3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 18:36:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

ci: publish cloudrun latest tag (#1398) (#1399)

Browse source 
* ci: publish cloudrun latest tag

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
This commit is contained in:
github-actions[bot] 2020-09-11 17:12:47 -04:00 committed by GitHub
parent 2839dcf732
commit b321f2ebf9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/release.yaml vendored
View file

@ -61,3 +61,6 @@ jobs:
docker tag pomerium/pomerium:arm64v8-${{ env.LATEST_TAG }} pomerium/pomerium:arm64v8-latest docker tag pomerium/pomerium:arm64v8-${{ env.LATEST_TAG }} pomerium/pomerium:arm64v8-latest
docker push pomerium/pomerium:arm64v8-latest docker push pomerium/pomerium:arm64v8-latest
docker tag gcr.io/pomerium-io/pomerium:${{ env.LATEST_TAG }}-cloudrun gcr.io/pomerium-io/pomerium:latest-cloudrun
docker push gcr.io/pomerium-io/pomerium:latest-cloudrun

2
docs/guides/cloud-run.md
View file

@ -34,7 +34,7 @@ This guide assumes you have Editor access to a Google Cloud project which can be
## Set Up ## Set Up
To deploy Pomerium to Cloud Run securely and easily, a special [image](https://console.cloud.google.com/gcr/images/pomerium-io/GLOBAL/pomerium) is available at `gcr.io/pomerium-io/pomerium-[version]-cloudrun`. It allows sourcing configuration from GCP Secrets Manager, and sets some defaults for Cloud Run to keep configuration minimal. We will be leveraging it in this example to store IdP credentials. Our policy contains no secrets so we can place it directly in an ENV var. To deploy Pomerium to Cloud Run securely and easily, a special [image](https://console.cloud.google.com/gcr/images/pomerium-io/GLOBAL/pomerium) is available at `gcr.io/pomerium-io/pomerium:[version]-cloudrun`. It allows sourcing configuration from GCP Secrets Manager, and sets some defaults for Cloud Run to keep configuration minimal. We will be leveraging it in this example to store IdP credentials. Our policy contains no secrets so we can place it directly in an ENV var.
[Dockerfile](https://github.com/pomerium/pomerium/blob/master/.github/Dockerfile-cloudrun) Based on [vals-entrypoint](https://github.com/pomerium/vals-entrypoint) [Dockerfile](https://github.com/pomerium/pomerium/blob/master/.github/Dockerfile-cloudrun) Based on [vals-entrypoint](https://github.com/pomerium/vals-entrypoint)

2
examples/cloudrun/deploy.sh
View file

@ -29,7 +29,7 @@ gcloud secrets add-iam-policy-binding pomerium-config \
# Deploy pomerium with policy and configuration references # Deploy pomerium with policy and configuration references
gcloud run deploy pomerium --region us-central1 --platform managed --allow-unauthenticated --max-instances 1 \ gcloud run deploy pomerium --region us-central1 --platform managed --allow-unauthenticated --max-instances 1 \
--image=gcr.io/pomerium-io/pomerium:v0.10.0-rc2-cloudrun \ --image=gcr.io/pomerium-io/pomerium:latest-cloudrun \
--set-env-vars VALS_FILES="/pomerium/config.yaml:ref+gcpsecrets://${PROJECT}/pomerium-config",POLICY=$(base64 policy.yaml) --set-env-vars VALS_FILES="/pomerium/config.yaml:ref+gcpsecrets://${PROJECT}/pomerium-config",POLICY=$(base64 policy.yaml)
# Set domain mappings for the protected routes and authenticate # Set domain mappings for the protected routes and authenticate