Pull Images Verification #261
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pull Images Verification | |
| # This is a simple cron job that runs every day at midnight UTC | |
| # that pulls images from registries to verify they actually exist. | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 0 * * *" | |
| env: | |
| REGISTRY: quay.io | |
| permissions: | |
| contents: read | |
| jobs: | |
| pull-images: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Authenticate against Quay.io | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| # Use a Robot Account to authenticate against Quay.io | |
| # https://docs.quay.io/glossary/robot-accounts.html | |
| username: ${{ secrets.QUAY_ROBOT_USERNAME }} | |
| password: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
| - name: Configure docker config file | |
| run: | | |
| python -c "import os; file = open('/home/runner/pull-secret.txt', 'w'); file.write(os.environ['YOUR_SECRET']); file.close()" | |
| shell: bash | |
| env: | |
| YOUR_SECRET: ${{secrets.REDHAT_PULL_SECRET}} | |
| - name: Pull and check image health | |
| run: | | |
| podman pull --authfile /home/runner/pull-secret.txt registry.redhat.io/openshift4/dpdk-base-rhel8:v4.9 | |
| podman pull --authfile /home/runner/pull-secret.txt registry.connect.redhat.com/cockroachdb/cockroach:v23.1.17 | |
| podman pull --authfile /home/runner/pull-secret.txt registry.access.redhat.com/ubi8/nodejs-12:latest | |
| podman pull --authfile /home/runner/pull-secret.txt quay.io/nginx/nginx-ingress-operator@sha256:38bb2a104462808eb800445db354535151fbe2632931b9c2a56da3a526923605 | |
| podman pull --authfile /home/runner/pull-secret.txt registry.connect.redhat.com/anchore/engine-operator-bundle@sha256:fbbe7e6c1d75c4de2f47e2c825c930568e85f1134545e9d890a0c9f3d9187a4d | |
| podman pull --authfile /home/runner/pull-secret.txt registry.redhat.io/quay/quay-operator-rhel8@sha256:59c6daa886c01039cb96da04ae250e0e9b89c73dbd7ece934cf8bf9e9f529812 |