TechQA.

Common Expression Language in Workload Identity Federation of GitHub Actions not working as expected

161 views Asked by At

I am using a CEL expression for setting conditions on the Service Account usage of a Workload Identity Federation provider for GitHub Actions.

Here is the expression

(assertion.repository=='MyOrg/MyRepo' && (assertion.event_name=='pull_request' || assertion.event_name=='workflow_dispatch') && assertion.job_workflow_ref.startsWith('MyOrg/MyRepo/.github/workflows/myworkflow.yaml') && assertion.ref.startsWith('refs/heads/rule/'))

I am creating a Pull Request from a branch named rule/lala2. However the authentication fails "due to attribute condition"

If I remove the last statement, i.e. assertion.ref.startsWith('refs/heads/rule/') it works.

What am I missing here?

github google-cloud-platform github-actions workload-identity common-expression-language
Original Q&A
0

There are 0 answers

Related Questions in GITHUB

Related Questions in GOOGLE-CLOUD-PLATFORM

Related Questions in GITHUB-ACTIONS

Related Questions in WORKLOAD-IDENTITY

Related Questions in COMMON-EXPRESSION-LANGUAGE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions