From 2065509705e2bf17033628cb50d9087e30dfd6ef Mon Sep 17 00:00:00 2001 From: kcs-bandihareesh Date: Tue, 8 Oct 2024 06:24:17 +0530 Subject: [PATCH] ACCESS_TOKEN method --- .github/workflows/vertx-base.yaml | 54 +++++++++++++------------------ travis/new-settings.xml | 10 ++++-- 2 files changed, 30 insertions(+), 34 deletions(-) diff --git a/.github/workflows/vertx-base.yaml b/.github/workflows/vertx-base.yaml index c66a3a8..13d7110 100644 --- a/.github/workflows/vertx-base.yaml +++ b/.github/workflows/vertx-base.yaml @@ -11,19 +11,21 @@ jobs: runs-on: ubuntu-20.04 permissions: contents: 'read' + id-token: 'write' steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Decode and Set up Google Cloud credentials - run: echo "${{ secrets.ARTIFACT_REGISTRY_KEY }}" | base64 -d > $HOME/gcloud-key.json - - name: Authenticate to Google Cloud - run: | - gcloud auth activate-service-account --key-file=$HOME/gcloud-key.json - gcloud config set project som-rit-infrastructure-prod + uses: google-github-actions/auth@v2 + with: + project_id: 'som-rit-infrastructure-prod' + workload_identity_provider: 'projects/294515190965/locations/global/workloadIdentityPools/github/providers/susom-github' + create_credentials_file: true + export_environment_variables: true + cleanup_credentials: true - name: Set up JDK uses: actions/setup-java@v4 @@ -53,18 +55,24 @@ jobs: runs-on: ubuntu-20.04 permissions: contents: 'read' + id-token: 'write' steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Decode and Set up Google Cloud credentials - run: echo "${{ secrets.ARTIFACT_REGISTRY_KEY }}" | base64 -d > $HOME/gcloud-key.json - - name: Authenticate to Google Cloud - run: | - gcloud auth activate-service-account --key-file=$HOME/gcloud-key.json - gcloud config set project som-rit-infrastructure-prod + uses: google-github-actions/auth@v2 + with: + project_id: 'som-rit-infrastructure-prod' + workload_identity_provider: 'projects/294515190965/locations/global/workloadIdentityPools/github/providers/susom-github' + create_credentials_file: true + export_environment_variables: true + cleanup_credentials: true + - name: Set up OAuth2 access token for Maven + run: | + echo "ACCESS_TOKEN=$(gcloud auth print-access-token)" >> $GITHUB_ENV + - name: Set up JDK uses: actions/setup-java@v4 with: @@ -85,23 +93,5 @@ jobs: - name: Update POM Version for deploy run: sed -i "s/-SNAPSHOT/-build-${{ github.run_number }}/" pom.xml - - name: Generate Sources and Javadocs - run: mvn source:jar javadoc:jar - - - name: List files before upload - run: ls target/ - - - name: Deploy Snapshots with Retry Logic - run: | - success=false - for i in {1..5}; do - mvn -s $HOME/.m2/settings.xml \ - -Dmaven.wagon.http.retryHandler.count=5 \ - -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 \ - -Dmaven.wagon.http.timeout=7200000 \ - --batch-mode -e -DskipTests=true deploy -X && success=true && break || sleep 60; - done - if [ "$success" = false ]; then - echo "Maven deploy failed after 5 attempts." >&2 - exit 1 - fi \ No newline at end of file + - name: Deploy Snapshots + run: mvn -s $HOME/.m2/settings.xml -Dmaven.wagon.http.retryHandler.count=3 --batch-mode -e -DskipTests=true deploy \ No newline at end of file diff --git a/travis/new-settings.xml b/travis/new-settings.xml index b5f5db6..b48f40e 100644 --- a/travis/new-settings.xml +++ b/travis/new-settings.xml @@ -2,7 +2,9 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> + + artifact-registry @@ -23,14 +25,18 @@ - _json_key_base64 - ${env.ARTIFACT_REGISTRY_KEY} + oauth2accesstoken + ${env.ACCESS_TOKEN} + + ossrh ${env.OSSRH_USERNAME} ${env.OSSRH_PASSWORD} + + github.com ${env.GITHUB_USERNAME}