search

FirebaseExtended / action-hosting-deploy

Automatically deploy shareable previews for your Firebase Hosting sites
https://firebase.google.com/docs/hosting/github-integration
Apache License 2.0
695 stars 202 forks source link

Enable use of 'Authenticate to Google Cloud' action #299

Open adelinn opened 1 year ago

adelinn commented 1 year ago

Makes the firebaseServiceAccount optional so that GOOGLE_APPLICATION_CREDENTIALS doesn't get overwritten if the option is not defined. Updated the readme examples to use 'Authenticate to Google Cloud' action with workload identity federation. I didn't update the built file and the code is also not tested.

google-cla[bot] commented 1 year ago

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

mvarchdev commented 11 months ago

@adelinn Hello. What is the status? We need this urgently.

adelinn commented 11 months ago

I need to accept the CLA in order to allow Google to use this code, but that requires me to recreate this pull request with commits that use my real email address instead of the hidden one GitHub provides. I'm not willing to do that, so this pull request will probably remain unmerged, but I allow anyone use the code I wrote for any purpose.

You could maybe fork my branch and sync it with the main branch and run it from your fork. (No idea about legal implications of this) Or a quick workaround is to put the contents of the credentials file the Authenticate with Google Cloud action creates into a github output and serve it to the firebase action this way.

Here is an example that makes use of workload identity federation:

      - id: auth
        name: 'Authenticate to Google Cloud'
        uses: 'google-github-actions/auth@v1'
        with:
          workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
          service_account: 'my-service-account@my-project.iam.gserviceaccount.com'

      - id: credential_json
        name: Prepare credentials for consumtion by firebase action
        run: cat ${{ steps.auth.outputs.credentials_file_path }} | tr '\n' ' ' | sed 's/^/value=/' >> $GITHUB_OUTPUT

      - id: firebase
        uses: FirebaseExtended/action-hosting-deploy@v0
        with:
          firebaseServiceAccount: "${{ steps.credential_json.outputs.value }}"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"
          projectId: your-Firebase-project-ID
          channelId: live
seth-acuitymd commented 10 months ago

@adelinn @mvarchdev - FYI i recreated these commits on https://github.com/FirebaseExtended/action-hosting-deploy/pull/319 but need to test further