chore(deps): update terraform google to v6.17.0 #482
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: ['main'] | |
| tags: ['v*'] | |
| concurrency: | |
| group: '${{ github.workflow }} @ ${{ github.ref }}' | |
| cancel-in-progress: false | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Disable Terraform telemetry | |
| CHECKPOINT_DISABLE: "true" | |
| permissions: | |
| id-token: write # Required for aws-actions/configure-aws-credentials | |
| contents: read # Required for actions/checkout | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| provenance: mode=max | |
| sbom: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| terraform: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::803205869942:role/github-actions-aredn-cloud-tunnel | |
| aws-region: us-east-1 | |
| - name: Terraform Init | |
| run: cd infra && terraform init | |
| - name: Place secret variables | |
| run: | | |
| echo "${TFVARS}" | base64 -d > infra/variables.tfvars | |
| env: | |
| TFVARS: ${{ secrets.TFVARS }} | |
| - name: Terraform Destroy | |
| run: cd infra && terraform destroy -no-color -auto-approve -var-file=variables.tfvars | |
| terraform-gcp: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::803205869942:role/github-actions-aredn-cloud-tunnel | |
| aws-region: us-east-1 | |
| - name: Configure GCP Credentials | |
| uses: google-github-actions/auth@v2.1.7 | |
| with: | |
| create_credentials_file: 'true' | |
| workload_identity_provider: 'projects/820302097205/locations/global/workloadIdentityPools/aredn-cloud-tunnel-gcp/providers/github' | |
| service_account: 'oidc-service-account@supernode-401805.iam.gserviceaccount.com' | |
| - name: Terraform Init | |
| run: cd infra-gcp && terraform init | |
| - name: Place secret variables | |
| run: | | |
| echo "${TFVARS}" | base64 -d > infra-gcp/variables.tfvars | |
| env: | |
| TFVARS: ${{ secrets.GCP_TFVARS }} | |
| - name: Terraform Destroy | |
| run: cd infra-gcp && terraform destroy -no-color -auto-approve -var-file=variables.tfvars |