From 788f26648d7ef73bd22b5ff6f343ac57fe923544 Mon Sep 17 00:00:00 2001 From: phlax Date: Wed, 4 Sep 2024 14:47:49 +0100 Subject: [PATCH] ci/release: Fix secret handling for Dockerhub publishing (#35967) Signed-off-by: Ryan Northey --- .github/workflows/_publish_build.yml | 5 +++-- .github/workflows/_run.yml | 4 ++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/_publish_build.yml b/.github/workflows/_publish_build.yml index 7e12c2a2280d..efc08f290254 100644 --- a/.github/workflows/_publish_build.yml +++ b/.github/workflows/_publish_build.yml @@ -117,6 +117,9 @@ jobs: permissions: contents: read packages: read + secrets: + dockerhub-username: ${{ secrets.dockerhub-username }} + dockerhub-password: ${{ secrets.dockerhub-password }} name: ${{ matrix.name || matrix.target }} needs: - binary @@ -132,8 +135,6 @@ jobs: source: | export NO_BUILD_SETUP=1 export ENVOY_DOCKER_IN_DOCKER=1 - export DOCKERHUB_USERNAME=${{ secrets.dockerhub-username }} - export DOCKERHUB_PASSWORD=${{ secrets.dockerhub-password }} trusted: ${{ inputs.trusted }} upload-name: docker upload-path: build_images diff --git a/.github/workflows/_run.yml b/.github/workflows/_run.yml index 91667dc2f93d..1d139eba2578 100644 --- a/.github/workflows/_run.yml +++ b/.github/workflows/_run.yml @@ -8,6 +8,8 @@ on: secrets: app-id: app-key: + dockerhub-username: + dockerhub-password: gpg-key: gpg-key-password: rbe-key: @@ -279,6 +281,8 @@ jobs: working-directory: ${{ inputs.working-directory }} env: GITHUB_TOKEN: ${{ inputs.trusted && steps.appauth.outputs.token || github.token }} + DOCKERHUB_USERNAME: ${{ secrets.dockerhub-username }} + DOCKERHUB_PASSWORD: ${{ secrets.dockerhub-password }} ENVOY_DOCKER_BUILD_DIR: ${{ runner.temp }} ENVOY_RBE: ${{ inputs.rbe == true && 1 || '' }} RBE_KEY: ${{ secrets.rbe-key }}