diff --git a/.github/workflows/artifactory.yml b/.github/workflows/artifactory.yml index a69e2db40..7cdb5ea50 100644 --- a/.github/workflows/artifactory.yml +++ b/.github/workflows/artifactory.yml @@ -1,4 +1,4 @@ -name: Blueprint for Github Actions Usage (Push to PyPi Repository) +name: Artifactory Deployment of PyPi and trace-viewer on: push: {} @@ -6,7 +6,7 @@ on: env: ARTIFACTORY_URL: https://alephalpha.jfrog.io ARTIFACTORY_PYPI_REPOSITORY: "intelligence-layer" - ARTIFACTORY_DOCKER_REGISTRY: https://alephalpha.jfrog.io/intelligence-layer + ARTIFACTORY_DOCKER_REGISTRY: alephalpha.jfrog.io/intelligence-layer-images jobs: push-to: @@ -19,7 +19,8 @@ jobs: run: | ID_TOKEN=$(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \ "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https://alephalpha.jfrog.io" | jq .value | tr -d '"') - echo "ID_TOKEN=${ID_TOKEN}" >> $GITHUB_ENV + echo $(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \ + "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https://alephalpha.jfrog.io") - name: Get Jfrog Access Token with Github Identity Token env: ID_TOKEN: ${{ env.ID_TOKEN }} @@ -31,7 +32,14 @@ jobs: -d \ "{\"grant_type\": \"urn:ietf:params:oauth:grant-type:token-exchange\", \"subject_token_type\":\"urn:ietf:params:oauth:token-type:id_token\", \"subject_token\": \"$ID_TOKEN\", \"provider_name\": \"github\"}" \ | jq .access_token -r) + echo $(curl \ + -X POST \ + -H "Content-type: application/json" \ + $ARTIFACTORY_URL/access/api/v1/oidc/token \ + -d \ + "{\"grant_type\": \"urn:ietf:params:oauth:grant-type:token-exchange\", \"subject_token_type\":\"urn:ietf:params:oauth:token-type:id_token\", \"subject_token\": \"$ID_TOKEN\", \"provider_name\": \"github\"}") echo "JFROG_ACCESS_TOKEN=${JFROG_ACCESS_TOKEN}" >> $GITHUB_ENV + echo $JFROG_ACCESS_TOKEN - name: Checkout uses: actions/checkout@v2 - uses: actions/setup-python@v5 @@ -50,7 +58,9 @@ jobs: poetry build poetry config repositories.artifactory $ARTIFACTORY_URL/artifactory/api/pypi/$ARTIFACTORY_PYPI_REPOSITORY JFROG_ACCESS_TOKEN_SUBJECT=$(echo $JFROG_ACCESS_TOKEN | awk -F'.' '{print $2}' | sed 's/.\{1,3\}$/&==/' | base64 -d | jq '.sub' -r) - poetry config http-basic.blueprint-python "$JFROG_ACCESS_TOKEN_SUBJECT" "$JFROG_ACCESS_TOKEN" + echo $JFROG_ACCESS_TOKEN + echo $JFROG_ACCESS_TOKEN_SUBJECT + poetry config http-basic.artifactory "$JFROG_ACCESS_TOKEN_SUBJECT" "$JFROG_ACCESS_TOKEN" poetry publish -r artifactory build-and-push-image: