Skip to content

Commit 181899c

Browse files
dependabot[bot]Dargon789snyk-io[bot]sourcery-ai[bot]gcf-owl-bot[bot]
authored
build(deps): bump the npm_and_yarn group across 3 directories with 4 updates (#910)
* Add .circleci/config.yml * Create google.yml (#1) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#3) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade c8 from 9.1.0 to 10.1.3 Snyk has created this PR to upgrade c8 from 9.1.0 to 10.1.3. See this package in npm: c8 See this project in Snyk: https://app.snyk.io/org/dargon789/project/68a3328a-d2b6-4975-b7db-af96a29fc4ac?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr * feat: upgrade c8 from 9.1.0 to 10.1.3 Snyk has created this PR to upgrade c8 from 9.1.0 to 10.1.3. See this package in npm: c8 See this project in Snyk: https://app.snyk.io/org/dargon789/project/e2757016-0d48-429d-8c99-bffba0039c3a?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr * Update google.yml (#11) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * fix: packages/google-cloud-dialogflow-cx/samples/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 * Create build-attested-image.yml (#217) * Create build-attested-image.yml CI: Introduce a build-attested-image workflow that builds and pushes a Docker image to GitHub Container Registry and generates build provenance attestations. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/workflows/build-attested-image.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: packages/google-shopping-merchant-products/samples/package.json to reduce vulnerabilities (#214) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-kms-inventory/samples/package.json to reduce vulnerabilities (#213) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-certificatemanager/samples/package.json to reduce vulnerabilities (#212) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-workstations/samples/package.json to reduce vulnerabilities (#211) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates Bumps the npm_and_yarn group with 2 updates in the / directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [js-yaml](https://github.com/nodeca/js-yaml). Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * fix: packages/google-cloud-iap/samples/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 * Create cargo.yml (#221) CI: Introduce a CircleCI job that runs cargo fmt and cargo test using a Rust Docker image with caching for dependencies and build artifacts. https://github.com/apps/gemini-code-assist Highlights New CircleCI Configuration: A new CircleCI configuration file, .circleci/cargo.yml, has been added to the repository. Rust Build and Test Workflow: The new configuration defines a build-and-test job specifically for Rust projects, utilizing the cimg/rust:1.88.0 Docker image. Automated Code Quality Checks: The workflow includes steps to automatically check code formatting using cargo fmt -- --check and run all tests with cargo test. Dependency Caching: Caching mechanisms for Cargo dependencies are implemented to speed up subsequent CI runs by restoring and saving ~/.cargo and target directories. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create ci-foundry.yml (#224) CI: Introduce a CircleCI 2.1 configuration file defining a custom Docker executor and a minimal workflow that checks out the repository and runs a placeholder command. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: packages/google-cloud-dataform/samples/package.json to reduce vulnerabilities (#209) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-devtools-cloudbuild/samples/package.json to reduce vulnerabilities (#208) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Create jekyll-gh-pages.yml (#230) CI: Introduce a GitHub Actions workflow that builds the Jekyll site and deploys it to GitHub Pages using preinstalled dependencies. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#232) CI: Simplify CircleCI configuration to a single Docker job that checks out the repo and echoes a greeting, orchestrated by a basic workflow. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: packages/google-cloud-workflows-executions/samples/package.json to reduce vulnerabilities (#207) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-shopping-merchant-promotions/samples/package.json to reduce vulnerabilities (#206) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-shopping-merchant-reviews/samples/package.json to reduce vulnerabilities (#205) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-filestore/samples/package.json to reduce vulnerabilities (#203) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-shopping-merchant-datasources/samples/package.json to reduce vulnerabilities (#228) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOCHA-2863123 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607 - https://snyk.io/vuln/SNYK-JS-NANOID-2332193 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-asset/samples/package.json to reduce vulnerabilities (#36) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-apihub/samples/package.json to reduce vulnerabilities (#227) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOCHA-2863123 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607 - https://snyk.io/vuln/SNYK-JS-NANOID-2332193 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-NANOID-8492085 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-devicestreaming/samples/package.json to reduce vulnerabilities (#204) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-chronicle/samples/package.json to reduce vulnerabilities (#202) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: packages/google-cloud-osconfig/samples/package.json to reduce vulnerabilities (#200) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * feat: Add `OFFLINE` state to Zone resources A new `OFFLINE` state has been added to the `Zone.State` enum. This state indicates that the zone is temporarily not operational, for example, while undergoing maintenance or repair PiperOrigin-RevId: 879057351 Source-Link: googleapis/googleapis@40a49dc Source-Link: https://github.com/googleapis/googleapis-gen/commit/77daef772d6cb525e73509d99da77c54c86cb597 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWdkY2hhcmR3YXJlbWFuYWdlbWVudC8uT3dsQm90LnlhbWwiLCJoIjoiNzdkYWVmNzcyZDZjYjUyNWU3MzUwOWQ5OWRhNzdjNTRjODZjYjU5NyJ9 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * build(deps): bump the npm_and_yarn group across 3 directories with 4 updates Bumps the npm_and_yarn group with 3 updates in the /core/generator/gapic-generator-typescript directory: [protobufjs](https://github.com/protobufjs/protobuf.js), [protobufjs-cli](https://github.com/protobufjs/protobuf.js) and [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder). Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: [@grpc/grpc-js](https://github.com/grpc/grpc-node). Bumps the npm_and_yarn group with 1 update in the /handwritten/cloud-profiler directory: [protobufjs](https://github.com/protobufjs/protobuf.js). Updates `protobufjs` from 7.5.5 to 7.5.6 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.6/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.5...protobufjs-v7.5.6) Updates `protobufjs-cli` from 1.2.0 to 1.2.2 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-cli-v1.2.0...protobufjs-cli-v1.2.2) Updates `fast-xml-builder` from 1.1.5 to 1.2.0 - [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-builder@v1.1.5...v1.2.0) Updates `protobufjs` from 7.5.5 to 7.5.6 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.6/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.5...protobufjs-v7.5.6) Updates `protobufjs` from 7.5.5 to 7.5.6 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.6/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.5...protobufjs-v7.5.6) Updates `protobufjs` from 7.5.5 to 7.5.6 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.6/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.5...protobufjs-v7.5.6) Updates `@grpc/grpc-js` from 1.6.12 to 1.14.3 - [Release notes](https://github.com/grpc/grpc-node/releases) - [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.12...@grpc/grpc-js@1.14.3) Updates `protobufjs` from 7.4.0 to 8.2.0 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.6/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.5.5...protobufjs-v7.5.6) --- updated-dependencies: - dependency-name: protobufjs dependency-version: 7.5.6 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: protobufjs-cli dependency-version: 1.2.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: fast-xml-builder dependency-version: 1.2.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-version: 7.5.6 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-version: 7.5.6 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-version: 7.5.6 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@grpc/grpc-js" dependency-version: 1.14.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-version: 8.2.0 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>
1 parent 24afc64 commit 181899c

32 files changed

Lines changed: 551 additions & 186 deletions

File tree

.circleci/cargo.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
version: 2.1
2+
3+
jobs:
4+
build-and-test:
5+
docker:
6+
- image: cimg/rust:1.88.0
7+
steps:
8+
- checkout
9+
- restore_cache:
10+
keys:
11+
- v1-cargo-{{ checksum "Cargo.lock" }}
12+
- v1-cargo-
13+
- run:
14+
name: "Check formatting"
15+
command: cargo fmt -- --check
16+
- run:
17+
name: "Run tests"
18+
command: cargo test
19+
- save_cache:
20+
key: v1-cargo-{{ checksum "Cargo.lock" }}
21+
paths:
22+
- "~/.cargo/bin"
23+
- "~/.cargo/registry/index"
24+
- "~/.cargo/registry/cache"
25+
- "~/.cargo/git/db"
26+
- "target"
27+
- run:
28+
name: "Check formatting"
29+
command: cargo fmt -- --check
30+
- run:
31+
name: "Run tests"
32+
command: cargo test

.circleci/ci-foundry.yml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
# Use the latest 2.1 version of CircleCI pipeline process engine.
2+
# See: https://circleci.com/docs/configuration-reference
3+
4+
version: 2.1
5+
executors:
6+
my-custom-executor:
7+
docker:
8+
- image: cimg/base:stable
9+
auth:
10+
# ensure you have first added these secrets
11+
# visit app.circleci.com/settings/project/github/Dargon789/foundry/environment-variables
12+
username: $DOCKER_HUB_USER
13+
password: $DOCKER_HUB_PASSWORD
14+
jobs:
15+
web3-defi-game-project-:
16+
17+
executor: my-custom-executor
18+
steps:
19+
- checkout
20+
- run: |
21+
# echo Hello, World!
22+
23+
workflows:
24+
my-custom-workflow:
25+
jobs:
26+
- web3-defi-game-project-

.circleci/config.yml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
# Use the latest 2.1 version of CircleCI pipeline process engine.
2+
# See: https://circleci.com/docs/configuration-reference
3+
version: 2.1
4+
5+
# Define a job to be invoked later in a workflow.
6+
# See: https://circleci.com/docs/jobs-steps/#jobs-overview & https://circleci.com/docs/configuration-reference/#jobs
7+
jobs:
8+
say-hello:
9+
# Specify the execution environment. You can specify an image from Docker Hub or use one of our convenience images from CircleCI's Developer Hub.
10+
# See: https://circleci.com/docs/executor-intro/ & https://circleci.com/docs/configuration-reference/#executor-job
11+
docker:
12+
# Specify the version you desire here
13+
# See: https://circleci.com/developer/images/image/cimg/base
14+
- image: cimg/base:current
15+
16+
# Add steps to the job
17+
# See: https://circleci.com/docs/jobs-steps/#steps-overview & https://circleci.com/docs/configuration-reference/#steps
18+
steps:
19+
# Checkout the code as the first step.
20+
- checkout
21+
- run:
22+
name: "Say hello"
23+
command: "echo Hello, World!"
24+
25+
# Orchestrate jobs using workflows
26+
# See: https://circleci.com/docs/workflows/ & https://circleci.com/docs/configuration-reference/#workflows
27+
workflows:
28+
say-hello-workflow: # This is the name of the workflow, feel free to change it to better match your workflow.
29+
# Inside the workflow, you define the jobs you want to run.
30+
jobs:
31+
- say-hello
Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
name: build-attested-image
2+
3+
on:
4+
push:
5+
branches: [main]
6+
7+
jobs:
8+
build:
9+
runs-on: ubuntu-latest
10+
permissions:
11+
id-token: write
12+
packages: write
13+
contents: read
14+
attestations: write
15+
env:
16+
REGISTRY: ghcr.io
17+
IMAGE_NAME: ${{ github.repository }}
18+
19+
steps:
20+
- name: Checkout
21+
uses: actions/checkout@v4
22+
- name: Login to GitHub Container Registry
23+
uses: docker/login-action@v3
24+
with:
25+
registry: ${{ env.REGISTRY }}
26+
username: ${{ github.actor }}
27+
password: ${{ secrets.GITHUB_TOKEN }}
28+
- name: Build and push image
29+
id: push
30+
uses: docker/build-push-action@v5.0.0
31+
with:
32+
context: .
33+
push: true
34+
tags: |
35+
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
36+
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
37+
- name: Attest
38+
uses: actions/attest-build-provenance@v1
39+
id: attest
40+
with:
41+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
42+
subject-digest: ${{ steps.push.outputs.digest }}
43+
push-to-registry: true
44+

.github/workflows/google.yml

Lines changed: 117 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,117 @@
1+
# This workflow will build a docker container, publish it to Google Container
2+
# Registry, and deploy it to GKE when there is a push to the "main"
3+
# branch.
4+
#
5+
# To configure this workflow:
6+
#
7+
# 1. Enable the following Google Cloud APIs:
8+
#
9+
# - Artifact Registry (artifactregistry.googleapis.com)
10+
# - Google Kubernetes Engine (container.googleapis.com)
11+
# - IAM Credentials API (iamcredentials.googleapis.com)
12+
#
13+
# You can learn more about enabling APIs at
14+
# https://support.google.com/googleapi/answer/6158841.
15+
#
16+
# 2. Ensure that your repository contains the necessary configuration for your
17+
# Google Kubernetes Engine cluster, including deployment.yml,
18+
# kustomization.yml, service.yml, etc.
19+
#
20+
# 3. Create and configure a Workload Identity Provider for GitHub:
21+
# https://github.com/google-github-actions/auth#preferred-direct-workload-identity-federation.
22+
#
23+
# Depending on how you authenticate, you will need to grant an IAM principal
24+
# permissions on Google Cloud:
25+
#
26+
# - Artifact Registry Administrator (roles/artifactregistry.admin)
27+
# - Kubernetes Engine Developer (roles/container.developer)
28+
#
29+
# You can learn more about setting IAM permissions at
30+
# https://cloud.google.com/iam/docs/manage-access-other-resources
31+
#
32+
# 5. Change the values in the "env" block to match your values.
33+
34+
name: 'Build and Deploy to GKE'
35+
36+
on:
37+
push:
38+
branches:
39+
- '"main"'
40+
- '"master"'
41+
- '"dev"'
42+
env:
43+
PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID
44+
GAR_LOCATION: 'us-central1' # TODO: update to your region
45+
GKE_CLUSTER: 'cluster-1' # TODO: update to your cluster name
46+
GKE_ZONE: 'us-central1-c' # TODO: update to your cluster zone
47+
DEPLOYMENT_NAME: 'gke-test' # TODO: update to your deployment name
48+
REPOSITORY: 'samples' # TODO: update to your Artifact Registry docker repository name
49+
IMAGE: 'static-site'
50+
WORKLOAD_IDENTITY_PROVIDER: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' # TODO: update to your workload identity provider
51+
52+
jobs:
53+
setup-build-publish-deploy:
54+
name: 'Setup, Build, Publish, and Deploy'
55+
runs-on: 'ubuntu-latest'
56+
environment: 'production'
57+
58+
permissions:
59+
contents: 'read'
60+
id-token: 'write'
61+
62+
steps:
63+
- name: 'Checkout'
64+
uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4
65+
66+
# Configure Workload Identity Federation and generate an access token.
67+
#
68+
# See https://github.com/google-github-actions/auth for more options,
69+
# including authenticating via a JSON credentials file.
70+
- id: 'auth'
71+
name: 'Authenticate to Google Cloud'
72+
uses: 'google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2' # google-github-actions/auth@v2
73+
with:
74+
workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}'
75+
76+
# Authenticate Docker to Google Cloud Artifact Registry
77+
- name: 'Docker Auth'
78+
uses: 'docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567' # docker/login-action@v3
79+
with:
80+
username: 'oauth2accesstoken'
81+
password: '${{ steps.auth.outputs.auth_token }}'
82+
registry: '${{ env.GAR_LOCATION }}-docker.pkg.dev'
83+
84+
# Get the GKE credentials so we can deploy to the cluster
85+
- name: 'Set up GKE credentials'
86+
uses: 'google-github-actions/get-gke-credentials@6051de21ad50fbb1767bc93c11357a49082ad116' # google-github-actions/get-gke-credentials@v2
87+
with:
88+
cluster_name: '${{ env.GKE_CLUSTER }}'
89+
location: '${{ env.GKE_ZONE }}'
90+
91+
# Build the Docker image
92+
- name: 'Build and push Docker container'
93+
run: |-
94+
DOCKER_TAG="${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}"
95+
96+
docker build \
97+
--tag "${DOCKER_TAG}" \
98+
--build-arg GITHUB_SHA="${GITHUB_SHA}" \
99+
--build-arg GITHUB_REF="${GITHUB_REF}" \
100+
.
101+
102+
docker push "${DOCKER_TAG}"
103+
104+
# Set up kustomize
105+
- name: 'Set up Kustomize'
106+
run: |-
107+
curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz
108+
chmod u+x ./kustomize
109+
110+
# Deploy the Docker image to the GKE cluster
111+
- name: 'Deploy to GKE'
112+
run: |-
113+
# replacing the image name in the k8s template
114+
./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA
115+
./kustomize build . | kubectl apply -f -
116+
kubectl rollout status deployment/$DEPLOYMENT_NAME
117+
kubectl get services -o wide
Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
# Sample workflow for building and deploying a Jekyll site to GitHub Pages
2+
name: Deploy Jekyll with GitHub Pages dependencies preinstalled
3+
4+
on:
5+
# Runs on pushes targeting the default branch
6+
push:
7+
branches: ["main"]
8+
9+
# Allows you to run this workflow manually from the Actions tab
10+
workflow_dispatch:
11+
12+
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
13+
permissions:
14+
contents: read
15+
pages: write
16+
id-token: write
17+
18+
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
19+
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
20+
concurrency:
21+
group: "pages"
22+
cancel-in-progress: false
23+
24+
jobs:
25+
# Build job
26+
build:
27+
runs-on: ubuntu-latest
28+
steps:
29+
- name: Checkout
30+
uses: actions/checkout@v4
31+
- name: Setup Pages
32+
uses: actions/configure-pages@v5
33+
- name: Build with Jekyll
34+
uses: actions/jekyll-build-pages@v1
35+
with:
36+
source: ./
37+
destination: ./_site
38+
- name: Upload artifact
39+
uses: actions/upload-pages-artifact@v3
40+
41+
# Deployment job
42+
deploy:
43+
environment:
44+
name: github-pages
45+
url: ${{ steps.deployment.outputs.page_url }}
46+
runs-on: ubuntu-latest
47+
needs: build
48+
steps:
49+
- name: Deploy to GitHub Pages
50+
id: deployment
51+
uses: actions/deploy-pages@v4

0 commit comments

Comments
 (0)