From 8243173407e7c44e86ed2954e20c69f3f92506db Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 11:59:30 +0530 Subject: [PATCH 1/7] chore: add google auth step --- .github/workflows/update-docker-args.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/update-docker-args.yml b/.github/workflows/update-docker-args.yml index d4f9a10..49e89fb 100644 --- a/.github/workflows/update-docker-args.yml +++ b/.github/workflows/update-docker-args.yml @@ -13,6 +13,11 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Google Auth + uses: google-github-actions/auth@v2 + with: + credentials_json: '${{ secrets.HELM_GCS_CREDENTIALS }}' + - name: Update Docker Args shell: bash id: args From 44af1f866b6741d5cc9a0284b697cfc56331e442 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 12:11:05 +0530 Subject: [PATCH 2/7] add filter to gcloud command --- .github/workflows/update-docker-args.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-docker-args.yml b/.github/workflows/update-docker-args.yml index 49e89fb..f46e4c4 100644 --- a/.github/workflows/update-docker-args.yml +++ b/.github/workflows/update-docker-args.yml @@ -24,7 +24,7 @@ jobs: run: | BASE_IMAGE="gcr.io/distroless/cc-debian12" BASE_IMAGE_TAG="debug" - BASE_IMAGE_DIGEST=$(gcloud container images list-tags $BASE_IMAGE --format json | jq --arg tag "$BASE_IMAGE_TAG" -r '.[] | {digest: .digest, tag: .tags[]} | select(.tag == $tag) | .digest') + BASE_IMAGE_DIGEST=$(gcloud container images list-tags $BASE_IMAGE --filter="tags=$BASE_IMAGE_TAG" --format json | jq --arg tag "$BASE_IMAGE_TAG" -r '.[] | {digest: .digest, tag: .tags[]} | select(.tag == $tag) | .digest') if [ -n "$BASE_IMAGE_DIGEST" ]; then echo -n "${BASE_IMAGE}:${BASE_IMAGE_TAG}@${BASE_IMAGE_DIGEST}" > java-11/base.image echo -n "${BASE_IMAGE}:${BASE_IMAGE_TAG}@${BASE_IMAGE_DIGEST}" > java-21/base.image From afbf8aa8f77c78959025732eec804584d94cf29e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 06:41:45 +0000 Subject: [PATCH 3/7] Update docker args (#35) Co-authored-by: ravisingal <62086374+ravisingal@users.noreply.github.com> --- gha-creds-0bf35713e2943b0c.json | 1 + 1 file changed, 1 insertion(+) create mode 100644 gha-creds-0bf35713e2943b0c.json diff --git a/gha-creds-0bf35713e2943b0c.json b/gha-creds-0bf35713e2943b0c.json new file mode 100644 index 0000000..1d8a4a8 --- /dev/null +++ b/gha-creds-0bf35713e2943b0c.json @@ -0,0 +1 @@ +{"type":"service_account","project_id":"dataservices-0001","private_key_id":"bf2224d98333e88f59833cccbe84fbfeeb5db107","private_key":"-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAp5PpNuWDYZYo\nwX9tTzMp8B6Ztge6EVgbmY4IdPT3hcQyIn8xbHugLymixGj838Sw6pg3+eL2ETUR\nYnxCPyG7GG59/HLM7/L3Kns6swmOcBM8FtYCfJ2oDXkmzBcLMwVG7Qe0PvGAkRju\nZsRP8m8+0hSLJooB1jlT7YdSkc4vZMFPiMBQ+kbPWgEoCbAjutu0Nf+AE3SEv7DI\n4pkdTAaYIY471ecDa4JLheu0GcwNVx8mICd8wIN9Vf14Oz2maqskk0HHkFDS09vr\naijrNuUYqFa5mTtTWRvERdPrkAqP9IW76k+mUSjwboGlhhF8C93nIVNG99dvAxep\nwYeyP6ePAgMBAAECggEACcQr3INKxh0bMMEnikQvRztD0duQeLZBhJuFUgYk8qvk\nKbQvIMW0zGIFZJnOD4zNA8ry/H7h4WeAMTKQV72rkBPuIW4FDPez3yPEvb9TdLGg\no2xSpitWe9HgvvWb8N+vioMyuxGVykRsMEUjHopoRLptDeVeQIBxV4oh4y7RCGqC\nQmX+DnT7Ah4522fI3KhyCe1maQqVzTONzn6mNhVbHhPYnxanIa3KcqE0/1V4DBe0\nMaAGnHUbgAhdif03JbgVxHlNgF7SnCyOliLucZsEn/BTUrFQ3LYMVGCI+S7c1Q+N\n/fr/i3p9CJ5mJ9bbEOLnD1NBJGVMm+xEczBvq+E4AQKBgQDy3G65pugi4EVE7nwn\nnw01aHeH3wEoLVKcjYYC0uo9mzb5qXKi9oJ7OBBA6S25dFWil/+mzZybGpwREzZ2\njdfoL3tzBmQFtvhXesNbXIkN0B98b0UunCgbJz5poau7F6V6p373zmjcIg7J0KDm\nVfL/7XWUzJovNiv0lZ7d1JfCgQKBgQDLE8w7KNL5YXfaN30tS2yr1k+R0Oa1PciF\naVbwzqRxzg72cr2q+Ipk1L27TpAYHQgoQ6cLkRadDDblbqtk2vz2H4XpIflAT3BO\nxzBbbhIxfxrJU2TFn9m9UoE8GWGwekKnwheFfU9LbAHCzJVV4R+9fACZ3uDLQ95q\n5GF/FjZCDwKBgFbDA1eV1jancne2z2oEO17KLHHA7JPi5TGCqc6WdRJ/QfudWpP3\nhxPoKn5WD3zCn9lPfgikSf9rWTgMaheegvSzCeJE9TTJch0mgWZBP8FMigMVaVzG\nctmIgpaQKF7VisuvzP9QoUuLa0cUHndLW12tAqWfFrIpIzjkvvW2/mSBAoGAJDLZ\nOspiIPXQyWMOux4wtsiy0kksdq4WqkFGsBIFmgui+ycky+8VrDeHwnWUldfG9nZo\ntlUcdM4Skv8RKh8m7DBeTFoz9dSzLjevVPzf3VbMzYpB8kA2LdshEjdsBGsmqoSc\ncL0Pf2A3SCPzkqVYZQxPhx4Fb/YfFWq0PlUVQt0CgYEA8a8X28N7BCWeF7SebICZ\nMm4cAXyaTrGYz3OuhKin1rVSnvoydUzADzsOqi0eiN9gXm2KmP2BvoR/kgX+2R+T\ntNBExLRU4dIM64biYTu9FxWxO0ny7uYHioF9Z2n3VOXOvk+W7oCfz75cMgr2tiuS\nWyR9HvcKrZzIx6hyG7x8jCw=\n-----END PRIVATE KEY-----\n","client_email":"hypertrace-helm-publisher@dataservices-0001.iam.gserviceaccount.com","client_id":"109280846210776701872","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/hypertrace-helm-publisher%40dataservices-0001.iam.gserviceaccount.com"} \ No newline at end of file From dfdbec2512870dba9e7e0dc5c33b834089afdb29 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 12:14:04 +0530 Subject: [PATCH 4/7] remove cred file --- gha-creds-0bf35713e2943b0c.json | 1 - 1 file changed, 1 deletion(-) delete mode 100644 gha-creds-0bf35713e2943b0c.json diff --git a/gha-creds-0bf35713e2943b0c.json b/gha-creds-0bf35713e2943b0c.json deleted file mode 100644 index 1d8a4a8..0000000 --- a/gha-creds-0bf35713e2943b0c.json +++ /dev/null @@ -1 +0,0 @@ -{"type":"service_account","project_id":"dataservices-0001","private_key_id":"bf2224d98333e88f59833cccbe84fbfeeb5db107","private_key":"-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAp5PpNuWDYZYo\nwX9tTzMp8B6Ztge6EVgbmY4IdPT3hcQyIn8xbHugLymixGj838Sw6pg3+eL2ETUR\nYnxCPyG7GG59/HLM7/L3Kns6swmOcBM8FtYCfJ2oDXkmzBcLMwVG7Qe0PvGAkRju\nZsRP8m8+0hSLJooB1jlT7YdSkc4vZMFPiMBQ+kbPWgEoCbAjutu0Nf+AE3SEv7DI\n4pkdTAaYIY471ecDa4JLheu0GcwNVx8mICd8wIN9Vf14Oz2maqskk0HHkFDS09vr\naijrNuUYqFa5mTtTWRvERdPrkAqP9IW76k+mUSjwboGlhhF8C93nIVNG99dvAxep\nwYeyP6ePAgMBAAECggEACcQr3INKxh0bMMEnikQvRztD0duQeLZBhJuFUgYk8qvk\nKbQvIMW0zGIFZJnOD4zNA8ry/H7h4WeAMTKQV72rkBPuIW4FDPez3yPEvb9TdLGg\no2xSpitWe9HgvvWb8N+vioMyuxGVykRsMEUjHopoRLptDeVeQIBxV4oh4y7RCGqC\nQmX+DnT7Ah4522fI3KhyCe1maQqVzTONzn6mNhVbHhPYnxanIa3KcqE0/1V4DBe0\nMaAGnHUbgAhdif03JbgVxHlNgF7SnCyOliLucZsEn/BTUrFQ3LYMVGCI+S7c1Q+N\n/fr/i3p9CJ5mJ9bbEOLnD1NBJGVMm+xEczBvq+E4AQKBgQDy3G65pugi4EVE7nwn\nnw01aHeH3wEoLVKcjYYC0uo9mzb5qXKi9oJ7OBBA6S25dFWil/+mzZybGpwREzZ2\njdfoL3tzBmQFtvhXesNbXIkN0B98b0UunCgbJz5poau7F6V6p373zmjcIg7J0KDm\nVfL/7XWUzJovNiv0lZ7d1JfCgQKBgQDLE8w7KNL5YXfaN30tS2yr1k+R0Oa1PciF\naVbwzqRxzg72cr2q+Ipk1L27TpAYHQgoQ6cLkRadDDblbqtk2vz2H4XpIflAT3BO\nxzBbbhIxfxrJU2TFn9m9UoE8GWGwekKnwheFfU9LbAHCzJVV4R+9fACZ3uDLQ95q\n5GF/FjZCDwKBgFbDA1eV1jancne2z2oEO17KLHHA7JPi5TGCqc6WdRJ/QfudWpP3\nhxPoKn5WD3zCn9lPfgikSf9rWTgMaheegvSzCeJE9TTJch0mgWZBP8FMigMVaVzG\nctmIgpaQKF7VisuvzP9QoUuLa0cUHndLW12tAqWfFrIpIzjkvvW2/mSBAoGAJDLZ\nOspiIPXQyWMOux4wtsiy0kksdq4WqkFGsBIFmgui+ycky+8VrDeHwnWUldfG9nZo\ntlUcdM4Skv8RKh8m7DBeTFoz9dSzLjevVPzf3VbMzYpB8kA2LdshEjdsBGsmqoSc\ncL0Pf2A3SCPzkqVYZQxPhx4Fb/YfFWq0PlUVQt0CgYEA8a8X28N7BCWeF7SebICZ\nMm4cAXyaTrGYz3OuhKin1rVSnvoydUzADzsOqi0eiN9gXm2KmP2BvoR/kgX+2R+T\ntNBExLRU4dIM64biYTu9FxWxO0ny7uYHioF9Z2n3VOXOvk+W7oCfz75cMgr2tiuS\nWyR9HvcKrZzIx6hyG7x8jCw=\n-----END PRIVATE KEY-----\n","client_email":"hypertrace-helm-publisher@dataservices-0001.iam.gserviceaccount.com","client_id":"109280846210776701872","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/hypertrace-helm-publisher%40dataservices-0001.iam.gserviceaccount.com"} \ No newline at end of file From 94dfba231ea4b8ab37dd97a332bf94d9fcc49ea1 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 12:16:22 +0530 Subject: [PATCH 5/7] add specific path for new PR --- .github/workflows/update-docker-args.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/update-docker-args.yml b/.github/workflows/update-docker-args.yml index f46e4c4..d410f2a 100644 --- a/.github/workflows/update-docker-args.yml +++ b/.github/workflows/update-docker-args.yml @@ -40,6 +40,9 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} title: Update docker args (Automated) + add-paths: | + java-11/base.image + java-21/base.image body: | # Autogenerated docker args update: digest: ${{ steps.args.outputs.digest }} From c7d2b1ad2a9b598d01e32b0f9e5fdca1bbc1e3c9 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 12:24:29 +0530 Subject: [PATCH 6/7] update step condition --- .github/workflows/update-docker-args.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-docker-args.yml b/.github/workflows/update-docker-args.yml index d410f2a..b09a7a2 100644 --- a/.github/workflows/update-docker-args.yml +++ b/.github/workflows/update-docker-args.yml @@ -51,7 +51,7 @@ jobs: branch-suffix: timestamp - name: Enable Pull Request Automerge - if: steps.args.outputs.digest != 'null' + if: steps.create-pull-request.outputs.pull-request-number != '' uses: peter-evans/enable-pull-request-automerge@v3 with: token: ${{ secrets.GITHUB_TOKEN }} @@ -59,7 +59,7 @@ jobs: merge-method: squash # - name: Approve Pull Request - # if: steps.args.outputs.digest != 'null' + # if: steps.create-pull-request.outputs.pull-request-number != '' # uses: juliangruber/approve-pull-request-action@v2 # with: # github-token: ${{ secrets.GITHUB_TOKEN }} From 5e0aa1b5cc0c592363807b05b26c04c8892c5f27 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 12 Aug 2024 12:29:36 +0530 Subject: [PATCH 7/7] ignore google credential file --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 1f93dfc..574a11a 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,6 @@ build .idea + +# Ignore google credential files created by Github Actions +gha-creds-*.json