From 4726edcbe6fc81596a166d0ad15d77b0ca0ffdd3 Mon Sep 17 00:00:00 2001 From: quangkeu95 Date: Sat, 7 Sep 2024 11:47:24 +0700 Subject: [PATCH] chore: Update github workflow --- .github/workflows/docker-build.yml | 18 ++++++++++++++++++ .gitignore | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 16b115e..f147001 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -11,8 +11,11 @@ concurrency: cancel-in-progress: true env: + GCLOUD_WORKLOAD_IDENTITY: "github-action" + GCLOUD_WORKLOAD_IDENTITY_PROVIDER: "github-action-provider" GCLOUD_SERVICE_ACCOUNT: "github-action-sa" GCLOUD_ZONE: "asia-southeast1" + GKE_ZONE: "asia-southeast1-b" GCLOUD_ARTIFACT_REGISTRY: "whale-notification-tg-bot" GCLOUD_IMAGE_NAME: "whale-notification-tg-bot" DOCKER_FILE_PATH: "./Dockerfile" @@ -44,6 +47,21 @@ jobs: uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + # Auth with Gcloud + - id: auth + uses: "google-github-actions/auth@v2" + with: + token_format: access_token + project_id: ${{ secrets.GCLOUD_PROJECT_ID }} + workload_identity_provider: "projects/${{ secrets.GCLOUD_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ env.GCLOUD_WORKLOAD_IDENTITY }}/providers/${{ env.GCLOUD_WORKLOAD_IDENTITY_PROVIDER}}" + service_account: ${{ env.GCLOUD_SERVICE_ACCOUNT }}@${{ secrets.GCLOUD_PROJECT_ID }}.iam.gserviceaccount.com + access_token_lifetime: 300s + - id: "get-gke-credentials" + uses: "google-github-actions/get-gke-credentials@v2" + with: + cluster_name: ${{ secrets.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + project_id: ${{ secrets.GCLOUD_PROJECT_ID }} - name: Build and push uses: docker/build-push-action@v6 with: diff --git a/.gitignore b/.gitignore index 696fd70..9b901af 100644 --- a/.gitignore +++ b/.gitignore @@ -37,7 +37,7 @@ yarn-error.log* # typescript *.tsbuildinfo next-env.d.ts -*.env +*.env* yarn.lock test