-
Notifications
You must be signed in to change notification settings - Fork 2
53 lines (44 loc) · 1.38 KB
/
production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
name: Production - Build and Push to GCP Artifact Registry
on:
push:
branches:
- master
jobs:
setup-build-publish:
name: Setup, Build, Publish
runs-on: ubuntu-latest
environment: production
permissions:
contents: "read"
id-token: "write"
steps:
- name: "Enable experimental docker"
run: |
sudo bash -c 'echo "{\"experimental\": true}" > /etc/docker/daemon.json'
sudo systemctl restart docker
- name: Checkout
uses: actions/checkout@v3
# Configure Workload Identity Federation and generate an access token.
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/[email protected]"
with:
token_format: "access_token"
workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }}
service_account: ${{ secrets.CODECOV_GCP_WIDSA }}
- name: Docker configuration
run: |-
echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev
# Build the Docker image
- name: Build
env:
ENV: production
run: |-
make build-requirements
make build
# Push the Docker image to Google Artifact Registry
- name: Publish
env:
ENV: production
run: |-
make push