From fe3b63ce7b35bb99cc1f3e359a27f8913b87df9b Mon Sep 17 00:00:00 2001
From: pputman-clabs <99900942+pputman-clabs@users.noreply.github.com>
Date: Mon, 24 Apr 2023 12:22:45 -0500
Subject: [PATCH] chore: Adding new github actions workflow for pushing
 containers (#160)

Adding a new github actions workflow to deploy containers in a more secure manner (using workload identity federation).
---
 .github/workflows/docker_push_oidc.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .github/workflows/docker_push_oidc.yaml

diff --git a/.github/workflows/docker_push_oidc.yaml b/.github/workflows/docker_push_oidc.yaml
new file mode 100644
index 00000000..2d99df57
--- /dev/null
+++ b/.github/workflows/docker_push_oidc.yaml
@@ -0,0 +1,22 @@
+name: Docker Push OIDC
+
+on:
+  workflow_dispatch:
+    inputs:
+    build_env:
+      description: 'Build environment (staging|production)'
+      required: true
+      default: 'staging'
+      type: string
+
+jobs:
+  Build-Celo-Oracle:
+    uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v1.8
+    with:
+      workload-id-provider: projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-oracle/providers/github-by-repos
+      service-account: 'celo-oracle-images@devopsre.iam.gserviceaccount.com'
+      artifact-registry: us-west1-docker.pkg.dev/devopsre/celo-oracle/celo-oracle
+      tag: ${{ inputs.build_env }}
+      context: .
+      trivy: true
+      trivy-timeout: 40m