From fedb329ee661d9b50a883313670648049b0db69f Mon Sep 17 00:00:00 2001 From: Russell Cohen Date: Tue, 31 Jan 2023 16:16:48 -0500 Subject: [PATCH] bail --- .github/workflows/ci-pr.yml | 2 +- tools/ci-build/acquire-build-image | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-pr.yml b/.github/workflows/ci-pr.yml index e07674d68d..779554d3bd 100644 --- a/.github/workflows/ci-pr.yml +++ b/.github/workflows/ci-pr.yml @@ -36,7 +36,7 @@ jobs: id: set-token run: | ENCRYPTED_PAYLOAD=$( - gpg --symmetric --batch --passphrase "{{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}" --output - <(echo "not-a-real-token") | base64 -w0 + gpg --symmetric --batch --passphrase "${{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}" --output - <(echo "not-a-real-token") | base64 -w0 ) echo "payload: $ENCRYPTED_PAYLOAD" echo "docker-login-password=$ENCRYPTED_PAYLOAD" >> $GITHUB_OUTPUT diff --git a/tools/ci-build/acquire-build-image b/tools/ci-build/acquire-build-image index a24bf1c7b3..d1209d9adb 100755 --- a/tools/ci-build/acquire-build-image +++ b/tools/ci-build/acquire-build-image @@ -172,11 +172,11 @@ def decrypt_and_login(secret): if token is None: print('no passphrase') return - (code, password, err) = (get_cmd_output(f"gpg --decrypt --batch --quiet --passphrase {token} --output -", check=False, + (code, password, err) = (get_cmd_output(f"gpg --decrypt --batch --quiet --passphrase '{token}' --output -", check=False, input=decoded)) if code != 0: print(err) - return + raise (_, output, _) = get_cmd_output("docker login --username AWS --password-stdin public.ecr.aws", input=password.encode('utf-8')) print(output)