Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update actions to use google-github-actions/auth@v1 and fix input syntax #118

Merged
merged 5 commits into from
Nov 17, 2023
Merged

Update actions to use google-github-actions/auth@v1 and fix input syntax #118

merged 5 commits into from
Nov 17, 2023

Conversation

EddieLF
Copy link
Contributor

@EddieLF EddieLF commented Nov 16, 2023

So it looks like the new version of google-github-actions/setup-gcloud@v1 action no longer uses service_account_key as input. See this failed deploy, under the gcloud setup header.

Warning: Unexpected input(s) 'service_account_key', valid inputs are ['skip_install', 'version', 'project_id', 'install_components']
...
Warning: No authentication found for gcloud, authenticate with `google-github-actions/auth`.

Which is leading to a fail in the deploy config toml step.

ERROR: (gcloud.storage.cp) You do not currently have an active account selected.
Please run:

  $ gcloud auth login

to obtain new credentials.

From the actions repo, it looks like they now require use of the google-github-actions/auth action to first auth with the service_account_key (now called credentials_json) before running the gcloud setup.

Also updates the .github/workflows/deploy_container.yaml to use the @v1 version of the gcloud setup as well.

@jmarshall
Copy link
Contributor

Mea culpa, I should have noticed that when I reviewed #117 as we had already run into the same thing in the metamist repo.

I previously made a similar change to this one to fix the same accident in populationgenomics/metamist#550, but we took the opportunity to move to use a federated identity instead in populationgenomics/metamist#553. Possibly that's something we would want to do in this repo too?

@illusional
Copy link
Collaborator

illusional commented Nov 16, 2023
edited
Loading

Hey @EddieLF, @jmarshall beat me to the suggestion, it's unclear to me at this stage which permissions one needs to do this so I've done it and added a couple of commits to your branch to address this.

(Test run: https://github.com/populationgenomics/images/actions/runs/6896771022/job/18763560951)

@jmarshall
Copy link
Contributor

This quiet change in action parameters is exactly the sort of thing that actionlint should be able to detect. It knows about a bunch of common actions but so far not this one. However I've built a version locally that does, so hopefully we won't make this mistake again! And also proposed adding it upstream — see rhysd/actionlint#380.

illusional
illusional approved these changes Nov 17, 2023
View reviewed changes
Copy link
Collaborator

@illusional illusional left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feels weird approving, but good to get this out

@illusional illusional merged commit 4401073 into main Nov 17, 2023
1 check passed
@illusional illusional deleted the update_actions_with_auth branch November 17, 2023 03:21
@illusional
Copy link
Collaborator

I'm going to revoke the gh-images-deployer credentials, keep an eye out for anything weird.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@illusional illusional illusional approved these changes

@jmarshall jmarshall Awaiting requested review from jmarshall

@MattWellie MattWellie Awaiting requested review from MattWellie

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@EddieLF @jmarshall @illusional