docs(pubsub): add cloud storage subscription sample #4206
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "External Account Integration" | |
# Build on pull requests and pushes to `main`. The PR builds will be | |
# non-blocking for now, but that is configured elsewhere. | |
on: | |
pull_request: | |
push: | |
branches: [ 'main' ] | |
jobs: | |
# A minimal build to validate external account (aka Workload/Workforce | |
# Identity Federation, aka WIF, aka BYOID). As the name implies, external | |
# accounts support non-Google sources of identity, such as AWS, Azure, or | |
# GitHub. Most of our builds use Google Cloud Build (GCB), which is not | |
# usable in this case. | |
identity-federation-integration-test: | |
name: external-account-integration-test | |
runs-on: ubuntu-20.04 | |
# Add "id-token" with the intended permissions. | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
steps: | |
- name: install ninja | |
run: sudo apt install ninja-build | |
- uses: 'actions/checkout@v3' | |
- name: vcpkg-version | |
id: vcpkg-version | |
run: | | |
echo "version=$(cat ci/etc/vcpkg-version.txt)" >> "${GITHUB_OUTPUT}" | |
shell: bash | |
- name: clone-vcpkg | |
working-directory: "${{runner.temp}}" | |
run: | | |
mkdir -p vcpkg | |
curl -fsSL "https://github.com/microsoft/vcpkg/archive/${{ steps.vcpkg-version.outputs.version }}.tar.gz" | | |
tar -C vcpkg --strip-components=1 -zxf - | |
vcpkg/bootstrap-vcpkg.sh -disableMetrics | |
- name: cache-vcpkg | |
id: cache-vcpkg | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.cache/vcpkg | |
key: | | |
vcpkg-${{ steps.vcpkg-version.outputs.version }}-${{ hashFiles('vcpkg.json', '/usr/bin/g++', '/usr/bin/gcc') }} | |
restore-keys: | | |
vcpkg-${{ steps.vcpkg-version.outputs.version }}- | |
# Configuring CMake installs the dependencies from the vcpkg cache, or | |
# warms up said cache. | |
- name: configure | |
run: | | |
cmake -G Ninja -S . -B "${{runner.temp}}/build" \ | |
-DGOOGLE_CLOUD_CPP_ENABLE=storage,iam \ | |
-DCMAKE_TOOLCHAIN_FILE="${{runner.temp}}/vcpkg/scripts/buildsystems/vcpkg.cmake" | |
- uses: actions/cache/save@v3 | |
if: always() | |
with: | |
path: | | |
~/.cache/vcpkg | |
key: vcpkg-${{ steps.vcpkg-version.outputs.version }}-${{ hashFiles('vcpkg.json', '/usr/bin/g++', '/usr/bin/gcc') }} | |
- name: build | |
run: | | |
cmake --build "${{runner.temp}}/build" -j 2 \ | |
--target common_internal_external_account_integration_test | |
# Configure Workload Identity Federation and generate an access token. | |
- id: 'auth' | |
if: '!github.event.pull_request.head.repo.fork' | |
name: 'Authenticate to GCP' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
create_credentials_file: 'true' | |
workload_identity_provider: 'projects/49427430084/locations/global/workloadIdentityPools/github-wif-pool/providers/github-wif-provider' | |
service_account: 'github-actions@cloud-cpp-identity-federation.iam.gserviceaccount.com' | |
- id: 'test' | |
if: '!github.event.pull_request.head.repo.fork' | |
name: 'Run Integration Test' | |
env: | |
GOOGLE_APPLICATION_CREDENTIALS: "${{ steps.auth.outputs.credentials_file_path }}" | |
GOOGLE_CLOUD_CPP_TEST_WIF_BUCKET: "cloud-cpp-wif-test-bucket" | |
GOOGLE_CLOUD_CPP_EXPERIMENTAL_LOG_CONFIG: "lastN,1024,WARNING" | |
run: | | |
ctest --test-dir "${{runner.temp}}/build" --output-on-failure -R common_internal_external_account_integration_test |