From 1b478e8f3df42e775844ecaf59981e4772639ae7 Mon Sep 17 00:00:00 2001 From: Amir Zarrinkafsh Date: Sat, 1 Feb 2020 19:10:18 +1100 Subject: [PATCH] [Buildkite] Do not persist Docker secret in builds (#603) --- .buildkite/hooks/post-command | 4 ++++ cmd/authelia-scripts/cmd_docker.go | 5 ----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.buildkite/hooks/post-command b/.buildkite/hooks/post-command index 3a0d4344..85e963d2 100755 --- a/.buildkite/hooks/post-command +++ b/.buildkite/hooks/post-command @@ -10,6 +10,10 @@ if [[ $BUILDKITE_LABEL =~ ":selenium:" ]] || [[ $BUILDKITE_LABEL =~ ":docker: Bu fi fi +if [[ $BUILDKITE_LABEL =~ ":docker: Deploy" ]]; then + docker logout +fi + if [[ $BUILDKITE_BRANCH == "master" ]] || [[ $BUILDKITE_BRANCH =~ ^v.* ]] && [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]]; then echo "--- :docker: Removing tags for deleted branches" diff --git a/cmd/authelia-scripts/cmd_docker.go b/cmd/authelia-scripts/cmd_docker.go index c9033739..7384130d 100644 --- a/cmd/authelia-scripts/cmd_docker.go +++ b/cmd/authelia-scripts/cmd_docker.go @@ -16,7 +16,6 @@ var arch string var supportedArch = []string{"amd64", "arm32v7", "arm64v8"} var defaultArch = "amd64" -var buildkite = os.Getenv("BUILDKITE") var buildkiteQEMU = os.Getenv("BUILDKITE_AGENT_META_DATA_QEMU") var ciBranch = os.Getenv("BUILDKITE_BRANCH") var ciPullRequest = os.Getenv("BUILDKITE_PULL_REQUEST") @@ -145,10 +144,6 @@ func login(docker *Docker) { username := os.Getenv("DOCKER_USERNAME") password := os.Getenv("DOCKER_PASSWORD") - if buildkite == "true" { - return - } - if username == "" { log.Fatal(errors.New("DOCKER_USERNAME is empty")) }