deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-07 05:03:34 +00:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Use WIF for service account credentials

Browse Source
This commit is contained in:
Jay Lee
2023-04-02 14:33:15 -04:00
committed by GitHub
parent 27461b067a
commit d069cfc309
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/build.yml vendored
View File

@ -95,6 +95,14 @@ jobs:
persist-credentials: false persist-credentials: false
fetch-depth: 0 fetch-depth: 0
- id: auth
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v1
with:
workload_identity_provider: projects/297925809119/locations/global/workloadIdentityPools/gha-pool/providers/gha-provider
service_account: github-actions-testing-for-gam@gam-project-wyo-lub-ivl.iam.gserviceaccount.com
access_token_scopes: "https://www.googleapis.com/auth/iam"
- name: Cache multiple paths - name: Cache multiple paths
if: matrix.goal == 'build' if: matrix.goal == 'build'
uses: actions/cache@v3 uses: actions/cache@v3
@ -580,6 +588,8 @@ jobs:
brew install gnupg brew install gnupg
fi fi
source ../.github/actions/decrypt.sh ../.github/actions/creds.tar.xz.gpg creds.tar.xz source ../.github/actions/decrypt.sh ../.github/actions/creds.tar.xz.gpg creds.tar.xz
rm $gampath/oauth2service.json
$gam create signjwtserviceaccount
export OAUTHFILE="oauth2.txt-gam-gha-${JID}" export OAUTHFILE="oauth2.txt-gam-gha-${JID}"
echo "OAUTHFILE=${OAUTHFILE}" >> $GITHUB_ENV echo "OAUTHFILE=${OAUTHFILE}" >> $GITHUB_ENV
export gam_user="gam-gha-${JID}@pdl.jaylee.us" export gam_user="gam-gha-${JID}@pdl.jaylee.us"