Make publish command work with private repos by adding JWT into curl headers (#13141)

noahkawasaki-airbyte · octavia-squidington-iii · web-flow · commit 7a79216d018f · 2022-05-24T10:55:46.000-07:00
* Make publish command work with private repos by adding in JWT token to headers for curl

Co-authored-by: Octavia Squidington III &lt;octavia-squidington-iii@users.noreply.github.com&gt;
diff --git a/.github/workflows/publish-command.yml b/.github/workflows/publish-command.yml
@@ -155,10 +155,11 @@ jobs:
           SENTRY_PROJECT: airbyte-connectors
       - name: Publish ${{ github.event.inputs.connector }}
         run: |
-          echo "$SPEC_CACHE_SERVICE_ACCOUNT_KEY" > spec_cache_key_file.json && docker login -u airbytebot -p ${DOCKER_PASSWORD}
+          echo "$SPEC_CACHE_SERVICE_ACCOUNT_KEY" > spec_cache_key_file.json && docker login -u ${DOCKER_USERNAME} -p ${DOCKER_PASSWORD}
           ./tools/integrations/manage.sh publish airbyte-integrations/${{ github.event.inputs.connector }} ${{ github.event.inputs.run-tests }} --publish_spec_to_cache
         id: publish
         env:
+          DOCKER_USERNAME: airbytebot
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
           # Oracle expects this variable to be set. Although usually present, this is not set by default on Github virtual runners.
           TZ: UTC
diff --git a/tools/integrations/manage.sh b/tools/integrations/manage.sh
@@ -229,12 +229,16 @@ cmd_publish() {
     docker push "$versioned_image"
     docker push "$latest_image"
   fi
-  
+
   # Checking if the image was successfully registered on DockerHub
   # see the description of this PR to understand why this is needed https://github.com/airbytehq/airbyte/pull/11654/
   sleep 5
+
+  # To work for private repos we need a token as well
+  DOCKER_USERNAME=${DOCKER_USERNAME:-airbytebot}
+  DOCKER_TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token)
   TAG_URL="https://hub.docker.com/v2/repositories/${image_name}/tags/${image_version}"
-  DOCKERHUB_RESPONSE_CODE=$(curl --silent --output /dev/null --write-out "%{http_code}" ${TAG_URL})
+  DOCKERHUB_RESPONSE_CODE=$(curl --silent --output /dev/null --write-out "%{http_code}" -H "Authorization: JWT ${DOCKER_TOKEN}" ${TAG_URL})
   if [[ "${DOCKERHUB_RESPONSE_CODE}" == "404" ]]; then
     echo "Tag ${image_version} was not registered on DockerHub for image ${image_name}, please try to bump the version again." && exit 1
   fi
