# # Copyright (C) 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may not # use this file except in compliance with the License. You may obtain a copy of # the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations under # the License. # steps: - name: 'gcr.io/cloud-builders/git' secretEnv: ['SSH_KEY', 'GITHUB_KNOWN_HOSTS'] entrypoint: 'bash' args: - -c - | echo "$$SSH_KEY" >> /root/.ssh/id_rsa chmod 400 /root/.ssh/id_rsa echo "$$GITHUB_KNOWN_HOSTS" >> /root/.ssh/known_hosts volumes: - name: 'ssh' path: /root/.ssh - name: 'gcr.io/cloud-builders/git' args: ['clone', '${GITHUB_REPOSITORY}', '--branch', '${GITHUB_BRANCH}', '--single-branch', '--depth', '1', '/input'] volumes: - name: 'ssh' path: /root/.ssh - name: 'gcr.io/cloud-builders/docker' args: [ "run", "-v", "/workspace/${INPUT_FOLDER}:/workspace/${INPUT_FOLDER}", "-i", "${ANTI_PATTERN_IMAGE}t", "--input_folder_path", "/workspace/${INPUT_FOLDER}" ] availableSecrets: secretManager: - versionName: projects/${PROJECT_ID}/secrets/${PRIVATE_SSH_SECRET}/versions/latest env: 'SSH_KEY' - versionName: projects/${PROJECT_ID}/secrets/${KNOWN_HOSTS_SECRET}/versions/latest env: 'GITHUB_KNOWN_HOSTS'