[AC-1117] Add manage permission #1099
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Clean After PR | |
| on: | |
| pull_request: | |
| types: [closed] | |
| jobs: | |
| build-docker: | |
| name: Remove feature branch docker images | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
| ########## ACR ########## | |
| - name: Login to Azure - QA Subscription | |
| uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
| with: | |
| creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} | |
| - name: Login to Azure ACR | |
| run: az acr login -n bitwardenqa | |
| - name: Login to Azure - PROD Subscription | |
| uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
| with: | |
| creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} | |
| - name: Login to Azure ACR | |
| run: az acr login -n bitwardenprod | |
| ########## Remove Docker images ########## | |
| - name: Remove the docker image from ACR | |
| env: | |
| REGISTRIES: | | |
| registries: | |
| - bitwardenprod | |
| - bitwardenqa | |
| SERVICES: | | |
| services: | |
| - Admin | |
| - Api | |
| - Attachments | |
| - Events | |
| - EventsProcessor | |
| - Icons | |
| - Identity | |
| - K8S-Proxy | |
| - MsSql | |
| - Nginx | |
| - Notifications | |
| - Server | |
| - Setup | |
| - Sso | |
| run: | | |
| for SERVICE in $(echo "${{ env.SERVICES }}" | yq e ".services[]" - ) | |
| do | |
| for REGISTRY in $( echo "${{ env.REGISTRIES }}" | yq e ".registries[]" - ) | |
| do | |
| SERVICE_NAME=$(echo $SERVICE | awk '{print tolower($0)}') | |
| IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g") # slash safe branch name | |
| echo "[*] Checking if remote exists: $REGISTRY.azurecr.io/$SERVICE_NAME:$IMAGE_TAG" | |
| TAG_EXISTS=$( | |
| az acr repository show-tags --name $REGISTRY --repository $SERVICE_NAME \ | |
| | jq --arg $TAG "$IMAGE_TAG" -e '. | any(. == "$TAG")' | |
| ) | |
| if [[ "$TAG_EXISTS" == "true" ]]; then | |
| echo "[*] Tag exists. Removing tag" | |
| az acr repository delete --name $REGISTRY --image $SERVICE_NAME:$IMAGE_TAG --yes | |
| else | |
| echo "[*] Tag does not exist. No action needed" | |
| fi | |
| done | |
| done | |
| - name: Log out of Docker | |
| run: docker logout |