From bc05d27082860e3b0ce0cf1b24f20e1b4e07aeb8 Mon Sep 17 00:00:00 2001
From: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Date: Thu, 3 Mar 2022 14:00:41 -0500
Subject: [PATCH] Add logic for pushing latest image to QA container registry
 (#1515)

---
 .github/workflows/release.yml | 47 ++++++++++++++++++++++++++++++-----
 1 file changed, 41 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0aa4da40ff..a791306ec1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -59,6 +59,7 @@ jobs:
           BRANCH_NAME=$(basename ${{ github.ref }})
           echo "::set-output name=branch_name::$BRANCH_NAME"
 
+
   self-host:
     name: Release self-host docker
     runs-on: ubuntu-20.04
@@ -76,6 +77,10 @@ jobs:
           echo "GitHub event: $GITHUB_EVENT"
           echo "Github Release Option: $_RELEASE_OPTION"
 
+      - name: Checkout repo
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+
+      ########## DockerHub ##########
       - name: Setup DCT
         id: setup-dct
         uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff
@@ -83,9 +88,6 @@ jobs:
           azure-creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
           azure-keyvault-name: "bitwarden-prod-kv"
 
-      - name: Checkout repo
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
       - name: Pull latest selfhost image
         run: |
           if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
@@ -103,9 +105,6 @@ jobs:
             docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:latest
           fi
 
-      - name: List Docker images
-        run: docker images
-
       - name: Push version and latest image
         if: ${{ github.event.inputs.release_type != 'Dry Run' }}
         env:
@@ -115,9 +114,43 @@ jobs:
           docker push bitwarden/web:$_RELEASE_VERSION
           docker push bitwarden/web:latest
 
+      - name: Log out of Docker and disable Docker Notary
+        run: |
+          docker logout
+          echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV
+
+      ########## ACR ##########
+      - name: Login to Azure - QA Subscription
+        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
+        with:
+          creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
+
+      - name: Login to Azure ACR
+        run: az acr login -n bitwardenqa
+
+      - name: Tag version and latest
+        env:
+          REGISTRY: bitwardenqa.azurecr.io
+        run: |
+          if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
+            docker tag bitwarden/web:latest $REGISTRY/web:dryrun
+          else
+            docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:$_RELEASE_VERSION
+            docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:latest
+          fi
+
+      - name: Push version and latest image
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+        env:
+          REGISTRY: bitwardenqa.azurecr.io
+        run: |
+          docker push $REGISTRY/web:$_RELEASE_VERSION
+          docker push $REGISTRY/web:latest
+
       - name: Log out of Docker
         run: docker logout
 
+
   ghpages-deploy:
     name: Deploy Web Vault
     runs-on: ubuntu-20.04
@@ -182,6 +215,7 @@ jobs:
             --base gh-pages \
             --head "$PR_BRANCH"
 
+
   release:
     name: Create GitHub Release
     runs-on: ubuntu-20.04
@@ -217,6 +251,7 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           draft: true
 
+
   dry-run:
     name: Dry Run Cleanup
     runs-on: ubuntu-20.04