1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00

Check for secrets on Docker builds (#4985)

This commit is contained in:
Matt Bishop 2024-11-06 13:56:12 -05:00 committed by GitHub
parent d63e18ec7a
commit e7bd31c009
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -115,12 +115,33 @@ jobs:
path: ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip path: ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip
if-no-files-found: error if-no-files-found: error
check-akv-secrets:
name: Check for AKV secrets
runs-on: ubuntu-22.04
outputs:
available: ${{ steps.check-akv-secrets.outputs.available }}
permissions:
contents: read
steps:
- name: Check
id: check-akv-secrets
run: |
if [ "${{ secrets.AZURE_PROD_KV_CREDENTIALS }}" != '' ]; then
echo "available=true" >> $GITHUB_OUTPUT;
else
echo "available=false" >> $GITHUB_OUTPUT;
fi
build-docker: build-docker:
name: Build Docker images name: Build Docker images
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
permissions: permissions:
security-events: write security-events: write
needs: build-artifacts needs:
- build-artifacts
- check-akv-secrets
if: ${{ needs.check-akv-secrets.outputs.available == 'true' }}
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix: