Skip to content
Build and Push to GCP Artifact Registry

Merge pull request #60 from codecov/trent-codecov-patch-2 #77

Sign in to view logs

Merge pull request #60 from codecov/trent-codecov-patch-2

Merge pull request #60 from codecov/trent-codecov-patch-2 #77

Workflow file for this run

.github/workflows/gcr.yml at 9143f72
name: Build and Push to GCP Artifact Registry
on:
push:
branches:
- main
env:
CODECOV_DEVOPS_IMAGE: ${{ vars.CODECOV_DEVOPS_IMAGE }}
CODECOV_GATEWAY_IMAGE: ${{ vars.CODECOV_GATEWAY_IMAGE }}
jobs:
setup-build-publish:
name: Setup, Build, Publish
runs-on: ubuntu-latest
environment: production
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: 'Enable experimental docker'
run: |
sudo bash -c 'echo "{\"experimental\": true}" > /etc/docker/daemon.json'
sudo systemctl restart docker
- name: Checkout
uses: actions/checkout@v3
# Configure Workload Identity Federation and generate an access token.
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: google-github-actions/auth@v1.0.0
with:
token_format: 'access_token'
workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }}
service_account: ${{ secrets.CODECOV_GCP_WIDSA }}
- name: Docker configuration
run: |-
echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev
# Build the Docker image
- name: Build
run: |-
make build
- name: Dive
run: |-
make dive
- name: Deep Dive
run: |-
make deep-dive
# Push the Docker image to Google Artifact Registry
- name: Publish
run: |-
make push
- name: Log in to Docker Hub
uses: docker/login-action@v2.1.0
with:
username: ${{ secrets.CODECOV_DEVOPS_DOCKER_USERNAME }}
password: ${{ secrets.CODECOV_DEVOPS_DOCKER_PASSWORD }}
- name: Publish Rolling
run: |-
make push.rolling