AnatomicJC/gitlab-pipeline-pull-n-push-example.sh

## gitlab-pipeline-pull-n-push-example.sh
# Set the configuration file containing the private OpenPGP key and passphrase
cat ${PASSBOLT_CLI_CONFIG} | base64 -d > /root/.config/go-passbolt-cli/go-passbolt-cli.toml

# Login to gitlab CI registry
# CI_REGISTRY_* variables are dynamically set by gitlab
docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}

###
# login to Docker HUB registry / fetch password from passbolt
###

# Define resource name and username as they are named in passbolt
NAME="docker.com token for gitlab"
USERNAME="username@domain.tld"

# Get passbolt resource ID from passbolt resource name and username
ID="$(passbolt list resource - column ID - column Name - column Username \
| grep "${NAME}" | grep "${USERNAME}" | head -n1 | awk '{print $1}')"

# Get passbolt resource password from its ID
PASSWORD=$(passbolt get resource - id ${ID} | grep Password | sed 's/^Password: //g')

# Authenticate to Docker Hub with password retrieved from passbolt
docker login -u ${USERNAME} -p ${PASSWORD} docker.io

# Pull image from Gitlab registry
IMAGE="$(echo ${CI_REGISTRY}/${CI_PROJECT_PATH}/nginx-distroless-unprivileged:${NGINX_VERSION} | tr '[:upper:]' '[:lower:]')"
docker pull ${IMAGE}

# Tag image with docker hub tag
docker tag ${IMAGE} anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}

# Push it
docker push anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}
	# Set the configuration file containing the private OpenPGP key and passphrase
	cat ${PASSBOLT_CLI_CONFIG} \| base64 -d > /root/.config/go-passbolt-cli/go-passbolt-cli.toml

	# Login to gitlab CI registry
	# CI_REGISTRY_* variables are dynamically set by gitlab
	docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}

	###
	# login to Docker HUB registry / fetch password from passbolt
	###

	# Define resource name and username as they are named in passbolt
	NAME="docker.com token for gitlab"
	USERNAME="username@domain.tld"

	# Get passbolt resource ID from passbolt resource name and username
	ID="$(passbolt list resource - column ID - column Name - column Username \
	\| grep "${NAME}" \| grep "${USERNAME}" \| head -n1 \| awk '{print $1}')"

	# Get passbolt resource password from its ID
	PASSWORD=$(passbolt get resource - id ${ID} \| grep Password \| sed 's/^Password: //g')

	# Authenticate to Docker Hub with password retrieved from passbolt
	docker login -u ${USERNAME} -p ${PASSWORD} docker.io

	# Pull image from Gitlab registry
	IMAGE="$(echo ${CI_REGISTRY}/${CI_PROJECT_PATH}/nginx-distroless-unprivileged:${NGINX_VERSION} \| tr '[:upper:]' '[:lower:]')"
	docker pull ${IMAGE}

	# Tag image with docker hub tag
	docker tag ${IMAGE} anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}

	# Push it
	docker push anatomicjc/nginx-distroless-unprivileged:${NGINX_VERSION}