diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 65b1931..1dfbfb2 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -10,21 +10,23 @@ jobs: runs-on: ubuntu-latest permissions: id-token: write + contents: read steps: - - name: Checkout actions-oidc-debugger - uses: actions/checkout@v3 - with: - repository: github/actions-oidc-debugger - ref: main - # token: ${{ secrets.your-checkout-token }} - path: ./.github/actions/actions-oidc-debugger - - name: Debug OIDC Claims - uses: ./.github/actions/actions-oidc-debugger - with: - audience: '${{ github.server_url }}/${{ github.repository_owner }}' - # - name: Check out repo - # uses: actions/checkout@v4 + # - name: Checkout actions-oidc-debugger + # uses: actions/checkout@v3 + # with: + # repository: github/actions-oidc-debugger + # ref: main + # # token: ${{ secrets.your-checkout-token }} + # path: ./.github/actions/actions-oidc-debugger + # - name: Debug OIDC Claims + # uses: ./.github/actions/actions-oidc-debugger + # with: + # audience: '${{ github.server_url }}/${{ github.repository_owner }}' + + - name: Check out repo + uses: actions/checkout@v4 # - name: Install firebase-tools # run: npm install -g firebase-tools # - name: Authenticate to Google @@ -34,6 +36,15 @@ jobs: # create_credentials_file: true # export_environment_variables: true # cleanup_credentials: true + - name: Authenticate to Google + uses: 'google-github-actions/auth@v2' + with: + workload_identity_provider: 'projects/705985154569/locations/global/workloadIdentityPools/kipr-github-identity-pool/providers/github' + create_credentials_file: true + export_environment_variables: true + cleanup_credentials: true + - name: Output directory contents + run: ls # - name: Install dependencies # run: npm install # - name: Build