3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

ci: publish cloudrun latest tag (#1398)

Browse source 
* ci: publish cloudrun latest tag
This commit is contained in:
Travis Groth 2020-09-11 17:05:18 -04:00 committed by GitHub
parent a19e45334b
commit f812ec5812
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/release.yaml vendored
View file

@ -61,3 +61,6 @@ jobs:
docker tag pomerium/pomerium:arm64v8-${{ env.LATEST_TAG }} pomerium/pomerium:arm64v8-latest
docker push pomerium/pomerium:arm64v8-latest
docker tag gcr.io/pomerium-io/pomerium:${{ env.LATEST_TAG }}-cloudrun gcr.io/pomerium-io/pomerium:latest-cloudrun
docker push gcr.io/pomerium-io/pomerium:latest-cloudrun

2
docs/guides/cloud-run.md
View file

@ -34,7 +34,7 @@ This guide assumes you have Editor access to a Google Cloud project which can be
## Set Up
To deploy Pomerium to Cloud Run securely and easily, a special [image](https://console.cloud.google.com/gcr/images/pomerium-io/GLOBAL/pomerium) is available at `gcr.io/pomerium-io/pomerium-[version]-cloudrun`. It allows sourcing configuration from GCP Secrets Manager, and sets some defaults for Cloud Run to keep configuration minimal. We will be leveraging it in this example to store IdP credentials. Our policy contains no secrets so we can place it directly in an ENV var.
To deploy Pomerium to Cloud Run securely and easily, a special [image](https://console.cloud.google.com/gcr/images/pomerium-io/GLOBAL/pomerium) is available at `gcr.io/pomerium-io/pomerium:[version]-cloudrun`. It allows sourcing configuration from GCP Secrets Manager, and sets some defaults for Cloud Run to keep configuration minimal. We will be leveraging it in this example to store IdP credentials. Our policy contains no secrets so we can place it directly in an ENV var.
[Dockerfile](https://github.com/pomerium/pomerium/blob/master/.github/Dockerfile-cloudrun) Based on [vals-entrypoint](https://github.com/pomerium/vals-entrypoint)

2
examples/cloudrun/deploy.sh
View file

@ -29,7 +29,7 @@ gcloud secrets add-iam-policy-binding pomerium-config \
# Deploy pomerium with policy and configuration references
gcloud run deploy pomerium --region us-central1 --platform managed --allow-unauthenticated --max-instances 1 \
--image=gcr.io/pomerium-io/pomerium:v0.10.0-rc2-cloudrun \
--image=gcr.io/pomerium-io/pomerium:latest-cloudrun \
--set-env-vars VALS_FILES="/pomerium/config.yaml:ref+gcpsecrets://${PROJECT}/pomerium-config",POLICY=$(base64 policy.yaml)
# Set domain mappings for the protected routes and authenticate