From f1342ee3d452282e717f8a437a77bae5400d9d4d Mon Sep 17 00:00:00 2001
From: Trevor Bossert <alanboss@gmail.com>
Date: Sat, 14 Dec 2024 13:04:58 -0800
Subject: [PATCH] Add chainguard image pull workflow

---
 .github/workflows/chainguard.yml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 .github/workflows/chainguard.yml

diff --git a/.github/workflows/chainguard.yml b/.github/workflows/chainguard.yml
new file mode 100644
index 0000000..da9d32c
--- /dev/null
+++ b/.github/workflows/chainguard.yml
@@ -0,0 +1,32 @@
+name: Chainguard Image Updates
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+
+permissions:
+  id-token: write
+
+jobs:
+  pull-image:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: chainguard-dev/setup-chainctl@main
+        with:
+          identity: ${{ secrets.CHAINGUARD_IDENTITY }}
+
+      - name: Login to Azure Container Registry
+        uses: azure/docker-login@v1
+        with:
+          login-server: uticplatform.azurecr.io
+          username: ${{ secrets.PLATFORM_ACR_USERNAME }}
+          password: ${{ secrets.PLATFORM_ACR_PASSWORD }}
+
+      # TODO make this a matrix job
+      - name: Pull and push chainguardpython image
+        run: |
+          docker pull cgr.dev/chainguard/python:latest-3.12
+          docker tag cgr.dev/chainguard/python:latest-3.12 uticplatform.azurecr.io/chainguard/python:latest-3.12
+          docker push uticplatform.azurecr.io/chainguard/python:latest-3.12