-
Notifications
You must be signed in to change notification settings - Fork 5
55 lines (54 loc) · 1.96 KB
/
cherry-pick-image.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Note that this action is called from the UI build process:
# https://github.com/DataBiosphere/jade-data-repo-ui/blob/develop/.github/workflows/dev-image-update.yaml#L95
# Changes merged here require a version bump in that action.
name: cherry-pick-image
on:
workflow_call:
inputs:
gcr_tag:
description: tag to cherry pick
type: string
required: true
source_gcr_url:
type: string
required: true
target_gcr_url:
type: string
required: true
workflow_dispatch:
inputs:
gcr_tag:
description: tag to cherry pick
type: string
required: true
source_gcr_url:
description: gcr url to cherry pick image from
type: string
required: true
target_gcr_url:
description: gcr url to cherry pick image to
type: string
required: true
jobs:
cherry-pick-image:
runs-on: ubuntu-latest
# Needed for integration with workload identity
permissions:
contents: 'read'
id-token: 'write'
steps:
# Needed for integration with workload identity
- name: Checkout code
uses: actions/checkout@v4
- name: 'Auth as gcr-sa'
uses: 'google-github-actions/auth@v2'
with:
# Centralized in dsp-tools-k8s; ask in #dsp-devops-champions for help troubleshooting
workload_identity_provider: 'projects/1038484894585/locations/global/workloadIdentityPools/github-wi-pool/providers/github-wi-provider'
service_account: '[email protected]'
- name: "Perform cherry-pick"
run: |
SOURCE_IMAGE="${{ inputs.source_gcr_url }}:${{ inputs.gcr_tag }}"
TARGET_IMAGE="${{ inputs.target_gcr_url }}:${{ inputs.gcr_tag }}"
echo "Cherry picking ${{ inputs.gcr_tag }} from ${SOURCE_IMAGE} to ${TARGET_IMAGE}"
gcloud container images add-tag --quiet "${SOURCE_IMAGE}" "${TARGET_IMAGE}"