diff --git a/.github/workflows/reusable-cron-check-dependencies.yml b/.github/workflows/reusable-cron-check-dependencies.yml index 6e47354..5df8e7f 100644 --- a/.github/workflows/reusable-cron-check-dependencies.yml +++ b/.github/workflows/reusable-cron-check-dependencies.yml @@ -43,6 +43,7 @@ permissions: contents: read issues: write pull-requests: read + packages: write jobs: dependency-check: diff --git a/README.md b/README.md index f2cb23c..88323c7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,5 @@ # Meta repository for [devops-infra](https://github.com/devops-infra) organization - # Badge swag [ ![GitHub repo](https://img.shields.io/badge/GitHub-devops--infra%2F.github-blueviolet.svg?style=plastic&logo=github) diff --git a/Taskfile.yml b/Taskfile.yml index de2f2eb..d3428d8 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -2,6 +2,9 @@ version: '3' silent: true +dotenv: + - .env + includes: variables: ./Taskfile.variables.yml cicd: diff --git a/templates/actions/taskfiles/Taskfile.docker.yml b/templates/actions/taskfiles/Taskfile.docker.yml index 9b66a81..1407f3b 100644 --- a/templates/actions/taskfiles/Taskfile.docker.yml +++ b/templates/actions/taskfiles/Taskfile.docker.yml @@ -6,10 +6,39 @@ tasks: docker:login: desc: Login to hub.docker.com and ghcr.io cmds: - - echo "Logging into Docker Hub as {{.DOCKER_USERNAME}}" - - echo "${DOCKER_TOKEN}" | docker login -u "{{.DOCKER_USERNAME}}" --password-stdin - - echo "Logging into GHCR as {{.GITHUB_USERNAME}}" - - echo "${GITHUB_TOKEN}" | docker login ghcr.io -u "{{.GITHUB_USERNAME}}" --password-stdin + - | + set -eu + docker_username='{{.DOCKER_USERNAME}}' + github_username='{{.GITHUB_USERNAME}}' + has_dockerhub=false + has_ghcr=false + + if [ -n "$docker_username" ] && [ -n "${DOCKER_TOKEN:-}" ]; then + has_dockerhub=true + fi + + if [ -n "$github_username" ] && [ -n "${GITHUB_TOKEN:-}" ]; then + has_ghcr=true + fi + + if [ "$has_dockerhub" = false ] && [ "$has_ghcr" = false ]; then + echo "❌ No registry credentials provided. Set DOCKER_USERNAME/DOCKER_TOKEN or GITHUB_USERNAME/GITHUB_TOKEN." + exit 1 + fi + + if [ "$has_dockerhub" = true ]; then + echo "Logging into Docker Hub as $docker_username" + printf '%s' "${DOCKER_TOKEN}" | docker login -u "$docker_username" --password-stdin + else + echo "⚠️ Skipping Docker Hub login (missing DOCKER_USERNAME/DOCKER_TOKEN)" + fi + + if [ "$has_ghcr" = true ]; then + echo "Logging into GHCR as $github_username" + printf '%s' "${GITHUB_TOKEN}" | docker login ghcr.io -u "$github_username" --password-stdin + else + echo "⚠️ Skipping GHCR login (missing GITHUB_USERNAME/GITHUB_TOKEN)" + fi docker:cmds: desc: Show full docker build command diff --git a/templates/actions/taskfiles/Taskfile.yml b/templates/actions/taskfiles/Taskfile.yml index 354f1f3..45abad0 100644 --- a/templates/actions/taskfiles/Taskfile.yml +++ b/templates/actions/taskfiles/Taskfile.yml @@ -2,6 +2,9 @@ version: '3' silent: true +dotenv: + - .env + includes: variables: ./Taskfile.variables.yml cicd: diff --git a/templates/dockerized/taskfiles/Taskfile.docker.yml b/templates/dockerized/taskfiles/Taskfile.docker.yml index 9b66a81..1407f3b 100644 --- a/templates/dockerized/taskfiles/Taskfile.docker.yml +++ b/templates/dockerized/taskfiles/Taskfile.docker.yml @@ -6,10 +6,39 @@ tasks: docker:login: desc: Login to hub.docker.com and ghcr.io cmds: - - echo "Logging into Docker Hub as {{.DOCKER_USERNAME}}" - - echo "${DOCKER_TOKEN}" | docker login -u "{{.DOCKER_USERNAME}}" --password-stdin - - echo "Logging into GHCR as {{.GITHUB_USERNAME}}" - - echo "${GITHUB_TOKEN}" | docker login ghcr.io -u "{{.GITHUB_USERNAME}}" --password-stdin + - | + set -eu + docker_username='{{.DOCKER_USERNAME}}' + github_username='{{.GITHUB_USERNAME}}' + has_dockerhub=false + has_ghcr=false + + if [ -n "$docker_username" ] && [ -n "${DOCKER_TOKEN:-}" ]; then + has_dockerhub=true + fi + + if [ -n "$github_username" ] && [ -n "${GITHUB_TOKEN:-}" ]; then + has_ghcr=true + fi + + if [ "$has_dockerhub" = false ] && [ "$has_ghcr" = false ]; then + echo "❌ No registry credentials provided. Set DOCKER_USERNAME/DOCKER_TOKEN or GITHUB_USERNAME/GITHUB_TOKEN." + exit 1 + fi + + if [ "$has_dockerhub" = true ]; then + echo "Logging into Docker Hub as $docker_username" + printf '%s' "${DOCKER_TOKEN}" | docker login -u "$docker_username" --password-stdin + else + echo "⚠️ Skipping Docker Hub login (missing DOCKER_USERNAME/DOCKER_TOKEN)" + fi + + if [ "$has_ghcr" = true ]; then + echo "Logging into GHCR as $github_username" + printf '%s' "${GITHUB_TOKEN}" | docker login ghcr.io -u "$github_username" --password-stdin + else + echo "⚠️ Skipping GHCR login (missing GITHUB_USERNAME/GITHUB_TOKEN)" + fi docker:cmds: desc: Show full docker build command diff --git a/templates/dockerized/taskfiles/Taskfile.yml b/templates/dockerized/taskfiles/Taskfile.yml index 03c95c1..95c7932 100644 --- a/templates/dockerized/taskfiles/Taskfile.yml +++ b/templates/dockerized/taskfiles/Taskfile.yml @@ -2,6 +2,9 @@ version: '3' silent: true +dotenv: + - .env + includes: variables: ./Taskfile.variables.yml scripts: ./Taskfile.scripts.yml diff --git a/templates/other/taskfiles/Taskfile.yml b/templates/other/taskfiles/Taskfile.yml index 6eb2a4c..b2f1774 100644 --- a/templates/other/taskfiles/Taskfile.yml +++ b/templates/other/taskfiles/Taskfile.yml @@ -2,6 +2,9 @@ version: '3' silent: true +dotenv: + - .env + includes: variables: ./Taskfile.variables.yml scripts: ./Taskfile.scripts.yml diff --git a/templates/static/taskfiles/Taskfile.yml b/templates/static/taskfiles/Taskfile.yml index 9d1fd73..70bd1ed 100644 --- a/templates/static/taskfiles/Taskfile.yml +++ b/templates/static/taskfiles/Taskfile.yml @@ -2,6 +2,9 @@ version: '3' silent: true +dotenv: + - .env + includes: variables: ./Taskfile.variables.yml scripts: ./Taskfile.scripts.yml