#!/bin/bashVERSION=8.0.1IMAGE_NAME=opensource/keycloakIMAGE_DIGEST=sha256:9a91f646de4becefbae9bd3e5e0cd8de21bf17a22055ccabff324798c2be68a0IMAGE_ID=09676d6523523e6f37932a604a63d53b3e605459cbecc999b3e95d6770a3ccd6NEXUS_REGISTRY=nexus-docker-secure.levelup-dev.ioNEXUS_TAG=${NEXUS_REGISTRY}/builder-${IMAGE_NAME}:${VERSION}set-e# pull builder image; no GPG/sha checks are necessary because an explicit content hash (i.e. image digest) is usedsudo podman pull docker.io/jboss/keycloak@${IMAGE_DIGEST}# re-tag image for Nexus Registrysudo podman tag ${IMAGE_ID}${NEXUS_TAG}# push newly tagged imagesudo podman push ${NEXUS_TAG}# clean up, including all tags for imagesudo podman rmi --force${IMAGE_ID}# Image digest and ID can be retrieved by doing a `podman inspect` once you have pulled the Docker image by its tag on your local machine