Skip to content

Instantly share code, notes, and snippets.

@AnatomicJC
Created February 4, 2022 13:17
Show Gist options
  • Save AnatomicJC/f0456d4a0475babe3bbf12900cd22c86 to your computer and use it in GitHub Desktop.
Save AnatomicJC/f0456d4a0475babe3bbf12900cd22c86 to your computer and use it in GitHub Desktop.
go-passbolt-cli gitlab pipeline example
# Set the configuration file containing the private OpenPGP key and passphrase
cat ${PASSBOLT_CLI_CONFIG} | base64 -d > /root/.config/go-passbolt-cli/go-passbolt-cli.toml
# Login to gitlab CI registry
# CI_REGISTRY_* variables are dynamically set by gitlab
docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
###
# login to Docker HUB registry / fetch password from passbolt
###
# Define resource name and username as they are named in passbolt
NAME="docker.com token for gitlab"
USERNAME="username@domain.tld"
# Get passbolt resource ID from passbolt resource name and username
ID="$(passbolt list resource - column ID - column Name - column Username \
| grep "${NAME}" | grep "${USERNAME}" | head -n1 | awk '{print $1}')"
# Get passbolt resource password from its ID
PASSWORD=$(passbolt get resource - id ${ID} | grep Password | sed 's/^Password: //g')
# Authenticate to Docker Hub with password retrieved from passbolt
docker login -u ${USERNAME} -p ${PASSWORD} docker.io
# Pull image from Gitlab registry
IMAGE="$(echo ${CI_REGISTRY}/${CI_PROJECT_PATH}/nginx-distroless-unprivileged:${NGINX_VERSION} | tr '[:upper:]' '[:lower:]')"
docker pull ${IMAGE}
# Tag image with docker hub tag
docker tag ${IMAGE} anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}
# Push it
docker push anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment