testing ci (#141) #104
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Production - Build and Push to GCP Artifact Registry | |
| on: | |
| push: | |
| branches: | |
| - master | |
| jobs: | |
| setup-build-publish: | |
| name: Setup, Build, Publish | |
| runs-on: ubuntu-latest | |
| environment: production | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| steps: | |
| - name: "Enable experimental docker" | |
| run: | | |
| sudo bash -c 'echo "{\"experimental\": true}" > /etc/docker/daemon.json' | |
| sudo systemctl restart docker | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # Configure Workload Identity Federation and generate an access token. | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/[email protected]" | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} | |
| service_account: ${{ secrets.CODECOV_GCP_WIDSA }} | |
| - name: Docker configuration | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
| # Build the Docker image | |
| - name: Build | |
| env: | |
| ENV: production | |
| run: |- | |
| make build-requirements | |
| make build | |
| # Push the Docker image to Google Artifact Registry | |
| - name: Publish | |
| env: | |
| ENV: production | |
| run: |- | |
| make push |