From 76d4ed92f38417ed3dd7745cb49e506c8647fc7d Mon Sep 17 00:00:00 2001 From: Jan Calanog Date: Thu, 7 Nov 2024 21:26:53 +0100 Subject: [PATCH 1/3] ci: use oblt-actions/github/auth action --- .github/actions/system-test/action.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/actions/system-test/action.yml b/.github/actions/system-test/action.yml index 1e93c9ab..b6c329ac 100644 --- a/.github/actions/system-test/action.yml +++ b/.github/actions/system-test/action.yml @@ -13,15 +13,10 @@ runs: - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.4.6 - - id: gcp-auth - uses: 'google-github-actions/auth@v2' - with: - project_id: 'elastic-observability' - workload_identity_provider: '${{ inputs.workload-identity-provider }}' + - uses: 'elastic/oblt-actions/google/auth@v1' - uses: 'google-github-actions/setup-gcloud@v2' - uses: 'google-github-actions/get-gke-credentials@v2' with: - project_id: ${{ steps.gcp-auth.outputs.project_id }} cluster_name: 'autopilot-oblt' location: 'us-central1' - uses: actions/setup-go@v5 From b1ca43ba5b61fa9c0b4980eb10f26044f5d4592e Mon Sep 17 00:00:00 2001 From: Jan Calanog Date: Thu, 7 Nov 2024 21:39:57 +0100 Subject: [PATCH 2/3] chore: cleanup unused input --- .github/actions/system-test/action.yml | 5 ----- .github/workflows/system-test.yml | 2 -- 2 files changed, 7 deletions(-) diff --git a/.github/actions/system-test/action.yml b/.github/actions/system-test/action.yml index b6c329ac..ed599607 100644 --- a/.github/actions/system-test/action.yml +++ b/.github/actions/system-test/action.yml @@ -2,11 +2,6 @@ name: system-test description: Steps to run system test -inputs: - workload-identity-provider: - description: 'GCP Workload Identity Provider' - required: true - runs: using: composite steps: diff --git a/.github/workflows/system-test.yml b/.github/workflows/system-test.yml index 2170e0f2..d2bc56d4 100644 --- a/.github/workflows/system-test.yml +++ b/.github/workflows/system-test.yml @@ -23,5 +23,3 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository ) uses: ./.github/actions/system-test - with: - workload-identity-provider: '${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}' From d64c6ca252303a9796d87680a3054b0633a6c7eb Mon Sep 17 00:00:00 2001 From: Jan Calanog Date: Thu, 7 Nov 2024 21:42:38 +0100 Subject: [PATCH 3/3] chore: add comment where to find the permission configuration --- .github/actions/system-test/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/actions/system-test/action.yml b/.github/actions/system-test/action.yml index ed599607..046bc978 100644 --- a/.github/actions/system-test/action.yml +++ b/.github/actions/system-test/action.yml @@ -8,6 +8,8 @@ runs: - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.4.6 + # The permissions for this action are set up + # at https://github.com/elastic/oblt-infra/blob/main/conf/resources/repos/apm-queue/01-gcp-oidc.tf - uses: 'elastic/oblt-actions/google/auth@v1' - uses: 'google-github-actions/setup-gcloud@v2' - uses: 'google-github-actions/get-gke-credentials@v2'