From bcfc023a31823ab2b84957af51095ebf82a0b354 Mon Sep 17 00:00:00 2001
From: Francesco Medas <104889824+frankmeds@users.noreply.github.com>
Date: Wed, 7 Feb 2024 16:28:20 +0400
Subject: [PATCH] feat: DEVOPS-1247 move Scilla pipeline to GCP (#1247)

---
 .github/workflows/ci-image-dev.yml     | 12 +++++++-----
 .github/workflows/ci-image-release.yml | 14 ++++++++------
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/ci-image-dev.yml b/.github/workflows/ci-image-dev.yml
index 4ac3ab237..e812ee7ea 100644
--- a/.github/workflows/ci-image-dev.yml
+++ b/.github/workflows/ci-image-dev.yml
@@ -18,6 +18,9 @@ jobs:
       contents: write
     name: build
     runs-on: docker
+    env:
+      GCP_REGISTRY_DOMAIN: asia-docker.pkg.dev
+      GCP_REGISTRY: asia-docker.pkg.dev/${{ secrets.GCP_STG_REGISTRY_PROJECT_ID }}/zilliqa-private
     steps:
     - name: Clean environment
       # Prune the Docker resources created over 10 days before the current execution (change the value for a more/less aggressive cleanup).
@@ -36,10 +39,9 @@ jobs:
       with:
         file: docker/Dockerfile
         push: true
-        tag: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com/scilla
+        tag: ${{ env.GCP_REGISTRY }}/scilla
         tag-length: 8
-        registry: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com
-        aws-region: ${{ secrets.AWS_REGION_ZILLIQA }}
-        role-to-assume: ${{ secrets.ECR_DEPLOYER_ROLE }}
-        oidc-role: ${{ secrets.OIDC_ROLE }}
+        registry: ${{ env.GCP_REGISTRY_DOMAIN }}
+        workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}"
+        service-account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}"
         cache-key: ${{ github.event.repository.name }}
diff --git a/.github/workflows/ci-image-release.yml b/.github/workflows/ci-image-release.yml
index 0b3cf335a..8ae6c9c7f 100644
--- a/.github/workflows/ci-image-release.yml
+++ b/.github/workflows/ci-image-release.yml
@@ -17,6 +17,9 @@ jobs:
       id-token: write
       contents: write
     runs-on: docker
+    env:
+      GCP_REGISTRY_DOMAIN: asia-docker.pkg.dev
+      GCP_REGISTRY: asia-docker.pkg.dev/${{ secrets.GCP_PRD_REGISTRY_PROJECT_ID }}/zilliqa-private
     steps:
     - name: 'Checkout scm ${{ inputs.commitOrTag }}'
       uses: actions/checkout@v3
@@ -42,17 +45,16 @@ jobs:
           echo "latest=false" >> $GITHUB_OUTPUT
         fi
       shell: bash
-    - name: Docker build and push
+    - name: Docker build and push (GCP)
       uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1
       with:
         file: docker/Dockerfile
         push: true
-        tag: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com/scilla:${{ steps.set-tag.outputs.tag }}
+        tag: ${{ env.GCP_REGISTRY }}/scilla:${{ steps.set-tag.outputs.tag }}
         tag-latest: ${{ steps.check-latest.outputs.latest }}
-        registry: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com
-        aws-region: ${{ secrets.AWS_REGION_ZILLIQA }}
-        role-to-assume: ${{ secrets.ECR_DEPLOYER_ROLE }}
-        oidc-role: ${{ secrets.OIDC_ROLE }}
+        registry: ${{ env.GCP_REGISTRY_DOMAIN }}
+        workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}"
+        service-account: "${{ secrets.GCP_PRD_GITHUB_SA_DOCKER_REGISTRY }}"
         cache-key: ${{ github.event.repository.name }}
     - name: Docker build and push (Dockerhub)
       uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1