Check for secrets on Docker builds (#4985)

2024-11-21 12:05:42 +01:00 · 2024-11-06 13:56:12 -05:00 · 2024-11-06 13:56:12 -05:00 · e7bd31c009
commit e7bd31c009
parent d63e18ec7a
1 changed files with 22 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -115,12 +115,33 @@ jobs:
          path: ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip
          if-no-files-found: error

+  check-akv-secrets:
+    name: Check for AKV secrets
+    runs-on: ubuntu-22.04
+    outputs:
+      available: ${{ steps.check-akv-secrets.outputs.available }}
+    permissions:
+      contents: read
+
+    steps:
+      - name: Check
+        id: check-akv-secrets
+        run: |
+          if [ "${{ secrets.AZURE_PROD_KV_CREDENTIALS }}" != '' ]; then
+            echo "available=true" >> $GITHUB_OUTPUT;
+          else
+            echo "available=false" >> $GITHUB_OUTPUT;
+          fi
+
  build-docker:
    name: Build Docker images
    runs-on: ubuntu-22.04
    permissions:
      security-events: write
-    needs: build-artifacts
+    needs:
+      - build-artifacts
+      - check-akv-secrets
+    if: ${{ needs.check-akv-secrets.outputs.available == 'true' }}
    strategy:
      fail-fast: false
      matrix: