UPD: change google auth to service provider #29
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create User DB | |
| on: | |
| push: | |
| branches: | |
| - feat/cloudsql-gh-action | |
| workflow_dispatch: | |
| inputs: | |
| email: | |
| description: where to send the email | |
| required: true | |
| jobs: | |
| create-db: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - id: 'generate-db-id' | |
| name: 'generate db id' | |
| uses: 'yakubique/[email protected]' | |
| with: | |
| min: 111111 | |
| max: 999999 | |
| - id: 'generate-db-pw' | |
| uses: aammirmirza/[email protected] | |
| with: | |
| length: 15 | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| workload_identity_provider: "projects/1006240973223/locations/global/workloadIdentityPools/docker-image-workflow-pool/providers/github-actions-provider" | |
| service_account: "[email protected]" | |
| access_token_lifetime: 300s | |
| create_credentials_file: true | |
| cleanup_credentials: true | |
| access_token_scopes: https://www.googleapis.com/auth/cloud-platform | |
| id_token_include_email: false | |
| - id: 'Set_up_Cloud_SDK' | |
| name: 'Set up Cloud SDK' | |
| uses: 'google-github-actions/setup-gcloud@v2' | |
| - name: 'Use gcloud CLI to create DB' | |
| run: 'gcloud sql databases create ${{ steps.generate-db-id.outputs.number }} --instance=idp-postgres-db' | |
| - name: 'create db user' | |
| continue-on-error: true | |
| run: 'gcloud sql users create ${{ steps.generate-db-id.outputs.number }} --instance=idp-postgres-db --password=${{ steps.generate-db-pw.outputs.password }}' | |
| - name: 'pg login to db' | |
| continue-on-error: true | |
| run: 'gcloud sql connect idp-postgres-db --user=postgres' | |
| - name: 'pg grant db user permission on db' | |
| continue-on-error: true | |
| run: 'GRANT CONNECT ON DATABASE ${{ steps.generate-db-id.outputs.number }} TO ${{ steps.generate-db-id.outputs.number }};' | |
| - name: Send mail | |
| uses: dawidd6/action-send-mail@v3 | |
| with: | |
| server_address: mail.your-server.de | |
| server_port: 465 | |
| secure: true | |
| username: [email protected] | |
| password: ${{secrets.MAIL_PASSWORD}} | |
| subject: CODE IDP Database Created! ✨ | |
| to: ${{ github.event.inputs.email }} | |
| from: The friendly code idp bot | |
| body: 'Your database has been created! 🎉 Your DB ID and Username is: ${{ steps.generate-db-id.outputs.number }} The Password is: ${{ steps.generate-db-pw.outputs.password }}' |