You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by po...@apache.org on 2021/08/02 13:43:58 UTC

[airflow] 03/22: Avoid logging in to GitHub Container Registry when not in CI (#17169)

This is an automated email from the ASF dual-hosted git repository.

potiuk pushed a commit to branch v2-1-test
in repository https://gitbox.apache.org/repos/asf/airflow.git

commit c6333db906ad8f08446258b6dc419d91a28998f5
Author: Jarek Potiuk <ja...@potiuk.com>
AuthorDate: Thu Jul 22 22:36:16 2021 +0200

    Avoid logging in to GitHub Container Registry when not in CI (#17169)
    
    * Avoid logging in to GitHub Container Registry when not in CI
    
    When GITHUB_TOKEN was set in environment, attempt to login to
    https://ghcr.io/ was made. But GITHUB_TOKEN is commonly used to
    authenticate and if you happened to not have access there the
    attempt failed.
    
    This PR only attempts to login when the
    `AIRFLOW_LOGIN_TO_GITHUB_REGISTRY` variable is set to `true`
    and sets the variable in CI.
    
    (cherry picked from commit ad83feaaf6100124993ae76709fa23cbfffca1af)
---
 .github/workflows/build-images.yml    | 1 +
 .github/workflows/ci.yml              | 1 +
 scripts/ci/libraries/_build_images.sh | 9 ++++++---
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml
index 433187c..f29e199 100644
--- a/.github/workflows/build-images.yml
+++ b/.github/workflows/build-images.yml
@@ -47,6 +47,7 @@ env:
   GITHUB_REGISTRY_WAIT_FOR_IMAGE: "false"
   INSTALL_PROVIDERS_FROM_SOURCES: "true"
   TARGET_COMMIT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+  AIRFLOW_LOGIN_TO_GITHUB_REGISTRY: "true"
 
 concurrency:
   group: build-${{ github.event.pull_request.number || github.ref }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c95132a..b5f2fd7 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -50,6 +50,7 @@ env:
   GITHUB_REGISTRY_PULL_IMAGE_TAG: "${{ github.event.pull_request.head.sha || github.sha }}"
   GITHUB_REGISTRY_PUSH_IMAGE_TAG: "latest"
   INSTALL_PROVIDERS_FROM_SOURCES: "true"
+  AIRFLOW_LOGIN_TO_GITHUB_REGISTRY: "true"
 
   # You can switch between building the image in "Build Images" workflow or building them in CI workflow
   # Separately for each job.
diff --git a/scripts/ci/libraries/_build_images.sh b/scripts/ci/libraries/_build_images.sh
index ed6af67..94f5c8e 100644
--- a/scripts/ci/libraries/_build_images.sh
+++ b/scripts/ci/libraries/_build_images.sh
@@ -410,12 +410,15 @@ function build_images::get_docker_image_names() {
 # Also enable experimental features of docker (we need `docker manifest` command)
 function build_images::configure_docker_registry() {
     local token="${GITHUB_TOKEN}"
-    if [[ -z "${token}" ]] ; then
+    if [[ -z "${token}" ]]; then
         verbosity::print_info
         verbosity::print_info "Skip logging in to GitHub Registry. No Token available!"
         verbosity::print_info
-    fi
-    if [[ -n "${token}" ]]; then
+    elif [[ ${AIRFLOW_LOGIN_TO_GITHUB_REGISTRY=} != "true" ]]; then
+        verbosity::print_info
+        verbosity::print_info "Skip logging in to GitHub Registry. AIRFLOW_LOGIN_TO_GITHUB_REGISTRY != true"
+        verbosity::print_info
+    elif [[ -n "${token}" ]]; then
         echo "${token}" | docker_v login \
             --username "${GITHUB_USERNAME:-apache}" \
             --password-stdin \