diff --git a/.drone.yml b/.drone.yml index eb044e125850d..0758476a53aad 100644 --- a/.drone.yml +++ b/.drone.yml @@ -61,6 +61,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -79,13 +80,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -103,6 +114,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -130,6 +143,10 @@ services: volumes: - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -166,6 +183,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -184,13 +202,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -206,6 +234,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -233,6 +263,10 @@ services: volumes: - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -269,6 +303,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -289,13 +324,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -313,6 +358,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -340,6 +387,10 @@ services: volumes: - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -376,6 +427,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -394,13 +446,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -416,6 +478,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -443,6 +507,10 @@ services: volumes: - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -818,13 +886,23 @@ steps: && exit 1)' - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -896,13 +974,17 @@ services: - name: dockersock path: /var/run volumes: -- name: dockersock - temp: {} - name: tmpfs temp: medium: memory - name: awsconfig temp: {} +- name: dockersock + temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -1144,6 +1226,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -1162,13 +1245,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -1184,6 +1277,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -1211,6 +1306,10 @@ services: volumes: - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -1242,6 +1341,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -1260,6 +1360,7 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Delegate build to GitHub image: golang:1.18-alpine + pull: if-not-exists commands: - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - 'go run ./cmd/gh-trigger-workflow -owner ${DRONE_REPO_OWNER} -repo teleport.e @@ -1286,6 +1387,8 @@ steps: when: status: - failure +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- kind: pipeline @@ -1535,6 +1638,7 @@ clone: steps: - name: Check out code image: alpine/git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -1657,6 +1761,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -1680,13 +1785,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -1702,8 +1817,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -1717,6 +1835,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -1741,6 +1860,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -1753,6 +1873,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -1812,6 +1933,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -1845,6 +1970,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -1868,13 +1994,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -1892,8 +2028,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -1904,6 +2043,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -1928,6 +2068,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -1940,6 +2081,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -1999,6 +2141,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -2032,6 +2178,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -2055,13 +2202,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -2079,8 +2236,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -2098,6 +2258,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2122,6 +2283,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -2134,6 +2296,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -2193,6 +2356,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -2226,6 +2393,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -2249,13 +2417,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -2273,8 +2451,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -2283,6 +2464,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2307,6 +2489,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -2319,6 +2502,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -2378,6 +2562,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -2432,13 +2620,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2480,6 +2678,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2527,6 +2726,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: tmpfs @@ -2541,6 +2742,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2565,6 +2767,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -2634,13 +2837,17 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} - name: tmpfs temp: medium: memory +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -2695,13 +2902,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2741,6 +2958,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2789,6 +3007,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: tmpfs @@ -2801,6 +3021,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -2825,6 +3046,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -2894,13 +3116,17 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} - name: tmpfs temp: medium: memory +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -2955,13 +3181,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3003,6 +3239,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3043,6 +3280,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: Copy artifacts @@ -3055,6 +3294,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3079,6 +3319,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -3146,10 +3387,14 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -3204,13 +3449,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3250,6 +3505,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3291,6 +3547,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: Copy artifacts @@ -3301,6 +3559,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3325,6 +3584,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -3392,10 +3652,14 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -3429,6 +3693,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -3452,13 +3717,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -3474,8 +3749,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -3486,6 +3764,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3510,6 +3789,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -3522,6 +3802,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -3581,6 +3862,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -3635,13 +3920,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3683,6 +3978,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3730,6 +4026,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: tmpfs @@ -3744,6 +4042,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3768,6 +4067,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -3837,13 +4137,17 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} - name: tmpfs temp: medium: memory +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -3898,13 +4202,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3946,6 +4260,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -3986,6 +4301,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: Copy artifacts @@ -3998,6 +4315,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -4022,6 +4340,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -4089,10 +4408,14 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -4776,6 +5099,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -4799,13 +5123,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -4821,8 +5155,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts @@ -4833,6 +5170,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -4857,6 +5195,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -4869,6 +5208,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -4928,6 +5268,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -4958,6 +5302,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -4976,6 +5321,7 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Delegate build to GitHub image: golang:1.18-alpine + pull: if-not-exists commands: - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - 'go run ./cmd/gh-trigger-workflow -owner ${DRONE_REPO_OWNER} -repo teleport.e @@ -4985,6 +5331,8 @@ steps: environment: GHA_APP_KEY: from_secret: GITHUB_WORKFLOW_APP_PRIVATE_KEY +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -5288,13 +5636,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5336,6 +5694,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5376,6 +5735,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: Copy artifacts @@ -5388,6 +5749,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5412,6 +5774,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -5479,10 +5842,14 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -5800,13 +6167,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5848,6 +6225,7 @@ steps: path: /root/.aws - name: Assume Build AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5895,6 +6273,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: awsconfig path: /root/.aws - name: tmpfs @@ -5909,6 +6289,7 @@ steps: \; - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -5933,6 +6314,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -6002,13 +6384,17 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} - name: tmpfs temp: medium: memory +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -6042,6 +6428,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -p /go/src/github.com/gravitational/teleport - cd /go/src/github.com/gravitational/teleport @@ -6065,13 +6452,23 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build artifacts image: docker + pull: if-not-exists commands: - apk add --no-cache make - chown -R $UID:$GID /go @@ -6091,8 +6488,11 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Copy artifacts image: docker + pull: if-not-exists commands: - cd /go/src/github.com/gravitational/teleport - find . -maxdepth 1 -iname "teleport*.zip" -print -exec cp {} /go/artifacts \; @@ -6102,6 +6502,7 @@ steps: done && ls -l - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -6126,6 +6527,7 @@ steps: path: /root/.aws - name: Upload to S3 image: amazon/aws-cli + pull: if-not-exists commands: - cd /go/artifacts/ - aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v} @@ -6138,6 +6540,7 @@ steps: path: /root/.aws - name: Register artifacts image: docker + pull: if-not-exists commands: - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") @@ -6197,6 +6600,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- kind: pipeline @@ -6585,13 +6992,23 @@ steps: - git checkout ${DRONE_COMMIT} - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Configure Staging AWS Profile image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -6616,6 +7033,7 @@ steps: path: /root/.aws - name: Configure Production AWS Profile image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -6640,6 +7058,7 @@ steps: path: /root/.aws - name: Build and push buildbox image: docker + pull: if-not-exists commands: - apk add --no-cache make aws-cli - chown -R $UID:$GID /go @@ -6653,12 +7072,15 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build and push buildbox-fips image: docker + pull: if-not-exists commands: - apk add --no-cache make aws-cli - chown -R $UID:$GID /go @@ -6673,12 +7095,15 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build and push buildbox-arm image: docker + pull: if-not-exists commands: - apk add --no-cache make aws-cli - chown -R $UID:$GID /go @@ -6693,12 +7118,15 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build and push buildbox-centos7 image: docker + pull: if-not-exists commands: - apk add --no-cache make aws-cli - chown -R $UID:$GID /go @@ -6713,12 +7141,15 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerconfig + path: /root/.docker - name: Build and push buildbox-centos7-fips image: docker + pull: if-not-exists commands: - apk add --no-cache make aws-cli - chown -R $UID:$GID /go @@ -6733,10 +7164,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerconfig + path: /root/.docker services: - name: Start Docker image: docker:dind @@ -6745,10 +7178,14 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -6777,6 +7214,8 @@ steps: image: alpine:latest commands: - echo "This command, step, and pipeline never runs" +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -6806,11 +7245,13 @@ clone: steps: - name: Verify build is tagged image: alpine:latest + pull: if-not-exists commands: - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' && exit 1)' - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -6820,6 +7261,7 @@ steps: - git checkout -qf "${DRONE_TAG}" - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -6867,6 +7309,7 @@ steps: - Check out code - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -6955,6 +7398,8 @@ volumes: medium: memory - name: awsconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -6983,6 +7428,8 @@ steps: image: alpine:latest commands: - echo "This command, step, and pipeline never runs" +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -7012,11 +7459,13 @@ clone: steps: - name: Verify build is tagged image: alpine:latest + pull: if-not-exists commands: - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' && exit 1)' - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -7026,6 +7475,7 @@ steps: - git checkout -qf "${DRONE_TAG}" - name: Assume Download AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -7073,6 +7523,7 @@ steps: - Check out code - name: Assume Upload AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -7162,6 +7613,8 @@ volumes: medium: memory - name: awsconfig temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- kind: pipeline @@ -7723,6 +8176,7 @@ clone: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -7741,6 +8195,7 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Delegate build to GitHub image: golang:1.18-alpine + pull: if-not-exists commands: - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - 'go run ./cmd/gh-trigger-workflow -owner ${DRONE_REPO_OWNER} -repo teleport.e @@ -7749,6 +8204,8 @@ steps: environment: GHA_APP_KEY: from_secret: GITHUB_WORKFLOW_APP_PRIVATE_KEY +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -8014,19 +8471,30 @@ depends_on: steps: - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Wait for docker registry image: alpine + pull: if-not-exists commands: - apk add curl - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" != "200" ]; do sleep 1; done' - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -8042,6 +8510,7 @@ steps: - echo $(cat "/go/var/full-version") - name: Assume ECR - staging AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -8066,6 +8535,7 @@ steps: path: /root/.aws - name: Assume ECR - authenticated-pull AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -8092,6 +8562,7 @@ steps: - Assume ECR - staging AWS Role - name: Assume S3 Download AWS Role for teleport image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -8182,6 +8653,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v13-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_amd64.deb @@ -8192,6 +8664,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8243,6 +8719,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v13-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm.deb @@ -8253,6 +8730,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8304,6 +8785,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v13-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm64.deb @@ -8314,6 +8796,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8330,6 +8816,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 @@ -8339,6 +8826,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8353,6 +8844,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm @@ -8362,6 +8854,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8377,6 +8873,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 @@ -8386,6 +8883,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8399,6 +8900,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat @@ -8410,6 +8912,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8421,6 +8927,7 @@ steps: - Tag and push image "teleport:v13-arm64" to ECR - staging - name: Assume S3 Download AWS Role for teleport-ent image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -8511,6 +9018,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v13-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -8521,6 +9029,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8572,6 +9084,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v13-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport-ent" --build-arg DEB_PATH=teleport-ent_$(cat @@ -8582,6 +9095,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8633,6 +9150,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v13-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -8643,6 +9161,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8659,6 +9181,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 @@ -8668,6 +9191,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8683,6 +9210,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm @@ -8692,6 +9220,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8707,6 +9239,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 @@ -8716,6 +9249,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8729,6 +9266,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat @@ -8740,6 +9278,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8751,6 +9293,7 @@ steps: - Tag and push image "teleport-ent:v13-arm64" to ECR - staging - name: Assume S3 Download AWS Role for teleport-ent-fips image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -8842,6 +9385,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v13-fips-amd64-builder" --target "teleport-fips" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 --file "/go/build/Dockerfile-teleport-ent-fips" @@ -8853,6 +9397,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8869,6 +9417,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 @@ -8878,6 +9427,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8891,6 +9444,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat @@ -8900,6 +9454,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8920,6 +9478,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v13-amd64-builder" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -8931,6 +9490,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8957,6 +9520,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v13-arm-builder" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -8968,6 +9532,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -8994,6 +9562,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v13-arm64-builder" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -9005,6 +9574,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9026,6 +9599,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 @@ -9035,6 +9609,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9050,6 +9628,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm @@ -9059,6 +9638,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9074,6 +9657,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 @@ -9083,6 +9667,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9096,6 +9684,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat @@ -9107,6 +9696,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9132,6 +9725,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -9164,6 +9761,7 @@ depends_on: steps: - name: Check out code image: docker:git + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -9182,6 +9780,7 @@ steps: from_secret: GITHUB_PRIVATE_KEY - name: Delegate build to GitHub image: golang:1.18-alpine + pull: if-not-exists commands: - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - 'go run ./cmd/gh-trigger-workflow -owner ${DRONE_REPO_OWNER} -repo teleport.e @@ -9190,6 +9789,8 @@ steps: environment: GHA_APP_KEY: from_secret: GITHUB_WORKFLOW_APP_PRIVATE_KEY +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -9221,6 +9822,7 @@ clone: steps: - name: Verify build is tagged image: alpine:latest + pull: if-not-exists commands: - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' && exit 1)' @@ -9242,16 +9844,26 @@ steps: '; echo 'a prerelease' - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease - name: Wait for docker registry image: alpine + pull: if-not-exists commands: - apk add curl - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" @@ -9261,6 +9873,7 @@ steps: - Record if tag ($DRONE_TAG) is prerelease - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -9288,6 +9901,7 @@ steps: - Record if tag ($DRONE_TAG) is prerelease - name: Assume ECR - staging AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -9315,6 +9929,7 @@ steps: - Record if tag ($DRONE_TAG) is prerelease - name: Assume ECR - production AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -9347,6 +9962,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-amd64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9355,6 +9971,10 @@ steps: - docker push drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9375,6 +9995,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-arm - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9383,6 +10004,10 @@ steps: - docker push drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9403,6 +10028,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-arm64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9411,6 +10037,10 @@ steps: - docker push drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9431,6 +10061,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -9443,6 +10074,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9459,6 +10094,7 @@ steps: commands: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -9471,6 +10107,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9488,6 +10128,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -9500,6 +10141,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9519,6 +10164,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -9526,6 +10172,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9547,6 +10197,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -9554,6 +10205,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9571,6 +10226,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/full-version") --amend quay.io/gravitational/teleport:$(cat @@ -9579,6 +10235,10 @@ steps: docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9600,6 +10260,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -9613,6 +10274,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9627,6 +10292,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -9640,6 +10306,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9655,6 +10325,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -9668,6 +10339,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9685,6 +10360,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-arm @@ -9693,6 +10369,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9712,6 +10392,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-arm @@ -9720,6 +10401,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9735,6 +10420,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") --amend @@ -9745,6 +10431,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9760,6 +10450,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9768,6 +10459,10 @@ steps: - docker push drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9788,6 +10483,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9796,6 +10492,10 @@ steps: - docker push drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9816,6 +10516,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -9824,6 +10525,10 @@ steps: - docker push drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -9844,6 +10549,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 @@ -9856,6 +10562,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9873,6 +10583,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -9885,6 +10596,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9902,6 +10617,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 @@ -9914,6 +10630,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9933,6 +10653,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -9940,6 +10661,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9961,6 +10686,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -9968,6 +10694,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -9985,6 +10715,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") --amend @@ -9994,6 +10725,10 @@ steps: "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10015,6 +10750,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -10029,6 +10765,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10044,6 +10784,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -10057,6 +10798,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10072,6 +10817,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -10086,6 +10832,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10103,6 +10853,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -10111,6 +10862,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10130,6 +10885,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -10138,6 +10894,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10153,6 +10913,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") @@ -10163,6 +10924,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10178,6 +10943,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -10187,6 +10953,10 @@ steps: - docker push drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10207,6 +10977,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 @@ -10219,6 +10990,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10238,11 +11013,16 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10262,11 +11042,16 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10282,6 +11067,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips --amend @@ -10289,6 +11075,10 @@ steps: docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10308,6 +11098,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -10322,6 +11113,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10339,12 +11134,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10362,12 +11162,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10381,6 +11186,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips @@ -10389,6 +11195,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10402,6 +11212,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -10411,6 +11222,10 @@ steps: - docker push drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10431,6 +11246,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -10440,6 +11256,10 @@ steps: - docker push drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10460,6 +11280,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" @@ -10469,6 +11290,10 @@ steps: - docker push drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10489,6 +11314,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 @@ -10501,6 +11327,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10518,6 +11348,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm @@ -10530,6 +11361,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10547,6 +11382,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 @@ -10559,6 +11395,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10578,6 +11418,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -10585,6 +11426,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10606,6 +11451,7 @@ steps: ] && echo "skipping" || echo "continuing" - '[ -f /go/vars/release-is-prerelease ] && exit 0' - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -10613,6 +11459,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10630,6 +11480,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") --amend @@ -10639,6 +11490,10 @@ steps: docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -10660,6 +11515,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -10674,6 +11530,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10689,6 +11549,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-operator:$(cat @@ -10703,6 +11564,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10718,6 +11583,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -10732,6 +11598,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10749,6 +11619,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -10757,6 +11628,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10776,6 +11651,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -10784,6 +11660,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10799,6 +11679,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") @@ -10809,6 +11690,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -10834,6 +11719,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -10875,15 +11764,25 @@ steps: "v12" - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker depends_on: - Find the latest available semver for v12 - name: Wait for docker registry image: alpine + pull: if-not-exists commands: - apk add curl - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" @@ -10892,6 +11791,7 @@ steps: - Find the latest available semver for v12 - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -10918,6 +11818,7 @@ steps: - Find the latest available semver for v12 - name: Assume ECR - staging AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -10944,6 +11845,7 @@ steps: - Find the latest available semver for v12 - name: Assume ECR - authenticated-pull AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -10971,6 +11873,7 @@ steps: - Find the latest available semver for v12 - name: Assume ECR - production AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -10998,6 +11901,7 @@ steps: - Find the latest available semver for v12 - name: Assume S3 Download AWS Role for teleport image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -11092,6 +11996,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v12-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_amd64.deb @@ -11102,6 +12007,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11153,6 +12062,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v12-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm.deb @@ -11163,6 +12073,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11214,6 +12128,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v12-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm64.deb @@ -11224,6 +12139,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11240,6 +12159,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -11262,6 +12182,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11276,6 +12200,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -11298,6 +12223,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11313,6 +12242,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -11335,6 +12265,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11348,6 +12282,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -11360,6 +12295,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11375,6 +12314,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -11387,6 +12327,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11402,6 +12346,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -11414,6 +12359,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11429,6 +12378,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -11441,6 +12391,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11457,6 +12411,7 @@ steps: commands: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -11469,6 +12424,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11486,6 +12445,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -11498,6 +12458,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11513,6 +12477,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -11520,6 +12485,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11537,6 +12506,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -11544,6 +12514,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11561,6 +12535,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/full-version") --amend quay.io/gravitational/teleport:$(cat @@ -11569,6 +12544,10 @@ steps: docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -11590,6 +12569,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -11603,6 +12583,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11617,6 +12601,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -11630,6 +12615,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11645,6 +12634,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -11658,6 +12648,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11671,6 +12665,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-arm @@ -11679,6 +12674,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11694,6 +12693,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-arm @@ -11702,6 +12702,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11717,6 +12721,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") --amend @@ -11727,6 +12732,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11738,6 +12747,7 @@ steps: - Tag and push image "teleport:v12-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -11832,6 +12842,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v12-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -11842,6 +12853,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11893,6 +12908,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v12-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport-ent" --build-arg DEB_PATH=teleport-ent_$(cat @@ -11903,6 +12919,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11954,6 +12974,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v12-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -11964,6 +12985,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -11980,6 +13005,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -12002,6 +13028,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12017,6 +13047,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -12039,6 +13070,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12054,6 +13089,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -12076,6 +13112,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12089,6 +13129,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -12101,6 +13142,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12116,6 +13161,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -12128,6 +13174,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12143,6 +13193,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -12155,6 +13206,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12170,6 +13225,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 @@ -12182,6 +13238,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12199,6 +13259,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -12211,6 +13272,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12228,6 +13293,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 @@ -12240,6 +13306,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12255,6 +13325,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -12262,6 +13333,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12279,6 +13354,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -12286,6 +13362,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12303,6 +13383,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") --amend @@ -12312,6 +13393,10 @@ steps: "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12333,6 +13418,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -12347,6 +13433,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12362,6 +13452,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -12375,6 +13466,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12390,6 +13485,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -12404,6 +13500,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12417,6 +13517,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -12425,6 +13526,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12440,6 +13545,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -12448,6 +13554,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12463,6 +13573,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") @@ -12473,6 +13584,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12484,6 +13599,7 @@ steps: - Tag and push image "teleport-ent:v12-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent-fips image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -12579,6 +13695,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v12-fips-amd64-builder" --target "teleport-fips" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 --file "/go/build/Dockerfile-teleport-ent-fips" @@ -12590,6 +13707,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12606,6 +13727,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips-amd64 > /dev/null 2>&1 && echo 'Found @@ -12628,6 +13750,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12641,6 +13767,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -12651,6 +13778,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12664,6 +13795,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -12674,6 +13806,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12687,6 +13823,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -12697,6 +13834,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12710,6 +13851,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 @@ -12722,6 +13864,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12737,11 +13883,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12757,11 +13908,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12777,6 +13933,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips --amend @@ -12784,6 +13941,10 @@ steps: docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -12803,6 +13964,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -12817,6 +13979,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12830,12 +13996,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12849,12 +14020,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12868,6 +14044,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips @@ -12876,6 +14053,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12896,6 +14077,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v12-amd64-builder" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -12907,6 +14089,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12935,6 +14121,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v12-arm-builder" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -12946,6 +14133,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -12974,6 +14165,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v12-arm64-builder" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -12985,6 +14177,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13008,6 +14204,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -13030,6 +14227,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13045,6 +14246,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -13067,6 +14269,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13082,6 +14288,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -13104,6 +14311,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13117,6 +14328,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -13129,6 +14341,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13144,6 +14360,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -13156,6 +14373,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13171,6 +14392,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -13183,6 +14405,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13198,6 +14424,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 @@ -13210,6 +14437,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13227,6 +14458,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm @@ -13239,6 +14471,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13256,6 +14492,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 @@ -13268,6 +14505,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13283,6 +14524,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -13290,6 +14532,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13307,6 +14553,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -13314,6 +14561,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13331,6 +14582,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") --amend @@ -13340,6 +14592,10 @@ steps: docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -13361,6 +14617,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -13375,6 +14632,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13390,6 +14651,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-operator:$(cat @@ -13404,6 +14666,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13419,6 +14685,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -13433,6 +14700,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13446,6 +14717,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -13454,6 +14726,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13469,6 +14745,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -13477,6 +14754,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13492,6 +14773,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") @@ -13502,6 +14784,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13527,6 +14813,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -13568,15 +14858,25 @@ steps: "v11" - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker depends_on: - Find the latest available semver for v11 - name: Wait for docker registry image: alpine + pull: if-not-exists commands: - apk add curl - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" @@ -13585,6 +14885,7 @@ steps: - Find the latest available semver for v11 - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -13611,6 +14912,7 @@ steps: - Find the latest available semver for v11 - name: Assume ECR - staging AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -13637,6 +14939,7 @@ steps: - Find the latest available semver for v11 - name: Assume ECR - authenticated-pull AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -13664,6 +14967,7 @@ steps: - Find the latest available semver for v11 - name: Assume ECR - production AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -13691,6 +14995,7 @@ steps: - Find the latest available semver for v11 - name: Assume S3 Download AWS Role for teleport image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -13785,6 +15090,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v11-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_amd64.deb @@ -13795,6 +15101,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13846,6 +15156,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v11-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm.deb @@ -13856,6 +15167,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13907,6 +15222,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v11-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm64.deb @@ -13917,6 +15233,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13933,6 +15253,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -13955,6 +15276,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -13969,6 +15294,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -13991,6 +15317,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14006,6 +15336,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -14028,6 +15359,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14041,6 +15376,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14053,6 +15389,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14068,6 +15408,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14080,6 +15421,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14095,6 +15440,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14107,6 +15453,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14122,6 +15472,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -14134,6 +15485,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14150,6 +15505,7 @@ steps: commands: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -14162,6 +15518,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14179,6 +15539,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -14191,6 +15552,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14206,6 +15571,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -14213,6 +15579,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14230,6 +15600,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -14237,6 +15608,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14254,6 +15629,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/full-version") --amend quay.io/gravitational/teleport:$(cat @@ -14262,6 +15638,10 @@ steps: docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14283,6 +15663,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -14296,6 +15677,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14310,6 +15695,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -14323,6 +15709,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14338,6 +15728,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -14351,6 +15742,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14364,6 +15759,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-arm @@ -14372,6 +15768,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14387,6 +15787,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-arm @@ -14395,6 +15796,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14410,6 +15815,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") --amend @@ -14420,6 +15826,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14431,6 +15841,7 @@ steps: - Tag and push image "teleport:v11-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -14525,6 +15936,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v11-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -14535,6 +15947,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14586,6 +16002,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v11-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport-ent" --build-arg DEB_PATH=teleport-ent_$(cat @@ -14596,6 +16013,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14647,6 +16068,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v11-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -14657,6 +16079,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14673,6 +16099,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -14695,6 +16122,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14710,6 +16141,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -14732,6 +16164,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14747,6 +16183,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -14769,6 +16206,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14782,6 +16223,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14794,6 +16236,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14809,6 +16255,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14821,6 +16268,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14836,6 +16287,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -14848,6 +16300,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -14863,6 +16319,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 @@ -14875,6 +16332,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14892,6 +16353,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -14904,6 +16366,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14921,6 +16387,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 @@ -14933,6 +16400,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14948,6 +16419,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -14955,6 +16427,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14972,6 +16448,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -14979,6 +16456,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -14996,6 +16477,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") --amend @@ -15005,6 +16487,10 @@ steps: "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15026,6 +16512,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -15040,6 +16527,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15055,6 +16546,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -15068,6 +16560,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15083,6 +16579,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -15097,6 +16594,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15110,6 +16611,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -15118,6 +16620,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15133,6 +16639,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -15141,6 +16648,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15156,6 +16667,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") @@ -15166,6 +16678,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15177,6 +16693,7 @@ steps: - Tag and push image "teleport-ent:v11-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent-fips image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -15272,6 +16789,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v11-fips-amd64-builder" --target "teleport-fips" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 --file "/go/build/Dockerfile-teleport-ent-fips" @@ -15283,6 +16801,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15299,6 +16821,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips-amd64 > /dev/null 2>&1 && echo 'Found @@ -15321,6 +16844,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15334,6 +16861,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -15344,6 +16872,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15357,6 +16889,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -15367,6 +16900,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15380,6 +16917,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -15390,6 +16928,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15403,6 +16945,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 @@ -15415,6 +16958,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15430,11 +16977,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15450,11 +17002,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15470,6 +17027,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips --amend @@ -15477,6 +17035,10 @@ steps: docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15496,6 +17058,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -15510,6 +17073,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15523,12 +17090,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15542,12 +17114,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15561,6 +17138,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips @@ -15569,6 +17147,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15589,6 +17171,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v11-amd64-builder" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -15600,6 +17183,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15628,6 +17215,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v11-arm-builder" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -15639,6 +17227,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15667,6 +17259,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v11-arm64-builder" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -15678,6 +17271,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15701,6 +17298,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -15723,6 +17321,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15738,6 +17340,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -15760,6 +17363,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15775,6 +17382,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -15797,6 +17405,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15810,6 +17422,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -15822,6 +17435,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15837,6 +17454,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -15849,6 +17467,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15864,6 +17486,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -15876,6 +17499,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -15891,6 +17518,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 @@ -15903,6 +17531,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15920,6 +17552,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm @@ -15932,6 +17565,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15949,6 +17586,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 @@ -15961,6 +17599,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -15976,6 +17618,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -15983,6 +17626,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16000,6 +17647,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -16007,6 +17655,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16024,6 +17676,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") --amend @@ -16033,6 +17686,10 @@ steps: docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16054,6 +17711,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -16068,6 +17726,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16083,6 +17745,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-operator:$(cat @@ -16097,6 +17760,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16112,6 +17779,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -16126,6 +17794,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16139,6 +17811,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -16147,6 +17820,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16162,6 +17839,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -16170,6 +17848,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16185,6 +17867,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") @@ -16195,6 +17878,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16220,6 +17907,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -16261,15 +17952,25 @@ steps: "v10" - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker depends_on: - Find the latest available semver for v10 - name: Wait for docker registry image: alpine + pull: if-not-exists commands: - apk add curl - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" @@ -16278,6 +17979,7 @@ steps: - Find the latest available semver for v10 - name: Check out code image: alpine/git:latest + pull: if-not-exists commands: - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" @@ -16304,6 +18006,7 @@ steps: - Find the latest available semver for v10 - name: Assume ECR - staging AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -16330,6 +18033,7 @@ steps: - Find the latest available semver for v10 - name: Assume ECR - authenticated-pull AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -16357,6 +18061,7 @@ steps: - Find the latest available semver for v10 - name: Assume ECR - production AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -16384,6 +18089,7 @@ steps: - Find the latest available semver for v10 - name: Assume S3 Download AWS Role for teleport image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -16478,6 +18184,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v10-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_amd64.deb @@ -16488,6 +18195,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16539,6 +18250,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v10-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm.deb @@ -16549,6 +18261,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16600,6 +18316,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-v10-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport" --build-arg DEB_PATH=teleport_$(cat "/go/var/full-version")_arm64.deb @@ -16610,6 +18327,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16626,6 +18347,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -16648,6 +18370,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16662,6 +18388,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -16684,6 +18411,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16699,6 +18430,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -16721,6 +18453,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16734,6 +18470,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -16746,6 +18483,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16761,6 +18502,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -16773,6 +18515,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16788,6 +18534,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -16800,6 +18547,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -16815,6 +18566,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -16827,6 +18579,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16843,6 +18599,7 @@ steps: commands: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -16855,6 +18612,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16872,6 +18633,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -16884,6 +18646,10 @@ steps: - docker push quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16899,6 +18665,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/major-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -16906,6 +18673,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16923,6 +18694,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport:$(cat "/go/var/minor-version")-arm --amend quay.io/gravitational/teleport:$(cat @@ -16930,6 +18702,10 @@ steps: - docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16947,6 +18723,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport:$(cat "/go/var/full-version") --amend quay.io/gravitational/teleport:$(cat @@ -16955,6 +18732,10 @@ steps: docker manifest push quay.io/gravitational/teleport:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -16976,6 +18757,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-amd64 @@ -16989,6 +18771,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17003,6 +18789,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm @@ -17016,6 +18803,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17031,6 +18822,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version")-arm64 @@ -17044,6 +18836,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17057,6 +18853,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/major-version")-arm @@ -17065,6 +18862,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17080,6 +18881,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport:$(cat "/go/var/minor-version")-arm @@ -17088,6 +18890,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17103,6 +18909,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport:$(cat "/go/var/full-version") --amend @@ -17113,6 +18920,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17124,6 +18935,7 @@ steps: - Tag and push image "teleport:v10-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -17218,6 +19030,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v10-amd64-builder" --target "teleport" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -17228,6 +19041,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17279,6 +19096,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v10-arm-builder" --target "teleport" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm --file "/go/build/Dockerfile-teleport-ent" --build-arg DEB_PATH=teleport-ent_$(cat @@ -17289,6 +19107,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17340,6 +19162,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v10-arm64-builder" --target "teleport" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 --file "/go/build/Dockerfile-teleport-ent" --build-arg @@ -17350,6 +19173,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17366,6 +19193,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -17388,6 +19216,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17403,6 +19235,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -17425,6 +19258,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17440,6 +19277,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -17462,6 +19300,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17475,6 +19317,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -17487,6 +19330,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17502,6 +19349,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -17514,6 +19362,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17529,6 +19381,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -17541,6 +19394,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17556,6 +19413,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 @@ -17568,6 +19426,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17585,6 +19447,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -17597,6 +19460,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17614,6 +19481,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 @@ -17626,6 +19494,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17641,6 +19513,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -17648,6 +19521,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17665,6 +19542,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -17672,6 +19550,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17689,6 +19571,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version") --amend @@ -17698,6 +19581,10 @@ steps: "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -17719,6 +19606,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -17733,6 +19621,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17748,6 +19640,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm @@ -17761,6 +19654,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17776,6 +19673,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -17790,6 +19688,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17803,6 +19705,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-arm @@ -17811,6 +19714,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17826,6 +19733,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-arm @@ -17834,6 +19742,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17849,6 +19761,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version") @@ -17859,6 +19772,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17870,6 +19787,7 @@ steps: - Tag and push image "teleport-ent:v10-arm64" to ECR - production - name: Assume S3 Download AWS Role for teleport-ent-fips image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -17965,6 +19883,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-ent-v10-fips-amd64-builder" --target "teleport-fips" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 --file "/go/build/Dockerfile-teleport-ent-fips" @@ -17976,6 +19895,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -17992,6 +19915,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips-amd64 > /dev/null 2>&1 && echo 'Found @@ -18014,6 +19938,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18027,6 +19955,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/major-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -18037,6 +19966,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18050,6 +19983,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/minor-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -18060,6 +19994,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18073,6 +20011,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat "/go/var/full-version")-$TIMESTAMP-fips > /dev/null 2>&1 && echo 'Found existing @@ -18083,6 +20022,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18096,6 +20039,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 @@ -18108,6 +20052,10 @@ steps: - docker push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18123,11 +20071,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18143,11 +20096,16 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18163,6 +20121,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips --amend @@ -18170,6 +20129,10 @@ steps: docker manifest push quay.io/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18189,6 +20152,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-ent:$(cat "/go/var/full-version")-fips-amd64 public.ecr.aws/gravitational/teleport-ent:$(cat @@ -18203,6 +20167,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18216,12 +20184,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/major-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18235,12 +20208,17 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips --amend public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips-amd64 - docker manifest push public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/minor-version")-fips - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18254,6 +20232,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-ent:$(cat "/go/var/full-version")-fips @@ -18262,6 +20241,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18282,6 +20265,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v10-amd64-builder" --platform "linux/amd64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -18293,6 +20277,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18321,6 +20309,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v10-arm-builder" --platform "linux/arm" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -18332,6 +20321,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18360,6 +20353,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker buildx build --push --builder "teleport-operator-v10-arm64-builder" --platform "linux/arm64" --tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 --file "/go/src/github.com/gravitational/teleport/integrations/operator/Dockerfile" @@ -18371,6 +20365,10 @@ steps: environment: AWS_PROFILE: ecr-authenticated-pull DOCKER_BUILDKIT: "1" + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18394,6 +20392,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-amd64 > /dev/null 2>&1 && echo 'Found existing @@ -18416,6 +20415,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18431,6 +20434,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm > /dev/null 2>&1 && echo 'Found existing @@ -18453,6 +20457,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18468,6 +20476,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP-arm64 > /dev/null 2>&1 && echo 'Found existing @@ -18490,6 +20499,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18503,6 +20516,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/major-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -18515,6 +20529,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18530,6 +20548,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/minor-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -18542,6 +20561,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18557,6 +20580,7 @@ steps: - apk add --no-cache aws-cli - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - docker manifest inspect 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$(cat "/go/var/full-version")-$TIMESTAMP > /dev/null 2>&1 && echo 'Found existing image, @@ -18569,6 +20593,10 @@ steps: - docker logout "146628656107.dkr.ecr.us-west-2.amazonaws.com" environment: AWS_PROFILE: ecr-staging + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18584,6 +20612,7 @@ steps: - docker pull --platform "linux/amd64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 @@ -18596,6 +20625,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18613,6 +20646,7 @@ steps: - docker pull --platform "linux/arm" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm @@ -18625,6 +20659,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18642,6 +20680,7 @@ steps: - docker pull --platform "linux/arm64" drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 @@ -18654,6 +20693,10 @@ steps: - docker push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm64 - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18669,6 +20712,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -18676,6 +20720,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/major-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18693,6 +20741,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -18700,6 +20749,10 @@ steps: - docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/minor-version") - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18717,6 +20770,7 @@ steps: image: docker commands: - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version") --amend @@ -18726,6 +20780,10 @@ steps: docker manifest push quay.io/gravitational/teleport-operator:$(cat "/go/var/full-version")) - docker logout "quay.io" environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME QUAY_PASSWORD: from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD QUAY_USERNAME: @@ -18747,6 +20805,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-amd64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-amd64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -18761,6 +20820,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18776,6 +20839,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm public.ecr.aws/gravitational/teleport-operator:$(cat @@ -18790,6 +20854,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18805,6 +20873,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version")-arm64 > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker tag drone-docker-registry:5000/teleport-operator:$(cat "/go/var/full-version")-arm64 public.ecr.aws/gravitational/teleport-operator:$(cat @@ -18819,6 +20888,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18832,6 +20905,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/major-version")-arm @@ -18840,6 +20914,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18855,6 +20933,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version") --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-amd64 --amend public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/minor-version")-arm @@ -18863,6 +20942,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18878,6 +20961,7 @@ steps: - apk add --no-cache aws-cli - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin - docker manifest inspect public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") > /dev/null 2>&1 && echo 'Found existing image, skipping' || (docker manifest create public.ecr.aws/gravitational/teleport-operator:$(cat "/go/var/full-version") @@ -18888,6 +20972,10 @@ steps: - docker logout "public.ecr.aws" environment: AWS_PROFILE: ecr-production + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: awsconfig path: /root/.aws @@ -18913,6 +21001,10 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- ################################################ @@ -18952,13 +21044,23 @@ steps: && exit 1)' - name: Wait for docker image: docker + pull: if-not-exists commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerconfig + path: /root/.docker - name: Assume AWS Role image: amazon/aws-cli + pull: if-not-exists commands: - aws sts get-caller-identity - |- @@ -19030,15 +21132,19 @@ services: - name: dockersock path: /var/run volumes: -- name: dockersock - temp: {} - name: tmpfs temp: medium: memory - name: awsconfig temp: {} +- name: dockersock + temp: {} +- name: dockerconfig + temp: {} +image_pull_secrets: +- DOCKERHUB_CREDENTIALS --- kind: signature -hmac: 4107c52101a8fbd297c24a1408d6bb96999140c0a3d67cc7fba23abaa447ea38 +hmac: d5d88db9889331c6bff21f5184b3f54bed9eb6dac632c75de0b928879f1af5e3 ... diff --git a/dronegen/aws.go b/dronegen/aws.go index f5c763ce27716..33c925d40ce2f 100644 --- a/dronegen/aws.go +++ b/dronegen/aws.go @@ -93,6 +93,7 @@ func kubernetesAssumeAwsRoleStep(s kubernetesRoleSettings) step { return step{ Name: s.name, Image: "amazon/aws-cli", + Pull: "if-not-exists", Environment: map[string]value{ "AWS_ACCESS_KEY_ID": s.awsAccessKeyID, "AWS_SECRET_ACCESS_KEY": s.awsSecretAccessKey, @@ -125,6 +126,7 @@ func kubernetesUploadToS3Step(s kubernetesS3Settings) step { return step{ Name: "Upload to S3", Image: "amazon/aws-cli", + Pull: "if-not-exists", Environment: map[string]value{ "AWS_S3_BUCKET": {fromSecret: "AWS_S3_BUCKET"}, "AWS_REGION": {raw: s.region}, diff --git a/dronegen/buildbox.go b/dronegen/buildbox.go index 75aa73db5e018..b4a696ca03feb 100644 --- a/dronegen/buildbox.go +++ b/dronegen/buildbox.go @@ -69,7 +69,8 @@ func buildboxPipelineStep(buildboxName string, fips bool) step { return step{ Name: "Build and push " + buildboxName, Image: "docker", - Volumes: []volumeRef{volumeRefDocker, volumeRefAwsConfig}, + Pull: "if-not-exists", + Volumes: []volumeRef{volumeRefAwsConfig, volumeRefDocker, volumeRefDockerConfig}, Commands: []string{ `apk add --no-cache make aws-cli`, `chown -R $UID:$GID /go`, @@ -101,7 +102,7 @@ func buildboxPipeline() pipeline { // only on master for now; add the release branch name when forking a new release series. p.Trigger = pushTriggerForBranch("master", "branch/*") p.Workspace = workspace{Path: "/go/src/github.com/gravitational/teleport"} - p.Volumes = []volume{volumeDocker, volumeAwsConfig} + p.Volumes = []volume{volumeAwsConfig, volumeDocker, volumeDockerConfig} p.Services = []service{ dockerService(), } diff --git a/dronegen/common.go b/dronegen/common.go index 63ac021f026fd..2039052aa63e2 100644 --- a/dronegen/common.go +++ b/dronegen/common.go @@ -86,6 +86,25 @@ var ( Name: "awsconfig", Path: "/root/.aws", } + + // volumeDockerConfig is a temporary volume for storing docker + // credentials for use with the Docker-in-Docker service we use + // to isolate the host machines docker daemon from the one used + // during the build. Mount this any time you use `volumeDocker` + // + // Drone claims to destroy the the temp volumes after a workflow + // has run, so it should be safe to write credentials etc. + volumeDockerConfig = volume{ + Name: "dockerconfig", + Temp: &volumeTemp{}, + } + + // volumeRefDockerConfig is how you reference the docker config + // volume in a workflow step + volumeRefDockerConfig = volumeRef{ + Name: "dockerconfig", + Path: "/root/.docker", + } ) var buildboxVersion value @@ -242,18 +261,6 @@ func dockerRegistryService() service { } } -// dockerVolumes returns a slice of volumes -// It includes the Docker socket volume by default, plus any extra volumes passed in -func dockerVolumes(v ...volume) []volume { - return append(v, volumeDocker) -} - -// dockerVolumeRefs returns a slice of volumeRefs -// It includes the Docker socket volumeRef as a default, plus any extra volumeRefs passed in -func dockerVolumeRefs(v ...volumeRef) []volumeRef { - return append(v, volumeRefDocker) -} - // releaseMakefileTarget gets the correct Makefile target for a given arch/fips/centos combo func releaseMakefileTarget(b buildType) string { makefileTarget := fmt.Sprintf("release-%s", b.arch) @@ -283,10 +290,16 @@ func waitForDockerStep() step { return step{ Name: "Wait for docker", Image: "docker", + Pull: "if-not-exists", Commands: []string{ `timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'`, + `printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin`, + }, + Volumes: []volumeRef{volumeRefDocker, volumeRefDockerConfig}, + Environment: map[string]value{ + "DOCKERHUB_USERNAME": {fromSecret: "DOCKERHUB_USERNAME"}, + "DOCKERHUB_PASSWORD": {fromSecret: "DOCKERHUB_READONLY_TOKEN"}, }, - Volumes: []volumeRef{volumeRefDocker}, } } @@ -295,6 +308,7 @@ func waitForDockerRegistryStep() step { return step{ Name: "Wait for docker registry", Image: "alpine", + Pull: "if-not-exists", Commands: []string{ "apk add curl", fmt.Sprintf(`timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %%{http_code} http://%s/)" != "200" ]; do sleep 1; done'`, LocalRegistrySocket), @@ -306,6 +320,7 @@ func verifyTaggedStep() step { return step{ Name: "Verify build is tagged", Image: "alpine:latest", + Pull: "if-not-exists", Commands: []string{ "[ -n ${DRONE_TAG} ] || (echo 'DRONE_TAG is not set. Is the commit tagged?' && exit 1)", }, @@ -317,6 +332,7 @@ func cloneRepoStep(clonePath, commit string) step { return step{ Name: "Check out code", Image: "alpine/git:latest", + Pull: "if-not-exists", Commands: cloneRepoCommands(clonePath, commit), } } diff --git a/dronegen/container_image_products.go b/dronegen/container_image_products.go index 2da9b4f644806..1863e7345ed3d 100644 --- a/dronegen/container_image_products.go +++ b/dronegen/container_image_products.go @@ -478,7 +478,7 @@ func (p *Product) createBuildStep(arch string, version *ReleaseVersion, publicEc step := step{ Name: p.GetBuildStepName(arch, version), Image: "docker", - Volumes: dockerVolumeRefs(volumeRefAwsConfig), + Volumes: []volumeRef{volumeRefAwsConfig, volumeRefDocker}, // no docker config volume, as this will race Environment: envVars, Commands: commands, DependsOn: getStepNames(publicEcrPullRegistry.SetupSteps), diff --git a/dronegen/container_images_release_version.go b/dronegen/container_images_release_version.go index 4dd0e69b989a1..7e5d74811c283 100644 --- a/dronegen/container_images_release_version.go +++ b/dronegen/container_images_release_version.go @@ -48,7 +48,7 @@ func (rv *ReleaseVersion) buildVersionPipeline(triggerSetupSteps []step, flags * dockerService(), dockerRegistryService(), } - pipeline.Volumes = dockerVolumes(volumeAwsConfig) + pipeline.Volumes = []volume{volumeAwsConfig, volumeDocker, volumeDockerConfig} pipeline.Environment = map[string]value{ "DEBIAN_FRONTEND": { raw: "noninteractive", diff --git a/dronegen/container_images_repos.go b/dronegen/container_images_repos.go index fa46b62fd710e..13d78c6e79fb9 100644 --- a/dronegen/container_images_repos.go +++ b/dronegen/container_images_repos.go @@ -62,6 +62,7 @@ func NewEcrContainerRepo(accessKeyIDSecret, secretAccessKeySecret, roleSecret, d loginCommands := []string{ "apk add --no-cache aws-cli", fmt.Sprintf("aws %s get-login-password --region=%s | docker login -u=\"AWS\" --password-stdin %s", loginSubcommand, ecrRegion, domain), + `printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin`, } if guaranteeUnique { @@ -72,7 +73,9 @@ func NewEcrContainerRepo(accessKeyIDSecret, secretAccessKeySecret, roleSecret, d Name: repoName, IsImmutable: isImmutable, EnvironmentVars: map[string]value{ - "AWS_PROFILE": {raw: profileName}, + "AWS_PROFILE": {raw: profileName}, + "DOCKERHUB_USERNAME": {fromSecret: "DOCKERHUB_USERNAME"}, + "DOCKERHUB_PASSWORD": {fromSecret: "DOCKERHUB_READONLY_TOKEN"}, }, RegistryDomain: domain, RegistryOrg: registryOrg, @@ -112,17 +115,16 @@ func NewQuayContainerRepo(dockerUsername, dockerPassword string) *ContainerRepo Name: "Quay", IsImmutable: false, EnvironmentVars: map[string]value{ - "QUAY_USERNAME": { - fromSecret: dockerUsername, - }, - "QUAY_PASSWORD": { - fromSecret: dockerPassword, - }, + "QUAY_USERNAME": {fromSecret: dockerUsername}, + "QUAY_PASSWORD": {fromSecret: dockerPassword}, + "DOCKERHUB_USERNAME": {fromSecret: "DOCKERHUB_USERNAME"}, + "DOCKERHUB_PASSWORD": {fromSecret: "DOCKERHUB_READONLY_TOKEN"}, }, RegistryDomain: ProductionRegistryQuay, RegistryOrg: registryOrg, LoginCommands: []string{ fmt.Sprintf("docker login -u=\"$QUAY_USERNAME\" -p=\"$QUAY_PASSWORD\" %q", ProductionRegistryQuay), + `printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin`, }, } } @@ -254,7 +256,7 @@ func (cr *ContainerRepo) pullPushStep(image *Image, dependencySteps []string) (s return step{ Name: fmt.Sprintf("Pull %s and push it to %s", image.GetDisplayName(), localRepo.Name), Image: "docker", - Volumes: dockerVolumeRefs(volumeRefAwsConfig), + Volumes: []volumeRef{volumeRefAwsConfig, volumeRefDocker}, // no docker config volume, as this will race Environment: cr.EnvironmentVars, Commands: commands, DependsOn: dependencySteps, @@ -304,7 +306,7 @@ func (cr *ContainerRepo) tagAndPushStep(buildStepDetails *buildStepOutput, image step := step{ Name: fmt.Sprintf("Tag and push image %q to %s", buildStepDetails.BuiltImage.GetDisplayName(), cr.Name), Image: "docker", - Volumes: dockerVolumeRefs(volumeRefAwsConfig), + Volumes: []volumeRef{volumeRefAwsConfig, volumeRefDocker}, // no docker config volume, as this will race Environment: cr.EnvironmentVars, Commands: commands, DependsOn: dependencySteps, @@ -332,7 +334,7 @@ func (cr *ContainerRepo) createAndPushManifestStep(manifestImage *Image, pushSte return step{ Name: fmt.Sprintf("Create manifest and push %q to %s", manifestImage.GetDisplayName(), cr.Name), Image: "docker", - Volumes: dockerVolumeRefs(volumeRefAwsConfig), + Volumes: []volumeRef{volumeRefAwsConfig, volumeRefDocker}, // no docker config volume, as this will race Environment: cr.EnvironmentVars, Commands: cr.buildCommandsWithLogin(commands), DependsOn: pushStepNames, diff --git a/dronegen/gha.go b/dronegen/gha.go index 0cf3c0a1c4faf..9ab3dcbb6b58c 100644 --- a/dronegen/gha.go +++ b/dronegen/gha.go @@ -62,6 +62,7 @@ func ghaBuildPipeline(b ghaBuildType) pipeline { { Name: "Check out code", Image: "docker:git", + Pull: "if-not-exists", Environment: map[string]value{ "GITHUB_PRIVATE_KEY": {fromSecret: "GITHUB_PRIVATE_KEY"}, }, @@ -70,6 +71,7 @@ func ghaBuildPipeline(b ghaBuildType) pipeline { { Name: "Delegate build to GitHub", Image: fmt.Sprintf("golang:%s-alpine", GoVersion), + Pull: "if-not-exists", Environment: map[string]value{ "GHA_APP_KEY": {fromSecret: "GITHUB_WORKFLOW_APP_PRIVATE_KEY"}, }, diff --git a/dronegen/main.go b/dronegen/main.go index 517b80fd518e4..5ce4e6998ad31 100644 --- a/dronegen/main.go +++ b/dronegen/main.go @@ -39,6 +39,22 @@ func main() { pipelines = append(pipelines, buildContainerImagePipelines()...) pipelines = append(pipelines, publishReleasePipeline()) + // Inject the Drone-level dockerhub credentials into all non-exec + // pipelines. Drone will then use the docker credentials file in + // the named secret as its credentials when pulling images from + // dockerhub. + // + // Exec pipelines do not have the `image_pull_secrets` option, as + // their steps are invoked directly on the host runner and not + // into a per-step container. + for pidx := range pipelines { + p := &pipelines[pidx] + if p.Type == "exec" { + continue + } + p.ImagePullSecrets = append(p.ImagePullSecrets, "DOCKERHUB_CREDENTIALS") + } + if err := writePipelines(".drone.yml", pipelines); err != nil { fmt.Println("failed writing drone pipelines:", err) os.Exit(1) diff --git a/dronegen/push.go b/dronegen/push.go index 45419110fa360..1cea3b2ec4182 100644 --- a/dronegen/push.go +++ b/dronegen/push.go @@ -126,7 +126,7 @@ func pushPipeline(b buildType) pipeline { } p.Trigger = triggerPush p.Workspace = workspace{Path: "/go"} - p.Volumes = []volume{volumeDocker} + p.Volumes = []volume{volumeDocker, volumeDockerConfig} p.Services = []service{ dockerService(), } @@ -134,6 +134,7 @@ func pushPipeline(b buildType) pipeline { { Name: "Check out code", Image: "docker:git", + Pull: "if-not-exists", Environment: map[string]value{ "GITHUB_PRIVATE_KEY": {fromSecret: "GITHUB_PRIVATE_KEY"}, }, @@ -143,8 +144,9 @@ func pushPipeline(b buildType) pipeline { { Name: "Build artifacts", Image: "docker", + Pull: "if-not-exists", Environment: pushEnvironment, - Volumes: []volumeRef{volumeRefDocker}, + Volumes: []volumeRef{volumeRefDocker, volumeRefDockerConfig}, Commands: pushBuildCommands(b), }, sendErrorToSlackStep(), diff --git a/dronegen/relcli.go b/dronegen/relcli.go index c119bb7132215..f6f4fc7464568 100644 --- a/dronegen/relcli.go +++ b/dronegen/relcli.go @@ -44,11 +44,7 @@ func relcliPipeline(trigger trigger, name string, stepName string, command strin } p.Services = []service{dockerService(volumeRefTmpfs)} - p.Volumes = []volume{ - volumeDocker, - volumeTmpfs, - volumeAwsConfig, - } + p.Volumes = []volume{volumeTmpfs, volumeAwsConfig, volumeDocker, volumeDockerConfig} return p } @@ -60,10 +56,7 @@ func pullRelcliStep(awsConfigVolumeRef volumeRef) step { Environment: map[string]value{ "AWS_DEFAULT_REGION": {raw: "us-west-2"}, }, - Volumes: []volumeRef{ - volumeRefDocker, - volumeRefAwsConfig, - }, + Volumes: []volumeRef{volumeRefDocker, volumeRefAwsConfig}, Commands: []string{ `apk add --no-cache aws-cli`, `aws ecr get-login-password | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com`, @@ -83,11 +76,7 @@ func executeRelcliStep(name string, command string) step { "RELCLI_CERT": {raw: "/tmpfs/creds/releases.crt"}, "RELCLI_KEY": {raw: "/tmpfs/creds/releases.key"}, }, - Volumes: []volumeRef{ - volumeRefDocker, - volumeRefTmpfs, - volumeRefAwsConfig, - }, + Volumes: []volumeRef{volumeRefDocker, volumeRefTmpfs, volumeRefAwsConfig}, Commands: []string{ `mkdir -p /tmpfs/creds`, `echo "$RELEASES_CERT" | base64 -d > "$RELCLI_CERT"`, diff --git a/dronegen/tag.go b/dronegen/tag.go index f82b505fd5494..1c9a6959f67d6 100644 --- a/dronegen/tag.go +++ b/dronegen/tag.go @@ -274,7 +274,7 @@ func tagPipeline(b buildType) pipeline { p.Trigger = triggerTag p.DependsOn = []string{tagCleanupPipelineName} p.Workspace = workspace{Path: "/go"} - p.Volumes = []volume{volumeAwsConfig, volumeDocker} + p.Volumes = []volume{volumeAwsConfig, volumeDocker, volumeDockerConfig} p.Services = []service{ dockerService(), } @@ -282,6 +282,7 @@ func tagPipeline(b buildType) pipeline { { Name: "Check out code", Image: "docker:git", + Pull: "if-not-exists", Environment: map[string]value{ "GITHUB_PRIVATE_KEY": {fromSecret: "GITHUB_PRIVATE_KEY"}, }, @@ -291,13 +292,15 @@ func tagPipeline(b buildType) pipeline { { Name: "Build artifacts", Image: "docker", + Pull: "if-not-exists", Environment: tagEnvironment, - Volumes: []volumeRef{volumeRefDocker}, + Volumes: []volumeRef{volumeRefDocker, volumeRefDockerConfig}, Commands: tagBuildCommands(b), }, { Name: "Copy artifacts", Image: "docker", + Pull: "if-not-exists", Commands: tagCopyArtifactCommands(b), }, kubernetesAssumeAwsRoleStep(kubernetesRoleSettings{ @@ -317,6 +320,7 @@ func tagPipeline(b buildType) pipeline { { Name: "Register artifacts", Image: "docker", + Pull: "if-not-exists", Commands: tagCreateReleaseAssetCommands(b, "", extraQualifications), Environment: map[string]value{ "RELEASES_CERT": {fromSecret: "RELEASES_CERT"}, @@ -465,12 +469,10 @@ func tagPackagePipeline(packageType string, b buildType) pipeline { environment["OSS_TARBALL_PATH"] = value{raw: "/go/artifacts"} } - packageDockerVolumes := []volume{ - volumeDocker, - volumeAwsConfig, - } + packageDockerVolumes := []volume{volumeAwsConfig, volumeDocker, volumeDockerConfig} packageDockerVolumeRefs := []volumeRef{ volumeRefDocker, + volumeRefDockerConfig, volumeRefAwsConfig, } packageDockerService := dockerService() diff --git a/dronegen/types.go b/dronegen/types.go index 750761768d5c0..ff72da0f00944 100644 --- a/dronegen/types.go +++ b/dronegen/types.go @@ -29,20 +29,21 @@ import ( type pipeline struct { comment string - Kind string `yaml:"kind"` - Type string `yaml:"type"` - Name string `yaml:"name"` - Environment map[string]value `yaml:"environment,omitempty"` - Trigger trigger `yaml:"trigger"` - Workspace workspace `yaml:"workspace,omitempty"` - Platform platform `yaml:"platform,omitempty"` - Node map[string]value `yaml:"node,omitempty"` - Clone clone `yaml:"clone,omitempty"` - DependsOn []string `yaml:"depends_on,omitempty"` - Concurrency concurrency `yaml:"concurrency,omitempty"` - Steps []step `yaml:"steps"` - Services []service `yaml:"services,omitempty"` - Volumes []volume `yaml:"volumes,omitempty"` + Kind string `yaml:"kind"` + Type string `yaml:"type"` + Name string `yaml:"name"` + Environment map[string]value `yaml:"environment,omitempty"` + Trigger trigger `yaml:"trigger"` + Workspace workspace `yaml:"workspace,omitempty"` + Platform platform `yaml:"platform,omitempty"` + Node map[string]value `yaml:"node,omitempty"` + Clone clone `yaml:"clone,omitempty"` + DependsOn []string `yaml:"depends_on,omitempty"` + Concurrency concurrency `yaml:"concurrency,omitempty"` + Steps []step `yaml:"steps"` + Services []service `yaml:"services,omitempty"` + Volumes []volume `yaml:"volumes,omitempty"` + ImagePullSecrets []string `yaml:"image_pull_secrets,omitempty"` } func newKubePipeline(name string) pipeline { @@ -169,6 +170,7 @@ type volumeRef struct { type step struct { Name string `yaml:"name"` Image string `yaml:"image,omitempty"` + Pull string `yaml:"pull,omitempty"` Commands []string `yaml:"commands,omitempty"` Environment map[string]value `yaml:"environment,omitempty"` Volumes []volumeRef `yaml:"volumes,omitempty"`