chore(deps): bump github.com/prometheus/common from 0.55.0 to 0.57.0 … #185
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Build Pipeline (Docker)" | |
| on: | |
| push: | |
| branches: [main] | |
| env: | |
| IMAGE_NAME: "${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.PROJECT_ID }}/${{ secrets.DOCKER_REPOSITORY }}/polygon-cli" | |
| ATTESTOR_PROJECT_ID: ${{ vars.PROJECT_ID }} | |
| KEY_RING: "jesse-artifacts-ring" | |
| KEY: "jesse-artifacts-binary-auth-key" | |
| ATTESTOR: "jesse-artifacts-attestor" | |
| jobs: | |
| build-pipeline-docker: | |
| name: Build, push, scan, and sign Docker image | |
| permissions: | |
| contents: "write" | |
| id-token: "write" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Google Auth | |
| id: auth | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: "${{ secrets.WIF_PROVIDER }}" # this was hard to find: WIP --> Expand pool --> Click pencil icon" | |
| service_account: "${{ secrets.WIF_SERVICE_ACCOUNT }}" | |
| - name: Docker Auth | |
| id: docker-auth | |
| uses: docker/login-action@v3 | |
| with: | |
| username: "oauth2accesstoken" | |
| password: "${{ steps.auth.outputs.access_token }}" | |
| registry: "${{ vars.GAR_LOCATION }}-docker.pkg.dev" | |
| - name: Build and Push Docker Image to GCP Artifact Registry | |
| run: |- | |
| docker build -t "${{ env.IMAGE_NAME }}:${{ github.sha }}" . | |
| docker push "${{ env.IMAGE_NAME }}:${{ github.sha }}" | |
| - name: "Set up Cloud SDK" | |
| uses: google-github-actions/setup-gcloud@v2 | |
| # - name: Sign the docker image | |
| # run: |- | |
| # export CLOUDSDK_CORE_DISABLE_PROMPTS=1 | |
| # gcloud components install beta --quiet | |
| # DIGEST=$(gcloud container images describe ${{ env.IMAGE_NAME }}:${{ github.sha }} --format='get(image_summary.digest)') | |
| # gcloud beta container binauthz attestations sign-and-create \ | |
| # --artifact-url="${{ env.IMAGE_NAME }}@${DIGEST}" \ | |
| # --attestor="${{ env.ATTESTOR }}" \ | |
| # --attestor-project="${{ env.ATTESTOR_PROJECT_ID }}" \ | |
| # --keyversion-project="${{ env.ATTESTOR_PROJECT_ID }}" \ | |
| # --keyversion-location="${{ vars.GAR_LOCATION }}" \ | |
| # --keyversion-keyring="${{ env.KEY_RING }}" \ | |
| # --keyversion-key="${{ env.KEY }}" \ | |
| # --keyversion="1" |