docker auth must occur after setting up prod keychain (#795)

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2024-11-10 06:14:16 +00:00 · 2022-02-05 10:23:05 -05:00 · 2022-02-05 10:23:05 -05:00 · e474b2f23c
commit e474b2f23c
parent e7bef5e511
2 changed files with 12 additions and 4 deletions
--- a/.github/scripts/apple-signing/setup-prod.sh
+++ b/.github/scripts/apple-signing/setup-prod.sh
@ -11,6 +11,14 @@ fi
 if [ -z "$APPLE_DEVELOPER_ID_CERT_PASS" ]; then
  exit_with_error "APPLE_DEVELOPER_ID_CERT_PASS not set"
 fi
+
+if [ -z "$DOCKER_USERNAME" ]; then
+  exit_with_error "DOCKER_USERNAME not set"
+fi
+
+if [ -z "$DOCKER_PASSWORD" ]; then
+  exit_with_error "DOCKER_PASSWORD not set"
+fi
 set -u

 # setup_signing
@ -42,4 +50,7 @@ setup_signing() {
  # TODO: extract this from the certificate material itself
  export MAC_SIGNING_IDENTITY="Developer ID Application: ANCHORE, INC. (9MJHKYX5AT)"
  commentary "setting MAC_SIGNING_IDENTITY=${MAC_SIGNING_IDENTITY}"
-}
+
+  commentary "log into docker -- required for publishing (since the default keychain has now been replaced)"
+  echo "${DOCKER_PASSWORD}" | docker login docker.io -u "${DOCKER_USERNAME}"  --password-stdin
+}
--- a/3
+++ b/3
@ -309,9 +309,6 @@ CHANGELOG.md:
 .PHONY: release
 release: clean-dist CHANGELOG.md  ## Build and publish final binaries and packages. Intended to be run only on macOS.
 	$(call title,Publishing release artifacts)
-	# login to docker
-	# note: the previous step creates a new keychain, so it is important to reauth into docker.io
-	@echo $${DOCKER_PASSWORD} | docker login docker.io -u $${DOCKER_USERNAME}  --password-stdin

 	# create a config with the dist dir overridden
 	echo "dist: $(DISTDIR)" > $(TEMPDIR)/goreleaser.yaml