|
1 | 1 | #!/bin/bash |
| 2 | +set -e |
2 | 3 |
|
3 | 4 | output_file=./output.log |
4 | 5 |
|
| 6 | +# ------------------------------------------------------ |
| 7 | +# Multi-registry auth.json creation |
| 8 | +# ------------------------------------------------------ |
| 9 | +# Expected env vars: |
| 10 | +# REGISTRIES="docker.io ghcr.io registry.example.com" |
| 11 | +# USERNAME_<REGISTRY> and PASSWORD_<REGISTRY> |
| 12 | +# Example: USERNAME_DOCKER_IO, PASSWORD_DOCKER_IO |
| 13 | +# USERNAME_GHCR_IO, PASSWORD_GHCR_IO |
| 14 | + |
| 15 | +if [[ -n "$REGISTRIES" ]]; then |
| 16 | + echo "🔑 Creating multi-registry auth.json..." |
| 17 | + mkdir -p /github/home/.config/containers |
| 18 | + auths_entries="" |
| 19 | + |
| 20 | + for reg in $REGISTRIES; do |
| 21 | + # Convert registry to env var friendly form (dots & dashes to underscores, uppercase) |
| 22 | + env_suffix=$(echo "$reg" | tr '.-' '_' | tr '[:lower:]' '[:upper:]') |
| 23 | + |
| 24 | + user_var="USERNAME_${env_suffix}" |
| 25 | + pass_var="PASSWORD_${env_suffix}" |
| 26 | + |
| 27 | + user="${!user_var}" |
| 28 | + pass="${!pass_var}" |
| 29 | + |
| 30 | + if [[ -n "$user" && -n "$pass" ]]; then |
| 31 | + encoded=$(echo -n "${user}:${pass}" | base64 -w0) |
| 32 | + auths_entries+="\"$reg\": {\"auth\": \"$encoded\"}," |
| 33 | + echo "✅ Added credentials for $reg" |
| 34 | + else |
| 35 | + echo "⚠️ Skipping $reg — missing username/password" |
| 36 | + fi |
| 37 | + done |
| 38 | + |
| 39 | + # Remove trailing comma and wrap in JSON |
| 40 | + auths_entries="${auths_entries%,}" |
| 41 | + echo "{\"auths\": {${auths_entries}}}" > /github/home/.config/containers/auth.json |
| 42 | + echo "✅ Auth.json created at /github/home/.config/containers/auth.json" |
| 43 | +else |
| 44 | + echo "⚠️ No REGISTRIES specified, skipping auth.json creation." |
| 45 | +fi |
| 46 | +# ------------------------------------------------------ |
| 47 | + |
| 48 | +# Parse additional params into array |
5 | 49 | eval "arr=(${ADDITIONAL_PARAMS})" |
6 | 50 | /app/bin/cx scan create --project-name "${PROJECT_NAME}" -s "${SOURCE_DIR}" --branch "${BRANCH#refs/heads/}" --scan-info-format json --agent "Github Action" "${arr[@]}" | tee -i $output_file |
7 | 51 | exitCode=${PIPESTATUS[0]} |
|
0 commit comments