Make pushes dependent on environment variables.

This means that forks can still deploy to either GAR or Dockerhub depending on which credentials that have been configured with, and skips any that are missing.
mozilla-services · Sep 19, 2024 · f73212b · f73212b
1 parent f61ca37
commit f73212b
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -28,26 +28,29 @@ jobs:
         with:
           images: |
             ${{ vars.DOCKERHUB_REPO }}
-            ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY}}/autograph-edge
+            ${{ vars.GCP_PROJECT_ID && format('{0}-docker.pkg.dev/{1}/{2}/autograph-edge', vars.GAR_LOCATION, vars.GCP_PROJECT_ID, vars.GAR_REPOSITORY) }}
           tags: |
             type=semver,pattern={{raw}}
             type=raw,value=latest,enable={{is_default_branch}}
 
       - id: gcp-auth
+        if: ${{ vars.GCP_PROJECT_ID }}
         uses: google-github-actions/auth@v2
         with:
           token_format: 'access_token'
           service_account: artifact-writer@${{ vars.GCP_PROJECT_ID}}.iam.gserviceaccount.com
           workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}
 
       - name: Login to Google Artifact Registry
+        if: ${{ vars.GCP_PROJECT_ID }}
         uses: docker/login-action@v3
         with:
           registry: ${{ vars.GAR_LOCATION }}-docker.pkg.dev
           username: oauth2accesstoken
           password: ${{ steps.gcp-auth.outputs.access_token }}
 
       - name: Login to Dockerhub
+        if: ${{ vars.DOCKERHUB_REPO }}
         uses: docker/login-action@v3
         with:
           username: ${{ vars.DOCKERHUB_USERNAME }}