Skip to content

Commit

Permalink
feat(jsp): use OIDC/IF to upload
Browse files Browse the repository at this point in the history
- per  https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions
- Won't work yet due to admin snags
- NOTE: temporarily pushes on every commit to this branch

For #46
  • Loading branch information
srl295 committed Dec 8, 2023
1 parent 7631d20 commit 10af16d
Showing 1 changed file with 14 additions and 4 deletions.
18 changes: 14 additions & 4 deletions .github/workflows/push-jsp-on-tag.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ on:
push:
tags:
- '*'
branches:
- 'srl295/issue46' # TESTING!
jobs:
build-and-push-to-gcr:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -58,12 +60,20 @@ jobs:
- name: Get the version
id: get_tag_name
run: echo ::set-output name=GIT_TAG_NAME::${GITHUB_REF/refs\/tags\//}
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/[email protected]'
with:
token_format: 'access_token'
workload_identity_provider: 'projects/goog-unicode-dev/locations/global/workloadIdentityPools/pool1/providers/unicode-dev-provider'
service_account: '[email protected]'
- uses: RafikFarhad/push-to-gcr-github-action@241707854fb71f655ec4e2a98bb16505f218bcc2
with:
gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
registry: us.gcr.io
project_id: dev-infra-273822
gcloud_service_key: ${{ steps.auth.outputs.access_token }}
registry: us-central1-docker.pkg.dev
project_id: goog-unicode-dev
image_name: unicode-jsps
image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME }}
image_tag: srl-test
#image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME }}
dockerfile: ./UnicodeJsps/Dockerfile
context: ./UnicodeJsps/

0 comments on commit 10af16d

Please sign in to comment.