Skip to content

feat: Add SUB to JWT claim Okta #31

feat: Add SUB to JWT claim Okta

feat: Add SUB to JWT claim Okta #31

Workflow file for this run

---
name: docker-mcvs-registry
"on":
push:
tags:
- "*"
paths:
- "registry/**"
pull_request:
paths:
- "registry/**"
permissions:
contents: read
packages: write
env:
DOCKERFILE_CONTEXT: ./registry
IMAGE_MANIFEST_LIST: datadog/agent:7.59.0
IMAGE_MANIFEST_SINGLE: nginx/nginx:1.27.0
REGCTL_VERSION: v0.8.0
REGISTRY_LOCAL: localhost:5000
REGISTRY_REMOTE: public.ecr.aws
REGISTRY_VERSION: 3.0.0-rc.2
jobs:
build-and-publish:
runs-on: ubuntu-22.04
strategy:
matrix:
build-args:
- mcvs-registry
steps:
- name: Checkout repository
uses: actions/[email protected]
- name: Install regctl
uses: regclient/actions/regctl-installer@main
with:
release: ${{ env.REGCTL_VERSION }}
- name: Create registry backup directory
run: mkdir -p ${{ env.DOCKERFILE_CONTEXT }}/backup-registry
- name: Pull images data and prepare context directory
if: startsWith(github.ref, 'refs/tags/')
shell: bash
run: |
#!/bin/bash
docker run -d \
-p 5000:5000 \
--name mcvs-registry-tmp \
registry:${{ env.REGISTRY_VERSION }}
# disable tls for local tmp registry
regctl registry set --tls disabled ${{ env.REGISTRY_LOCAL }}
# import image with manifest list
regctl \
image \
copy --digest-tags \
${{ env.REGISTRY_REMOTE }}/${{ env.IMAGE_MANIFEST_LIST }} \
${{ env.REGISTRY_LOCAL }}/${{ env.IMAGE_MANIFEST_LIST }}
# import image with single manifest
regctl \
image \
copy --digest-tags \
${{ env.REGISTRY_REMOTE }}/${{ env.IMAGE_MANIFEST_SINGLE }} \
${{ env.REGISTRY_LOCAL }}/${{ env.IMAGE_MANIFEST_SINGLE }}
# export images files to backup directory
docker \
cp \
mcvs-registry-tmp:/var/lib/registry \
${{ env.DOCKERFILE_CONTEXT }}/backup-registry
# clean up the registry container
docker rm -f mcvs-registry-tmp
- uses: schubergphilis/[email protected]
with:
build-args: ${{ matrix.build-args }}
context: ${{ env.DOCKERFILE_CONTEXT }}
dockle-accept-key: "curl,HOME,libcrypto3,libssl3,PATH"
images: ghcr.io/${{ github.repository }}/${{ matrix.build-args }}
token: ${{ secrets.GITHUB_TOKEN }}