forked from darkbitio/gcp-iam-role-permissions
-
Notifications
You must be signed in to change notification settings - Fork 4
36 lines (32 loc) · 1.07 KB
/
fetch-all-roles.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Fetch all roles
on:
workflow_dispatch:
schedule:
- cron: "0 12 * * *"
jobs:
fetch:
runs-on: ubuntu-latest
permissions:
id-token: 'write'
steps:
- name: checkout repo
uses: actions/checkout@v2
with:
token: ${{ secrets.TOKEN }}
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/[email protected]'
with:
workload_identity_provider: 'projects/376681942354/locations/global/workloadIdentityPools/github-identity-pool/providers/github-oidc-provider'
service_account: '[email protected]'
# Install gcloud, `setup-gcloud` automatically picks up authentication from `auth`.
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v0'
- name: 'Fetch all IAM Roles'
run: ./fetch-all-roles.sh
- name: 'Commit, Tag, and Release'
run: ./.github/commit-and-release.sh
env:
TOKEN: ${{ secrets.TOKEN }}
NAME: ${{ secrets.NAME }}
EMAIL: ${{ secrets.EMAIL }}