From 28c2e9f17e2f456310cff0eebc036775fe15913b Mon Sep 17 00:00:00 2001 From: Matthew Huebert Date: Mon, 27 Jan 2025 12:50:36 +0100 Subject: [PATCH] Test opengen bucket permissions --- .github/workflows/opengen_bucket_test.yml | 35 +++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/opengen_bucket_test.yml diff --git a/.github/workflows/opengen_bucket_test.yml b/.github/workflows/opengen_bucket_test.yml new file mode 100644 index 0000000..20af9dc --- /dev/null +++ b/.github/workflows/opengen_bucket_test.yml @@ -0,0 +1,35 @@ +name: Test opengen bucket permissions + +on: + push: + branches: + - main + + +jobs: + Deploy: + runs-on: ubuntu-latest + permissions: + contents: 'read' + id-token: 'write' + + steps: + - uses: 'actions/checkout@v4' + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v2 + + - name: Authenticate with Google Cloud + uses: 'google-github-actions/auth@v2.1.3' + with: + project_id: 'opengen-437315' + workload_identity_provider: 'projects/557148610837/locations/global/workloadIdentityPools/gen-website-private-publishers/providers/github' + service_account: 'gen-website-private-admin@opengen-437315.iam.gserviceaccount.com' + audience: '//iam.googleapis.com/projects/557148610837/locations/global/workloadIdentityPools/gen-website-private-publishers/providers/github' + + - name: Deploy test file to Google Cloud Storage + run: | + echo "This is a test file" > test-file.txt + BUCKET_PATH="gs://opengen-websites/test-file.txt" + gcloud storage cp test-file.txt $BUCKET_PATH + echo "Test file deployed to $BUCKET_PATH"