Skip to content
Build Pipeline (Docker)

fix(monitor): out of range panics (#375) #198

Sign in to view logs

fix(monitor): out of range panics (#375)

fix(monitor): out of range panics (#375) #198

Workflow file for this run

.github/workflows/build-docker.yml at 9ab6f2a
name: "Build Pipeline (Docker)"
on:
push:
branches: [main]
env:
IMAGE_NAME: "${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.PROJECT_ID }}/${{ secrets.DOCKER_REPOSITORY }}/polygon-cli"
ATTESTOR_PROJECT_ID: ${{ vars.PROJECT_ID }}
KEY_RING: "jesse-artifacts-ring"
KEY: "jesse-artifacts-binary-auth-key"
ATTESTOR: "jesse-artifacts-attestor"
jobs:
build-pipeline-docker:
name: Build, push, scan, and sign Docker image
permissions:
contents: "write"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Google Auth
id: auth
uses: google-github-actions/auth@v2
with:
token_format: "access_token"
workload_identity_provider: "${{ secrets.WIF_PROVIDER }}" # this was hard to find: WIP --> Expand pool --> Click pencil icon"
service_account: "${{ secrets.WIF_SERVICE_ACCOUNT }}"
- name: Docker Auth
id: docker-auth
uses: docker/login-action@v3
with:
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
registry: "${{ vars.GAR_LOCATION }}-docker.pkg.dev"
- name: Build and Push Docker Image to GCP Artifact Registry
run: |-
docker build -t "${{ env.IMAGE_NAME }}:${{ github.sha }}" .
docker push "${{ env.IMAGE_NAME }}:${{ github.sha }}"
- name: "Set up Cloud SDK"
uses: google-github-actions/setup-gcloud@v2
# - name: Sign the docker image
# run: |-
# export CLOUDSDK_CORE_DISABLE_PROMPTS=1
# gcloud components install beta --quiet
# DIGEST=$(gcloud container images describe ${{ env.IMAGE_NAME }}:${{ github.sha }} --format='get(image_summary.digest)')
# gcloud beta container binauthz attestations sign-and-create \
# --artifact-url="${{ env.IMAGE_NAME }}@${DIGEST}" \
# --attestor="${{ env.ATTESTOR }}" \
# --attestor-project="${{ env.ATTESTOR_PROJECT_ID }}" \
# --keyversion-project="${{ env.ATTESTOR_PROJECT_ID }}" \
# --keyversion-location="${{ vars.GAR_LOCATION }}" \
# --keyversion-keyring="${{ env.KEY_RING }}" \
# --keyversion-key="${{ env.KEY }}" \
# --keyversion="1"