From 7342048ddf131c33e1a573988b0571a48d6cc40c Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Wed, 23 Jul 2025 10:22:37 +0200 Subject: [PATCH 1/2] publish: do not copy when run with --dry-run --- scripts/ci/create_gitlab_package.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/ci/create_gitlab_package.sh b/scripts/ci/create_gitlab_package.sh index 91a6aa818302..931c80ea3ff5 100755 --- a/scripts/ci/create_gitlab_package.sh +++ b/scripts/ci/create_gitlab_package.sh @@ -83,8 +83,10 @@ GOOGLE_OAUTH_ACCESS_TOKEN=$(gcloud auth print-access-token) export GOOGLE_OAUTH_ACCESS_TOKEN echo "Push to $BUCKET" - -gsutil -m cp -r public/octez.asc gs://"${BUCKET}" +# Upload only if not running in dry-run +if [ -z "${dry_run:-}" ]; then + gsutil -m cp -r public/octez.asc gs://"${BUCKET}" +fi # Loop over architectures for architecture in ${architectures}; do -- GitLab From 81aed66692de3914a6b683c6831b272df1703a44 Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Wed, 23 Jul 2025 11:38:28 +0200 Subject: [PATCH 2/2] publish job: make sure to have the correct key on protected repos --- scripts/ci/create_gitlab_package.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/ci/create_gitlab_package.sh b/scripts/ci/create_gitlab_package.sh index 931c80ea3ff5..c581a28f9ee6 100755 --- a/scripts/ci/create_gitlab_package.sh +++ b/scripts/ci/create_gitlab_package.sh @@ -79,6 +79,15 @@ cp "$GPG_PUBLIC_KEY" "public/octez.asc" # be set accordingly by the CI. BUCKET="$GCP_LINUX_PACKAGES_BUCKET" +if [ "$CI_COMMIT_REF_PROTECTED" = "true" ]; then + echo "### Logging into protected repo ..." + echo "${GCP_PROTECTED_SERVICE_ACCOUNT}" | base64 -d > protected_sa.json + gcloud auth activate-service-account --key-file=protected_sa.json +else + echo "### Logging into standard repo ..." + # Nothing to do +fi + GOOGLE_OAUTH_ACCESS_TOKEN=$(gcloud auth print-access-token) export GOOGLE_OAUTH_ACCESS_TOKEN -- GitLab