From 3b7fb59565b367365d99c0b547f421aab9e2f602 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Thu, 3 Feb 2022 09:30:22 -0500 Subject: [PATCH] docs: add gar and gcr example (#128) --- README.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/README.md b/README.md index 5e40383..45001bb 100644 --- a/README.md +++ b/README.md @@ -277,6 +277,49 @@ jobs: credentials_json: '${{ secrets.GOOGLE_CREDENTIALS }}' ``` +### Authenticating to Container Registry and Artifact Registry + +This example demonstrates authenticating to Google Container Registry (GCR) or +Google Artifact Registry (GAR). The most common way to authenticate to these +services is via a gcloud docker proxy. However, you can authenticate to these +registries directly using the `auth` action: + +- **Username:** `oauth2accesstoken` +- **Password:** `${{ steps.auth.outputs.access_token }}` + +You must set `token_format: access_token` in your Action YAML. Here are a few +examples: + +```yaml +jobs: + job_id: + steps: + - uses: 'actions/checkout@v2' + + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@v0' + with: + token_format: 'access_token' + # Either user Workload Identity Federation or Service Account Keys. See + # above more more examples + + # This example uses the docker login action + - uses: 'docker/login-action@v1' + with: + registry: 'gcr.io' # or REGION.docker.pkg.dev + username: 'oauth2accesstoken' + password: '${{ steps.auth.outputs.access_token }}' + + # This example runs "docker login" directly to Artifact Registry. + - run: |- + echo '${{ steps.auth.outputs.access_token }}' | docker login -u oauth2accesstoken --password-stdin https://REGION-docker.pkg.dev + + # This example runs "docker login" directly to Container Registry. + - run: |- + echo '${{ steps.auth.outputs.access_token }}' | docker login -u oauth2accesstoken --password-stdin https://gcr.io +``` + ### Configuring gcloud This example demonstrates using this GitHub Action to configure authentication