From 4dd27ef8e1a9b7e1ddd35540481e06c0c5f0096f Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 13:41:40 -0600 Subject: [PATCH 1/6] Move setup-gcloud to floating V2 release --- .github/workflows/build-calitp-data-analysis.yml | 2 +- .github/workflows/build-calitp-data-infra.yml | 2 +- .github/workflows/build-warehouse-image.yml | 2 +- .github/workflows/deploy-airflow.yml | 2 +- .github/workflows/publish-docs.yml | 2 +- .github/workflows/sentry-release.yml | 2 +- .github/workflows/service-release-channel.yml | 2 +- .github/workflows/service-release-diff.yml | 2 +- .github/workflows/terraform-deploy.yml | 2 +- .github/workflows/terraform-report.yml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-calitp-data-analysis.yml b/.github/workflows/build-calitp-data-analysis.yml index 96d59a7575..958c987d42 100644 --- a/.github/workflows/build-calitp-data-analysis.yml +++ b/.github/workflows/build-calitp-data-analysis.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/build-calitp-data-infra.yml b/.github/workflows/build-calitp-data-infra.yml index d62994e2b1..2c50c5eed7 100644 --- a/.github/workflows/build-calitp-data-infra.yml +++ b/.github/workflows/build-calitp-data-infra.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/build-warehouse-image.yml b/.github/workflows/build-warehouse-image.yml index 0e4a3df02e..12c6bd394d 100644 --- a/.github/workflows/build-warehouse-image.yml +++ b/.github/workflows/build-warehouse-image.yml @@ -39,7 +39,7 @@ jobs: with: python-version: '3.9' - run: curl -sSL https://install.python-poetry.org | python - - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/deploy-airflow.yml b/.github/workflows/deploy-airflow.yml index ef56380d5e..e2726dcc07 100644 --- a/.github/workflows/deploy-airflow.yml +++ b/.github/workflows/deploy-airflow.yml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index 3ba1895fec..509d88d32e 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -22,7 +22,7 @@ jobs: with: python-version: 3.9 - run: pip install -r docs/requirements.txt - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yml index 28c97bea32..80ff0640a5 100644 --- a/.github/workflows/sentry-release.yml +++ b/.github/workflows/sentry-release.yml @@ -9,7 +9,7 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/service-release-channel.yml b/.github/workflows/service-release-channel.yml index 4d50390de7..222a780b32 100644 --- a/.github/workflows/service-release-channel.yml +++ b/.github/workflows/service-release-channel.yml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@v2 with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/service-release-diff.yml b/.github/workflows/service-release-diff.yml index b9dcdd7f1a..e203516f5b 100644 --- a/.github/workflows/service-release-diff.yml +++ b/.github/workflows/service-release-diff.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/terraform-deploy.yml b/.github/workflows/terraform-deploy.yml index 1dabeb3db9..11777df8ca 100644 --- a/.github/workflows/terraform-deploy.yml +++ b/.github/workflows/terraform-deploy.yml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 submodules: true - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/terraform-report.yml b/.github/workflows/terraform-report.yml index 3bd87b2cf8..df1a838ffa 100644 --- a/.github/workflows/terraform-report.yml +++ b/.github/workflows/terraform-report.yml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 submodules: true - - uses: google-github-actions/setup-gcloud@v0 + - uses: google-github-actions/setup-gcloud@v2 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true From c2125d6a67161a0bc98abdd2d16b48d575069ec3 Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 13:52:47 -0600 Subject: [PATCH 2/6] Compare results with v1 --- .github/workflows/build-calitp-data-analysis.yml | 2 +- .github/workflows/build-calitp-data-infra.yml | 2 +- .github/workflows/build-warehouse-image.yml | 2 +- .github/workflows/deploy-airflow.yml | 2 +- .github/workflows/publish-docs.yml | 2 +- .github/workflows/sentry-release.yml | 2 +- .github/workflows/service-release-channel.yml | 2 +- .github/workflows/service-release-diff.yml | 2 +- .github/workflows/terraform-deploy.yml | 2 +- .github/workflows/terraform-report.yml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-calitp-data-analysis.yml b/.github/workflows/build-calitp-data-analysis.yml index 958c987d42..fde5dfd797 100644 --- a/.github/workflows/build-calitp-data-analysis.yml +++ b/.github/workflows/build-calitp-data-analysis.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/build-calitp-data-infra.yml b/.github/workflows/build-calitp-data-infra.yml index 2c50c5eed7..e4ebc8af82 100644 --- a/.github/workflows/build-calitp-data-infra.yml +++ b/.github/workflows/build-calitp-data-infra.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/build-warehouse-image.yml b/.github/workflows/build-warehouse-image.yml index 12c6bd394d..ebf9324f42 100644 --- a/.github/workflows/build-warehouse-image.yml +++ b/.github/workflows/build-warehouse-image.yml @@ -39,7 +39,7 @@ jobs: with: python-version: '3.9' - run: curl -sSL https://install.python-poetry.org | python - - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/deploy-airflow.yml b/.github/workflows/deploy-airflow.yml index e2726dcc07..25705469ab 100644 --- a/.github/workflows/deploy-airflow.yml +++ b/.github/workflows/deploy-airflow.yml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index 509d88d32e..dfe272501e 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -22,7 +22,7 @@ jobs: with: python-version: 3.9 - run: pip install -r docs/requirements.txt - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yml index 80ff0640a5..50770b66cd 100644 --- a/.github/workflows/sentry-release.yml +++ b/.github/workflows/sentry-release.yml @@ -9,7 +9,7 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: export_default_credentials: true service_account_key: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/service-release-channel.yml b/.github/workflows/service-release-channel.yml index 222a780b32..0994e43255 100644 --- a/.github/workflows/service-release-channel.yml +++ b/.github/workflows/service-release-channel.yml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@v2 with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/service-release-diff.yml b/.github/workflows/service-release-diff.yml index e203516f5b..75c80db3ae 100644 --- a/.github/workflows/service-release-diff.yml +++ b/.github/workflows/service-release-diff.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/terraform-deploy.yml b/.github/workflows/terraform-deploy.yml index 11777df8ca..0a76b1c303 100644 --- a/.github/workflows/terraform-deploy.yml +++ b/.github/workflows/terraform-deploy.yml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 submodules: true - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true diff --git a/.github/workflows/terraform-report.yml b/.github/workflows/terraform-report.yml index df1a838ffa..a878689d28 100644 --- a/.github/workflows/terraform-report.yml +++ b/.github/workflows/terraform-report.yml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 submodules: true - - uses: google-github-actions/setup-gcloud@v2 + - uses: google-github-actions/setup-gcloud@v1 with: service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true From e087fc4f27d14f3ea83ac112b669d32ff0798003 Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 14:01:38 -0600 Subject: [PATCH 3/6] Experiment with auth action --- .github/workflows/build-calitp-data-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-calitp-data-analysis.yml b/.github/workflows/build-calitp-data-analysis.yml index fde5dfd797..6c04d3fa31 100644 --- a/.github/workflows/build-calitp-data-analysis.yml +++ b/.github/workflows/build-calitp-data-analysis.yml @@ -27,10 +27,10 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v1 - name: Run checks run: | curl -sSL https://install.python-poetry.org | python - From 5848b5d9106c9523a9a28b5432b76f31ff8442ad Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 14:08:27 -0600 Subject: [PATCH 4/6] Reinstate V2 on test workflow --- .github/workflows/build-calitp-data-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-calitp-data-analysis.yml b/.github/workflows/build-calitp-data-analysis.yml index 6c04d3fa31..6fc64862df 100644 --- a/.github/workflows/build-calitp-data-analysis.yml +++ b/.github/workflows/build-calitp-data-analysis.yml @@ -30,7 +30,7 @@ jobs: - uses: 'google-github-actions/auth@v2' with: credentials_json: '${{ secrets.GCP_SA_KEY }}' - - uses: google-github-actions/setup-gcloud@v1 + - uses: google-github-actions/setup-gcloud@v2 - name: Run checks run: | curl -sSL https://install.python-poetry.org | python - From adefd424299ee9aaafe9b42fbafefe5d44f93dec Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 14:20:28 -0600 Subject: [PATCH 5/6] Add auth step to all other impacted workflows --- .github/workflows/build-calitp-data-infra.yml | 6 +++--- .github/workflows/build-warehouse-image.yml | 6 +++--- .github/workflows/deploy-airflow.yml | 7 ++++--- .github/workflows/publish-docs.yml | 6 +++--- .github/workflows/sentry-release.yml | 6 +++--- .github/workflows/service-release-channel.yml | 6 +++--- .github/workflows/service-release-diff.yml | 6 +++--- .github/workflows/terraform-report.yml | 7 ++++--- 8 files changed, 26 insertions(+), 24 deletions(-) diff --git a/.github/workflows/build-calitp-data-infra.yml b/.github/workflows/build-calitp-data-infra.yml index e4ebc8af82..e990f5e1b1 100644 --- a/.github/workflows/build-calitp-data-infra.yml +++ b/.github/workflows/build-calitp-data-infra.yml @@ -27,10 +27,10 @@ jobs: - uses: actions/setup-python@v4 with: python-version: '3.9' - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - export_default_credentials: true - service_account_key: ${{ secrets.GCP_SA_KEY }} + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - name: Run checks run: | curl -sSL https://install.python-poetry.org | python - diff --git a/.github/workflows/build-warehouse-image.yml b/.github/workflows/build-warehouse-image.yml index ebf9324f42..2cc1050592 100644 --- a/.github/workflows/build-warehouse-image.yml +++ b/.github/workflows/build-warehouse-image.yml @@ -39,10 +39,10 @@ jobs: with: python-version: '3.9' - run: curl -sSL https://install.python-poetry.org | python - - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - export_default_credentials: true - service_account_key: ${{ secrets.GCP_SA_KEY }} + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - name: Compile dbt project working-directory: warehouse run: | diff --git a/.github/workflows/deploy-airflow.yml b/.github/workflows/deploy-airflow.yml index 25705469ab..68ae307c9b 100644 --- a/.github/workflows/deploy-airflow.yml +++ b/.github/workflows/deploy-airflow.yml @@ -16,10 +16,11 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - export_default_credentials: true - service_account_key: ${{ secrets.GCP_SA_KEY }} + credentials_json: '${{ secrets.GCP_SA_KEY }}' + + - uses: google-github-actions/setup-gcloud@v2 # Only update requirements if they have changed; Composer throws an error if there are no changes to apply - uses: tj-actions/changed-files@v35 diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index dfe272501e..09ae0976b6 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -22,10 +22,10 @@ jobs: with: python-version: 3.9 - run: pip install -r docs/requirements.txt - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - name: Build jupyter book run: jb build docs --warningiserror --keep-going # set doc to fail on any sphinx warning diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yml index 50770b66cd..ae33de8259 100644 --- a/.github/workflows/sentry-release.yml +++ b/.github/workflows/sentry-release.yml @@ -9,10 +9,10 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - export_default_credentials: true - service_account_key: ${{ secrets.GCP_SA_KEY }} + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - uses: 'google-github-actions/get-secretmanager-secrets@v1' id: secrets with: diff --git a/.github/workflows/service-release-channel.yml b/.github/workflows/service-release-channel.yml index 0994e43255..95c0bd1559 100644 --- a/.github/workflows/service-release-channel.yml +++ b/.github/workflows/service-release-channel.yml @@ -19,10 +19,10 @@ jobs: uses: actions/checkout@v2 with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - name: install auth plugin run: gcloud components install gke-gcloud-auth-plugin - uses: google-github-actions/get-gke-credentials@v1 diff --git a/.github/workflows/service-release-diff.yml b/.github/workflows/service-release-diff.yml index 75c80db3ae..63ef31bfb7 100644 --- a/.github/workflows/service-release-diff.yml +++ b/.github/workflows/service-release-diff.yml @@ -26,10 +26,10 @@ jobs: with: fetch-depth: 0 - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true + credentials_json: '${{ secrets.GCP_SA_KEY }}' + - uses: google-github-actions/setup-gcloud@v2 - run: gcloud components install gke-gcloud-auth-plugin - uses: google-github-actions/get-gke-credentials@v1 with: diff --git a/.github/workflows/terraform-report.yml b/.github/workflows/terraform-report.yml index a878689d28..c556bae81d 100644 --- a/.github/workflows/terraform-report.yml +++ b/.github/workflows/terraform-report.yml @@ -20,10 +20,11 @@ jobs: fetch-depth: 0 submodules: true - - uses: google-github-actions/setup-gcloud@v1 + - uses: 'google-github-actions/auth@v2' with: - service_account_key: ${{ secrets.GCP_SA_KEY }} - export_default_credentials: true + credentials_json: '${{ secrets.GCP_SA_KEY }}' + + - uses: google-github-actions/setup-gcloud@v2 - uses: hashicorp/setup-terraform@v2 with: From 06a7dce0163a2cf6e210cd65dae3db11099f0540 Mon Sep 17 00:00:00 2001 From: Soren Spicknall Date: Tue, 2 Jan 2024 14:32:16 -0600 Subject: [PATCH 6/6] Pin Python version to 3.11.7 because of distutils ref in utilized tool --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8641d9501a..610893dc39 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 with: - python-version: '3.12.0' + python-version: '3.11.7' - uses: pre-commit/action@v3.0.0 - uses: crate-ci/typos@master with: