Skip to content

fix(engine): accept ISO/IEC 23220-2:2026 issuing_authority alongside … #12

fix(engine): accept ISO/IEC 23220-2:2026 issuing_authority alongside …

fix(engine): accept ISO/IEC 23220-2:2026 issuing_authority alongside … #12

Workflow file for this run

name: Release
on:
push:
branches: [main]
tags: ['v*']
workflow_dispatch:
# Required for keyless auth to GCP via Workload Identity Federation.
permissions:
contents: read
id-token: write
jobs:
release:
runs-on: ubuntu-latest
env:
IMAGE_REPO: ${{ vars.IMAGE_REPO }}
VERSION: ${{ github.ref_type == 'tag' && github.ref_name || format('sha-{0}', github.sha) }}
steps:
- uses: actions/checkout@v4
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v3
with:
workload_identity_provider: ${{ vars.GCP_WIF_PROVIDER }}
service_account: ${{ vars.GCP_DEPLOYER_SA }}
token_format: access_token
- name: Configure Docker for eu.gcr.io
run: gcloud auth configure-docker eu.gcr.io --quiet
- uses: docker/setup-buildx-action@v4
- name: Build and push image
uses: docker/build-push-action@v7
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
push: true
tags: |
${{ env.IMAGE_REPO }}:${{ env.VERSION }}
${{ env.IMAGE_REPO }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Set up gcloud + kubectl
uses: google-github-actions/setup-gcloud@v3
with:
install_components: gke-gcloud-auth-plugin,kubectl
- name: Get GKE credentials
uses: google-github-actions/get-gke-credentials@v2
with:
cluster_name: ${{ vars.GKE_CLUSTER }}
location: ${{ vars.GKE_LOCATION }}
- name: Roll deployment to new image
run: |
kubectl -n ${{ vars.K8S_NAMESPACE }} set image \
deployment/${{ vars.K8S_DEPLOYMENT }} \
${{ vars.K8S_CONTAINER }}=${{ env.IMAGE_REPO }}:${{ env.VERSION }}
kubectl -n ${{ vars.K8S_NAMESPACE }} rollout status \
deployment/${{ vars.K8S_DEPLOYMENT }} --timeout=5m