diff --git a/.github/workflows/reusable_docker_pipeline.yml b/.github/workflows/reusable_docker_pipeline.yml index 086037f..ff5ad3f 100644 --- a/.github/workflows/reusable_docker_pipeline.yml +++ b/.github/workflows/reusable_docker_pipeline.yml @@ -21,6 +21,10 @@ on: type: string description: "Custom repository name" default: "" + go-private-repos-authentication: + description: 'Enable authentication for private repositories' + type: boolean + default: false jobs: docker_build: @@ -47,6 +51,21 @@ jobs: else echo "IMAGE_NAME=$(echo $GITHUB_REPOSITORY | cut -d '/' -f 2)" >> $GITHUB_ENV fi + + # This block is used to not hard-coded the secrets in Build Docker image + # Secrets are only added when necessary + - name: Generate and mask build secrets + id: set-build-secrets + run: | + SECRETS="" + if [ -n "${{ inputs.go-private-repos-authentication }}" ]; then + SECRETS+='"GO_PRIVATE_TOKEN=${{ secrets.GO_PRIVATE_TOKEN }}"\n' + fi + echo "::add-mask::$SECRETS" + echo "SECRETS<> $GITHUB_OUTPUT + echo -e "$SECRETS" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + shell: bash - name: Build Docker image uses: docker/build-push-action@v6 @@ -55,6 +74,7 @@ jobs: outputs: type=docker,dest=/tmp/${{ env.IMAGE_NAME }}.tar context: ${{ inputs.dockerContext }} file: ${{ inputs.dockerfile }} + secrets: ${{ steps.set-build-secrets.outputs.SECRETS }} - name: Upload Docker image to workspace if: inputs.publish == true diff --git a/.github/workflows/reusable_go_lint_test.yml b/.github/workflows/reusable_go_lint_test.yml index 0929cba..74c17ab 100644 --- a/.github/workflows/reusable_go_lint_test.yml +++ b/.github/workflows/reusable_go_lint_test.yml @@ -45,6 +45,10 @@ on: description: 'Run build' type: boolean default: false + go-private-repos-authentication: + description: 'Enable authentication for private repositories' + type: boolean + default: false jobs: build: @@ -59,6 +63,11 @@ jobs: with: go-version: ${{ inputs.go-version }} + - name: Configure Private Module Access + if: ${{ inputs.go-private-repos-authentication }} + run: | + git config --global url."https://${{ secrets.GO_PRIVATE_TOKEN }}@github.com/".insteadOf "https://github.com/" + - name: Print Go environment run: go env @@ -92,6 +101,11 @@ jobs: with: go-version: ${{ inputs.go-version }} + - name: Configure Private Module Access + if: ${{ inputs.go-private-repos-authentication }} + run: | + git config --global url."https://${{ secrets.GO_PRIVATE_TOKEN }}@github.com/".insteadOf "https://github.com/" + - name: Install Dependencies if: ${{ inputs.install-dependencies-command != '' }} run: ${{ inputs.install-dependencies-command }} @@ -115,6 +129,11 @@ jobs: with: go-version: ${{ inputs.go-version }} + - name: Configure Private Module Access + if: ${{ inputs.go-private-repos-authentication }} + run: | + git config --global url."https://${{ secrets.GO_PRIVATE_TOKEN }}@github.com/".insteadOf "https://github.com/" + - name: Install Dependencies if: ${{ inputs.install-dependencies-command != '' }} run: ${{ inputs.install-dependencies-command }} @@ -142,6 +161,11 @@ jobs: with: go-version: ${{ inputs.go-version }} + - name: Configure Private Module Access + if: ${{ inputs.go-private-repos-authentication }} + run: | + git config --global url."https://${{ secrets.GO_PRIVATE_TOKEN }}@github.com/".insteadOf "https://github.com/" + - name: Install Dependencies if: ${{ inputs.install-dependencies-command != '' }} run: ${{ inputs.install-dependencies-command }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 3cc5394..d647871 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## 0.4.0 + +- reusable_go_lint_test: Add go-private-repos input, allowing access to private repositories + ## 0.3.2 - reusable_go_lint_test: Allow build job to be optional