diff --git a/.github/workflows/container-build-push-2nd-gen.yml b/.github/workflows/container-build-push-2nd-gen.yml index aa232c6..ab74338 100644 --- a/.github/workflows/container-build-push-2nd-gen.yml +++ b/.github/workflows/container-build-push-2nd-gen.yml @@ -61,6 +61,10 @@ on: required: false GREENBONE_REGISTRY_TOKEN: required: false + GREENBONE_REGISTRY_REPLICATION_USER: + required: false + GREENBONE_REGISTRY_REPLICATION_TOKEN: + required: false MATTERMOST_WEBHOOK_URL: required: false @@ -254,7 +258,7 @@ jobs: registry-password: ${{ secrets.GREENBONE_REGISTRY_TOKEN }} harbor-replication: - if: github.event_name != 'pull_request' + if: github.event_name != 'pull_request' && secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN needs: create-multi-arch-manifest runs-on: self-hosted-generic steps: @@ -263,7 +267,7 @@ jobs: run: | curl -X POST \ https://${{ vars.GREENBONE_REGISTRY }}/api/v2.0/replication/executions \ - -u '${{ secrets.GREENBONE_REGISTRY_USER }}:${{ secrets.GREENBONE_REGISTRY_TOKEN }}' \ + -u '${{ secrets.GREENBONE_REGISTRY_REPLICATION_USER }}:${{ secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN }}' \ -H "Content-Type: application/json" \ -d '{"policy_id": 1}' diff --git a/.github/workflows/container-build-push-3rd-gen.yml b/.github/workflows/container-build-push-3rd-gen.yml index e0af1e7..d186f4e 100644 --- a/.github/workflows/container-build-push-3rd-gen.yml +++ b/.github/workflows/container-build-push-3rd-gen.yml @@ -71,6 +71,16 @@ on: required: false DOCKERHUB_TOKEN: required: false + GREENBONE_REGISTRY: + required: false + GREENBONE_REGISTRY_USER: + required: false + GREENBONE_REGISTRY_TOKEN: + required: false + GREENBONE_REGISTRY_REPLICATION_USER: + required: false + GREENBONE_REGISTRY_REPLICATION_TOKEN: + required: false outputs: digest: @@ -199,7 +209,7 @@ jobs: registry-password: ${{ secrets.GREENBONE_REGISTRY_TOKEN }} harbor-replication: - if: inputs.service && startsWith(github.ref, 'refs/tags/v') + if: inputs.service && startsWith(github.ref, 'refs/tags/v') && secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN needs: building-container-greenbone runs-on: self-hosted-generic steps: @@ -208,7 +218,7 @@ jobs: run: | curl -X POST \ https://${{ vars.GREENBONE_REGISTRY }}/api/v2.0/replication/executions \ - -u '${{ secrets.GREENBONE_REGISTRY_USER }}:${{ secrets.GREENBONE_REGISTRY_TOKEN }}' \ + -u '${{ secrets.GREENBONE_REGISTRY_REPLICATION_USER }}:${{ secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN }}' \ -H "Content-Type: application/json" \ -d '{"policy_id": 1}' diff --git a/.github/workflows/container-build-push-feed.yml b/.github/workflows/container-build-push-feed.yml index b6bd3ef..735bfd4 100644 --- a/.github/workflows/container-build-push-feed.yml +++ b/.github/workflows/container-build-push-feed.yml @@ -58,6 +58,10 @@ on: required: false GREENBONE_REGISTRY_TOKEN: required: false + GREENBONE_REGISTRY_REPLICATION_USER: + required: false + GREENBONE_REGISTRY_REPLICATION_TOKEN: + required: false MATTERMOST_WEBHOOK_URL: required: false @@ -185,7 +189,7 @@ jobs: registry-password: ${{ secrets.GREENBONE_REGISTRY_TOKEN }} harbor-replication: - if: github.event_name != 'pull_request' + if: github.event_name != 'pull_request' && secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN needs: create-multi-arch-manifest runs-on: self-hosted-generic steps: @@ -194,7 +198,7 @@ jobs: run: | curl -X POST \ https://${{ vars.GREENBONE_REGISTRY }}/api/v2.0/replication/executions \ - -u '${{ secrets.GREENBONE_REGISTRY_USER }}:${{ secrets.GREENBONE_REGISTRY_TOKEN }}' \ + -u '${{ secrets.GREENBONE_REGISTRY_REPLICATION_USER }}:${{ secrets.GREENBONE_REGISTRY_REPLICATION_TOKEN }}' \ -H "Content-Type: application/json" \ -d '{"policy_id": 1}'