From 931f60344f293889c9a1ae2cc43d31a0f7056573 Mon Sep 17 00:00:00 2001
From: Matthew Huebert <mhuebert@gmail.com>
Date: Thu, 23 May 2024 17:00:50 +0200
Subject: [PATCH] ci

---
 .github/workflows/release.yml | 2 +-
 README.md                     | 9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 29d8723..7271953 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
       uses: 'google-github-actions/auth@v2.1.3'
       with:
         project_id: 'probcomp-caliban'
-        workload_identity_provider: 'projects/110275315150/locations/global/workloadIdentityPools/app-engine-publishers/providers/github'
+        workload_identity_provider: 'https://iam.googleapis.com/projects/110275315150/locations/global/workloadIdentityPools/app-engine-publishers/providers/github'
         service_account: 'github-appengine-deploy@probcomp-caliban.iam.gserviceaccount.com'
     - id: 'gcloud_check'
       run: |-
diff --git a/README.md b/README.md
index e436dc3..7af9d2c 100644
--- a/README.md
+++ b/README.md
@@ -23,8 +23,13 @@ Initial setup was performed as follows:
     ```
 To use in another repo, create an additional IAM entry, modifying the principal above with your desired repository name.
 
-
 ## Blocked
 
 Currently unable to deploy to app engine, probably due to this issue:
-https://github.com/firebase/firebase-admin-node/issues/1377
\ No newline at end of file
+https://github.com/firebase/firebase-admin-node/issues/1377
+
+gcloud iam service-accounts add-iam-policy-binding "github-appengine-deploy@probcomp-caliban.iam.gserviceaccount.com" \
+  --project="probcomp-caliban" \
+  --role="roles/iam.workloadIdentityUser" \
+  --member="principalSet://iam.googleapis.com/projects/110275315150/locations/global/workloadIdentityPools/app-engine-publishers/attribute.repository/probcomp/gae-website-test"
+  
\ No newline at end of file