fix(ci): remove GKE credential step #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the "main" branch. | |
| # | |
| # To configure this workflow: | |
| # | |
| # 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. | |
| # | |
| # 2. Create and configure a Workload Identity Provider for GitHub (https://github.com/google-github-actions/auth#setting-up-workload-identity-federation) | |
| # | |
| # 3. Change the values for the GAR_LOCATION, GKE_ZONE, GKE_CLUSTER, IMAGE, REPOSITORY and DEPLOYMENT_NAME environment variables (below). | |
| # | |
| # For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke-kustomize | |
| name: Build and Deploy to GKE | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| env: | |
| PROJECT_ID: ${{ secrets.GKE_PROJECT }} | |
| GAR_LOCATION: us-east1 | |
| REPOSITORY: word-dictionary | |
| IMAGE: word-dictionary | |
| jobs: | |
| setup-build-publish-deploy: | |
| name: Setup, Build, Publish, and Deploy | |
| runs-on: ubuntu-latest | |
| environment: production | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # Configure Workload Identity Federation and generate an access token. | |
| - id: 'auth' | |
| name: 'Authenticate to Google Cloud' | |
| uses: 'google-github-actions/auth@v0' | |
| with: | |
| token_format: 'access_token' | |
| workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' | |
| service_account: '[email protected]' | |
| - name: Docker configuration | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://$GAR_LOCATION-docker.pkg.dev | |
| # Build the Docker image | |
| - name: Build | |
| run: |- | |
| docker build \ | |
| --tag "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" \ | |
| --build-arg GITHUB_SHA="$GITHUB_SHA" \ | |
| --build-arg GITHUB_REF="$GITHUB_REF" \ | |
| . | |
| # Push the Docker image to Google Artifact Registry | |
| - name: Publish | |
| run: |- | |
| docker push "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" |