From e830a19d7237c489227e296a36cf91b12d953365 Mon Sep 17 00:00:00 2001 From: Glen Johnson Date: Tue, 29 Nov 2022 13:07:43 -0700 Subject: [PATCH] Update Redhat scanning registry for image certification --- publish-images.sh | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/publish-images.sh b/publish-images.sh index 95118bb0eb..69abfc7ee0 100755 --- a/publish-images.sh +++ b/publish-images.sh @@ -71,7 +71,9 @@ LOCAL_IMAGE="conjur:${LOCAL_TAG}" RH_LOCAL_IMAGE="conjur-ubi:${LOCAL_TAG}" IMAGE_NAME="cyberark/conjur" REDHAT_CERT_PID="5f905d433a93dc782c77a0f9" -REDHAT_IMAGE="scan.connect.redhat.com/ospid-9fb7aea1-0c01-4527-8def-242f3cde7dc6/conjur" +REDHAT_REGISTRY="quay.io" +REDHAT_REMOTE_IMAGE="${REDHAT_REGISTRY}/redhat-isv-containers/${REDHAT_CERT_PID}" +REDHAT_USER="redhat-isv-containers+${REDHAT_CERT_PID}-robot" # Normalize version number in the case of '+' included VERSION="$(echo -n "${VERSION}" | tr "+" "_")" @@ -134,14 +136,14 @@ fi if [[ "${REDHAT}" = true ]]; then echo "Publishing ${VERSION} to RedHat registry..." # Publish only the tag version to the Redhat container registry - if docker login scan.connect.redhat.com -u unused -p "${REDHAT_API_KEY}"; then + if docker login "${REDHAT_REGISTRY}" -u "${REDHAT_USER}" -p "${REDHAT_API_KEY}"; then # push image to red hat - tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}" "${REDHAT_IMAGE}" + tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}" "${REDHAT_REMOTE_IMAGE}" # scan image with preflight tool - scan_redhat_image "${REDHAT_IMAGE}:${VERSION}" "${REDHAT_CERT_PID}" + scan_redhat_image "${REDHAT_REMOTE_IMAGE}:${VERSION}" "${REDHAT_CERT_PID}" else - echo 'Failed to log in to scan.connect.redhat.com' + echo 'Failed to log in to quay.io' exit 1 fi -fi \ No newline at end of file +fi