diff --git a/.github/workflows/post-commit-pipeline.yml b/.github/workflows/post-commit-pipeline.yml index 0a530ce..5a09b83 100644 --- a/.github/workflows/post-commit-pipeline.yml +++ b/.github/workflows/post-commit-pipeline.yml @@ -6,6 +6,7 @@ on: - main permissions: + id-token: write contents: write jobs: @@ -72,15 +73,24 @@ jobs: - name: Build & Test run: ./gradlew clean build + - name: GCP Auth + if: steps.version_increment.outputs.bump != 'none' + uses: google-github-actions/auth@v2 + with: + workload_identity_provider: ${{ vars.WIF_PROVIDER }} + service_account: ${{ vars.BUILDER_SA_EMAIL }} + - name: Build & push docker image if: steps.version_increment.outputs.bump != 'none' env: - DOCKER_REGISTRY: ${{ vars.DOCKER_ARTIFACT_REGISTRY }} - DOCKER_NAMESPACE: ${{ vars.DOCKER_ARTIFACT_NAMESPACE }} - DOCKER_IMAGE_VERSION: "${{ steps.calculate_version.outputs.new_version }}" - DOCKER_USERNAME: _json_key - DOCKER_PASSWORD: ${{ secrets.GCP_SA_KEY }} - run: ./gradlew bootBuildImage + DOCKER_IMAGE_NAME: "${{ vars.DOCKER_ARTIFACT_NAMESPACE }}/autoinvestor-core:${{ steps.calculate_version.outputs.new_version }}" + run: | + echo -e "\033[32mBuilding docker image\033[0m" + ./gradlew bootBuildImage --imageName="${DOCKER_IMAGE_NAME}" + echo -e "\033[32mConfiguring docker registry\033[0m" + gcloud auth configure-docker "${{ vars.DOCKER_ARTIFACT_REGISTRY }}" --quiet + echo -e "\033[32mPushing image\033[0m" + docker push "${DOCKER_IMAGE_NAME}" - name: Create GitHub Release if: steps.version_increment.outputs.bump != 'none' diff --git a/build.gradle b/build.gradle index c119a24..3d8bc86 100644 --- a/build.gradle +++ b/build.gradle @@ -40,13 +40,5 @@ tasks.named('test') { } bootBuildImage { - imageName = "${System.getenv("DOCKER_NAMESPACE")}/autoinvestor-${rootProject.name}:${System.getenv("DOCKER_IMAGE_VERSION")}" - docker { - publishRegistry { - username = System.getenv("DOCKER_USERNAME") - password = System.getenv("DOCKER_PASSWORD") - url = System.getenv("DOCKER_REGISTRY") - } - } - publish = true + publish = false }