giving ar.writer permissions to gh sa

.github/workflows/cloudrun-deploy.yaml

@@ -83,13 +83,13 @@ jobs:
       - name: Build and Push Backend
         run: |-
           cd backend/
-          docker build --target prod -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-backend:latest" ./
+          docker build --target BUILD -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-backend:latest" ./
           docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-backend:latest"
 
       - name: Build and Push Frontend
         run: |-
           cd frontend/
-          docker build --target prod -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-frontend:latest" ./
+          docker build --target BUILD -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-frontend:latest" ./
           docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/attractors-frontend:latest"
 
       # END - Docker auth and build

backend/Dockerfile

@@ -1,5 +1,5 @@
-### PROD ###
-FROM python:3.11-slim-buster as prod
+### BUILD ###
+FROM python:3.11-slim-buster as BUILD
 RUN apt-get update
 # Set the working directory to /app
 WORKDIR /app

frontend/Dockerfile

@@ -1,5 +1,5 @@
-### PROD ###
-FROM python:3.11-slim-buster as prod
+### BUILD ###
+FROM python:3.11-slim-buster as BUILD
 RUN apt-get update
 # Set the working directory to /app
 WORKDIR /app

terraform/gh-id-federation/main.tf

@@ -20,6 +20,12 @@ resource "google_service_account" "sa" {
   account_id = "gh-federation-sa"
 }
 
+resource "google_project_iam_member" "artifact_registry_writer" {
+  project = var.project_id
+  role    = "roles/artifactregistry.writer"
+  member  = "serviceAccount:${google_service_account.sa.email}"
+}
+
 resource "google_project_iam_member" "project" {
   project = var.project_id
   role    = "roles/storage.admin"