chore: add a workflow to push to a docker repository to share with se…

…lf-hosted clients
ParabolInc · Nov 15, 2024 · 269951a · 269951a
1 parent 6c23549
commit 269951a
Showing 1 changed file with 49 additions and 0 deletions.
diff --git a/.github/workflows/docker-external.yml b/.github/workflows/docker-external.yml
@@ -0,0 +1,49 @@
+name: Ironbank Image Upload
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_number:
+        description: "Version number of the Parabol application image to process"
+        required: true
+
+jobs:
+  pull-and-upload:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: "read"
+      id-token: "write"
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup environment variables
+        run: |
+          DOCKER_REPOSITORY_FOR_REF=${{ secrets.GCP_AR_PARABOL}}
+          echo "DOCKER_REPOSITORY_FOR_REF=${DOCKER_REPOSITORY_FOR_REF}" >> $GITHUB_ENV
+
+      - name: Set up Docker
+        uses: docker/setup-buildx-action@v3
+
+      - id: "auth"
+        name: "Authenticate to Google Cloud"
+        uses: "google-github-actions/auth@v2"
+        with:
+          token_format: "access_token"
+          workload_identity_provider: ${{ secrets.GCP_WI_PROVIDER_NAME }}
+          service_account: ${{ secrets.GCP_SA_EMAIL }}
+
+      - uses: "docker/login-action@v3"
+        with:
+          registry: ${{ secrets.GCP_DOCKER_REGISTRY }}
+          username: "oauth2accesstoken"
+          password: "${{ steps.auth.outputs.access_token }}"
+
+      - name: Pull Docker image from GCP
+        run: docker pull ${{ env.DOCKER_REPOSITORY_FOR_REF }}:v${{ github.event.inputs.version_number }}
+
+      - name: Push Docker image to the external repository
+        run: |-
+          gcloud container images add-tag -q \
+          ${{ secrets.GCP_AR_PARABOL }}:v${{ github.event.inputs.version_number }}  \
+          ${{ secrets.GCP_AR_PARABOL_EXTERNAL }}:v${{ github.event.inputs.version_number }}