Skip to content

Commit

Permalink
Add publish_static action for uploading to private bucket
Browse files Browse the repository at this point in the history
  • Loading branch information
mhuebert committed May 24, 2024
1 parent da16cbb commit f554f85
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 1 deletion.
File renamed without changes.
32 changes: 32 additions & 0 deletions .github/workflows/publish_static.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Publish static files to a cloud bucket

on:
workflow_dispatch:
push:
branches:
- main

jobs:
Deploy:
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'

steps:
- uses: 'actions/checkout@v4'

- id: 'auth'
uses: 'google-github-actions/[email protected]'
with:
project_id: 'probcomp-caliban'
workload_identity_provider: 'projects/110275315150/locations/global/workloadIdentityPools/gen-website-private-publishers/providers/github'
service_account: 'gen-website-private-admin@probcomp-caliban.iam.gserviceaccount.com'
audience: '//iam.googleapis.com/projects/110275315150/locations/global/workloadIdentityPools/gen-website-private-publishers/providers/github'
- name: Create info.json
run: |
echo '{ "createdAt": "'$(date -u +%Y-%m-%dT%H:%M:%SZ)'" }' > ./public/info.json
- id: 'deploy'
run: |
gcloud storage rsync --recursive ./public gs://gen-website-private/${{github.repository}}
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,6 @@ We will now find in our GCP account:
- Cloud Build Service Account
- Workload Identity User

To run this in a different repository, you'll need to edit the identity pool's [github provider](https://console.cloud.google.com/iam-admin/workload-identity-pools/pool/app-engine-publishers/provider/github?project=probcomp-caliban), specifically the "Attribute Conditions".
To run this in a different repository, you'll need to edit the identity pool's [github provider](https://console.cloud.google.com/iam-admin/workload-identity-pools/pool/app-engine-publishers/provider/github?project=probcomp-caliban), specifically the "Attribute Conditions".

I also created an identity for publishing to the `gen-website-private` bucket called `gen-website-private-publishers`.

0 comments on commit f554f85

Please sign in to comment.