I am trying to deploy a Laravel application using GithubCI to Google Container Registry. In the application, I created a helper function to get secrets from Google Secret Manager. This is the code.
if (!function_exists('get_secret')) {
function get_secret(string $name, $version = 'latest'): string
{
$client = new SecretManagerServiceClient();
$name = $client->secretVersionName(
env('GOOGLE_CLOUD_PROJECT_ID', '*****'),
$name,
$version,
);
$request = AccessSecretVersionRequest::build($name);
$response = $client->accessSecretVersion($request);
$payload = $response->getPayload()->getData();
return $payload;
}
}
Then I used the function in the relevant config files. (e.g. database.php, app.php) And it works fine on my local machine. The problem is that when I try to build the application using docker on GithubCI, I get the following error
This is my Github Workflow
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
steps:
- name: Checkout code
uses: actions/checkout@v2
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v1"
with:
workload_identity_provider: "${{ secrets.WIP }}"
service_account: "${{ secrets.SERVICE_ACCOUNT }}"
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v1"
- name: "Configure docker to use use gcloud"
run: |-
gcloud auth configure-docker --quiet
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push EPMS Worker
uses: docker/build-push-action@v4
with:
context: .
file: worker.Dockerfile
push: true
tags: gcr.io/fabled-mystery-328210/fbasegithub/epms-worker:latest