diff --git a/.github/workflows/vertx-base.yaml b/.github/workflows/vertx-base.yaml index f9cafd6..6a54938 100644 --- a/.github/workflows/vertx-base.yaml +++ b/.github/workflows/vertx-base.yaml @@ -6,9 +6,9 @@ on: workflow_dispatch: permissions: + id-token: write contents: write packages: write - id-token: write jobs: test: @@ -50,7 +50,6 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Set up JDK 17 uses: actions/setup-java@v4 with: @@ -67,15 +66,24 @@ jobs: - name: Set up Maven settings run: cp ./travis/new-settings.xml ~/.m2/settings.xml - - name: Authenticate to Google Cloud + - name: Authenticate using Workload Identity Federation uses: google-github-actions/auth@v2 with: project_id: 'som-rit-infrastructure-prod' workload_identity_provider: 'projects/294515190965/locations/global/workloadIdentityPools/github/providers/susom-github' + - name: Generate GCP Access Token + id: auth + run: | + export GCP_ACCESS_TOKEN=$(gcloud auth print-access-token) + env: + GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} + - name: Deploy Snapshots run: | mvn -Dmaven.wagon.http.retryHandler.count=5 \ -Dmaven.wagon.httpconnectionManager.ttlSeconds=30 \ -Dmaven.wagon.http.timeout=1200000 \ - --batch-mode -e -DskipTests=true deploy -X \ No newline at end of file + --batch-mode -e -DskipTests=true deploy -X + env: + GCP_ACCESS_TOKEN: ${{ steps.auth.outputs.GCP_ACCESS_TOKEN }} \ No newline at end of file diff --git a/travis/new-settings.xml b/travis/new-settings.xml index c192724..551e85a 100644 --- a/travis/new-settings.xml +++ b/travis/new-settings.xml @@ -5,22 +5,26 @@ artifact-registry + oauth2accesstoken + ${env.GCP_ACCESS_TOKEN} true - + true + + + + + http.protocol.expect-continue + false + + - - - http.protocol.expect-continue - false - - - \ No newline at end of file +