search

bitwarden / self-host

Bitwarden's self-hosted release repository
GNU General Public License v3.0
332 stars 61 forks source link

[DEVOPS-1566] - add DCT test workflow #158

Closed Eeebru closed 11 months ago

Eeebru commented 1 year ago
bitwarden-bot commented 1 year ago

Logo Checkmarx One – Scan Summary & Detailsacc12f21-3ece-4827-b402-c59a21571858

No New Or Fixed Issues Found

Eeebru commented 1 year ago

What is the purpose of this workflow? Do we need the ability to push any image manually to Docker Hub?

This is only used when we create a new repository on DH to test if the signing is working.

vgrassia commented 12 months ago

To make this more secure, can the workflow have all inputs removed and pinned for mssqlmigratorutility and then move this whole workflow over to the devops repository? I can see this being an issue if someone runs the workflow with the wrong image/tag and deploys a signed image to one of our Docker Hub repositories.

Eeebru commented 12 months ago

To make this more secure, can the workflow have all inputs removed and pinned for mssqlmigratorutility and then move this whole workflow over to the devops repository? I can see this being an issue if someone runs the workflow with the wrong image/tag and deploys a signed image to one of our Docker Hub repositories.

Okay, will update the workflow reference only mssqlmigratorutility, however, Joseph suggested the workflow to be here. We can have the conversation on our Team sync.

Eeebru commented 12 months ago

Hello @vgrassia, at the team sync yesterday, Joseph said he would leave me to make the decision of where this test wf should be. I am of the opinion that self-host is the only place where we are pushing any images to DH, so it makes sense if we leave this workflow in this repo, instead of DevOps repo. It will also be pretty redundant, since it would only be run when we add repos to DH, leaving it in the DevOps repo means we might delete it along the line when it's not being used.