From d4c5fef5ee96dce4766dcbceea046a6428de1841 Mon Sep 17 00:00:00 2001 From: Andrew Dryga Date: Mon, 13 May 2024 13:36:00 -0600 Subject: [PATCH] Copy images before deploying production --- .github/workflows/_deploy_production.yml | 38 ++++++++++++++++++++++++ .github/workflows/publish.yml | 38 ------------------------ 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/_deploy_production.yml b/.github/workflows/_deploy_production.yml index 7da4896ee..a04044a8d 100644 --- a/.github/workflows/_deploy_production.yml +++ b/.github/workflows/_deploy_production.yml @@ -68,6 +68,44 @@ jobs: -t ${{ steps.login-production.outputs.registry }}/firezone/${image}:${MAJOR_MINOR_VERSION} \ $SOURCE_TAG done + - name: Authenticate to Google Cloud + id: auth + uses: google-github-actions/auth@v2 + with: + workload_identity_provider: "projects/397012414171/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions" + service_account: "github-actions@github-iam-387915.iam.gserviceaccount.com" + export_environment_variables: true + create_credentials_file: true + - name: Copy Google Cloud Storage binaries to "latest" version + run: | + set -xe + + IMAGES=(firezone-gateway) + ARCHITECTURES=(x86_64 aarch64 armv7) + MAJOR_VERSION="${VERSION%%.*}" + MAJOR_MINOR_VERSION="${VERSION%.*}" + + for image in "${IMAGES[@]}"; do + for arch in "${ARCHITECTURES[@]}"; do + # Copy sha256sum.txt + gcloud storage cp \ + gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch}.sha256sum.txt \ + gs://firezone-prod-artifacts/${image}/latest/${arch}.sha256sum.txt + + gcloud storage cp \ + gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch}.sha256sum.txt \ + gs://firezone-prod-artifacts/${image}/${{ env.VERSION }}/${arch}.sha256sum.txt + + # Copy binaries + gcloud storage cp \ + gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch} \ + gs://firezone-prod-artifacts/${image}/latest/${arch} + + gcloud storage cp \ + gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch} \ + gs://firezone-prod-artifacts/${image}/${{ env.VERSION }}/${arch} + done + done deploy-production: needs: push diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0f28dd750..84d3c64f2 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -59,41 +59,3 @@ jobs: -t ghcr.io/firezone/${image}:${MAJOR_MINOR_VERSION} \ $SOURCE_TAG done - - name: Authenticate to Google Cloud - id: auth - uses: google-github-actions/auth@v2 - with: - workload_identity_provider: "projects/397012414171/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions" - service_account: "github-actions@github-iam-387915.iam.gserviceaccount.com" - export_environment_variables: true - create_credentials_file: true - - name: Copy Google Cloud Storage binaries to "latest" version - run: | - set -xe - - IMAGES=(firezone-gateway) - ARCHITECTURES=(x86_64 aarch64 armv7) - MAJOR_VERSION="${VERSION%%.*}" - MAJOR_MINOR_VERSION="${VERSION%.*}" - - for image in "${IMAGES[@]}"; do - for arch in "${ARCHITECTURES[@]}"; do - # Copy sha256sum.txt - gcloud storage cp \ - gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch}.sha256sum.txt \ - gs://firezone-prod-artifacts/${image}/latest/${arch}.sha256sum.txt - - gcloud storage cp \ - gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch}.sha256sum.txt \ - gs://firezone-prod-artifacts/${image}/${{ env.VERSION }}/${arch}.sha256sum.txt - - # Copy binaries - gcloud storage cp \ - gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch} \ - gs://firezone-prod-artifacts/${image}/latest/${arch} - - gcloud storage cp \ - gs://firezone-staging-artifacts/${image}/${{ env.VERSION }}-${{ inputs.sha }}/${arch} \ - gs://firezone-prod-artifacts/${image}/${{ env.VERSION }}/${arch} - done - done