44 types :
55 - labeled
66 workflow_dispatch :
7+ inputs :
8+ is_prod :
9+ description : " Publish docker image in dockerhub?"
10+ type : boolean
11+ default : false
712 workflow_call :
13+ inputs :
14+ is_prod :
15+ description : " Publish docker image in dockerhub?"
16+ type : boolean
17+ default : false
818 outputs :
919 image_id :
1020 description : " ImageId of the docker image"
@@ -114,12 +124,29 @@ jobs:
114124 - name : Build packages
115125 run : sbt Docker/stage
116126
127+ - name : setup vault token
128+ if : inputs.is_prod
129+ run : echo "VAULT_TOKEN=$VAULT_TOKEN" >> $GITHUB_ENV
130+
131+ - name : Import prod secrets
132+ if : inputs.is_prod
133+ id : secrets_prod
134+ 135+ with :
136+ url : https://vault.service.infra.sb:8200
137+ token : ${{ env.VAULT_TOKEN }}
138+ tlsSkipVerify : true
139+ secrets : |
140+ infra/data/ci/dockerhub username | DOCKERHUB_USERNAME;
141+ infra/data/ci/dockerhub token | DOCKERHUB_TOKEN;
142+
117143name : Generate full docker tags
118144 id : meta
119145 uses : docker/metadata-action@v4
120146 with :
121147 images : |
122148 name=${{ vars.SB_GHCR }}/cortex
149+ name=thehiveproject/cortex,enable=${{ inputs.is_prod }}
123150tags : |
124151 type=raw,value=${{ fromJson(steps.image_details.outputs.image_details)['core_version'] }}
125152 type=raw,value=${{ needs.prepare.outputs.image_version }}
@@ -138,6 +165,13 @@ jobs:
138165 username : ${{ github.actor }}
139166 password : ${{ secrets.GITHUB_TOKEN }}
140167
168+ - name : Login to GitHub Container Registry
169+ if : inputs.is_prod
170+ uses : docker/login-action@v3
171+ with :
172+ username : ${{ steps.secrets_prod.outputs.DOCKERHUB_USERNAME }}
173+ password : ${{ steps.secrets_prod.outputs.DOCKERHUB_TOKEN }}
174+
141175 - name : Build and push docker image
142176 uses : docker/build-push-action@v3
143177 id : push
0 commit comments