Created
February 4, 2022 13:17
-
-
Save AnatomicJC/f0456d4a0475babe3bbf12900cd22c86 to your computer and use it in GitHub Desktop.
go-passbolt-cli gitlab pipeline example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Set the configuration file containing the private OpenPGP key and passphrase | |
cat ${PASSBOLT_CLI_CONFIG} | base64 -d > /root/.config/go-passbolt-cli/go-passbolt-cli.toml | |
# Login to gitlab CI registry | |
# CI_REGISTRY_* variables are dynamically set by gitlab | |
docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY} | |
### | |
# login to Docker HUB registry / fetch password from passbolt | |
### | |
# Define resource name and username as they are named in passbolt | |
NAME="docker.com token for gitlab" | |
USERNAME="username@domain.tld" | |
# Get passbolt resource ID from passbolt resource name and username | |
ID="$(passbolt list resource - column ID - column Name - column Username \ | |
| grep "${NAME}" | grep "${USERNAME}" | head -n1 | awk '{print $1}')" | |
# Get passbolt resource password from its ID | |
PASSWORD=$(passbolt get resource - id ${ID} | grep Password | sed 's/^Password: //g') | |
# Authenticate to Docker Hub with password retrieved from passbolt | |
docker login -u ${USERNAME} -p ${PASSWORD} docker.io | |
# Pull image from Gitlab registry | |
IMAGE="$(echo ${CI_REGISTRY}/${CI_PROJECT_PATH}/nginx-distroless-unprivileged:${NGINX_VERSION} | tr '[:upper:]' '[:lower:]')" | |
docker pull ${IMAGE} | |
# Tag image with docker hub tag | |
docker tag ${IMAGE} anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION} | |
# Push it | |
docker push anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment