arg $TAG "$IMAGE_TAG" -e '. | any(. == "$TAG")' | |
) | |
if [[ "$TAG_EXISTS" == "true" ]]; then | |
echo "[*] Tag exists. Removing tag" | |
az acr repository delete --name $_AZ_REGISTRY --image $SERVICE_NAME:$IMAGE_TAG --yes | |
else | |
echo "[*] Tag does not exist. No action needed" | |
fi | |
done | |
- name: Log out of Docker | |
run: docker logout |