From ec2c92e6c958bec88681fdfa9ee0047004fef87f Mon Sep 17 00:00:00 2001 From: songtianlun Date: Wed, 22 Jan 2025 00:47:33 +0800 Subject: [PATCH] chore: update Docker workflow to use secrets - Change hardcoded Docker Hub username to use secrets - Update workflow to securely reference DockerHub credentials This update enhances the security of the GitHub Actions workflow by using secrets instead of exposing sensitive information in the codebase. This ensures that the Docker Hub username is kept private and reduces the risk of accidental exposure. --- .github/workflows/docker.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 7a20736..5abbcd2 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -21,15 +21,15 @@ jobs: VERSION="v${GIT_VERSION}" echo "VERSION=${VERSION}" >> $GITHUB_ENV echo "GIT_VERSION=${GIT_VERSION}" >> $GITHUB_ENV - echo "LATEST_TAG=${{ env.REGISTRY }}/${{ vars.DOCKERHUB_USER }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_OUTPUT" - echo "VERSION_TAG=${{ env.REGISTRY }}/${{ vars.DOCKERHUB_USER }}/${{ env.IMAGE_NAME }}:${VERSION}" >> $GITHUB_OUTPUT" + echo "LATEST_TAG=${{ env.REGISTRY }}/${{ secrets.DOCKERHUB_USER }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_OUTPUT" + echo "VERSION_TAG=${{ env.REGISTRY }}/${{ secrets.DOCKERHUB_USER }}/${{ env.IMAGE_NAME }}:${VERSION}" >> $GITHUB_OUTPUT" - name: Login to ${{ env.REGISTRY }} if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} - username: ${{ vars.DOCKERHUB_USER }} + username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Set up QEMU