From c82a758b3f09e7d8bd03cd8804e81915743e4bda Mon Sep 17 00:00:00 2001
From: ilevk <kcs93023@gmail.com>
Date: Tue, 7 May 2024 12:22:22 +0900
Subject: [PATCH] feat - add cd workflow

---
 .github/workflows/cd_workflow.yaml | 51 ++++++++++++++++++++++++++++++
 Dockerfile                         | 17 ++++++++++
 entrypoint.sh                      |  2 ++
 3 files changed, 70 insertions(+)
 create mode 100644 .github/workflows/cd_workflow.yaml
 create mode 100644 Dockerfile
 create mode 100644 entrypoint.sh

diff --git a/.github/workflows/cd_workflow.yaml b/.github/workflows/cd_workflow.yaml
new file mode 100644
index 0000000..33b83f3
--- /dev/null
+++ b/.github/workflows/cd_workflow.yaml
@@ -0,0 +1,51 @@
+name: Build and Deploy to Cloud Run
+
+on:
+  push:
+    branches: [ "main" ]
+
+env:
+  PROJECT_ID: ${{ secrets.project_id }} # TODO: update Google Cloud project id
+  GAR_LOCATION: ${{ vars.gar_location }} # TODO: update Artifact Registry location
+  SERVICE: ${{ vars.service_name }} # TODO: update Cloud Run service name
+  REGION: ${{ vars.service_region }} # TODO: update Cloud Run service region
+
+jobs:
+  deploy:
+    # Add 'id-token' with the intended permissions for workload identity federation
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # NOTE: Alternative option - authentication via credentials json
+      - name: Google Auth
+        id: auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
+
+      - name: Build and Push Container
+        run: |-
+          gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev
+          docker build -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/${{ github.sha }}" ./
+          docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/${{ github.sha }}"
+
+      # END - Docker auth and build
+
+      - name: Deploy to Cloud Run
+        id: deploy
+        uses: google-github-actions/deploy-cloudrun@v2
+        with:
+          service: ${{ env.SERVICE }}
+          region: ${{ env.REGION }}
+          # NOTE: If using a pre-built image, update the image name here
+          image: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/${{ github.sha }}
+
+      # If required, use the Cloud Run url output in later steps
+      - name: Show Output
+        run: echo ${{ steps.deploy.outputs.url }}
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..edd55a5
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,17 @@
+FROM python:3.11.8-slim
+
+WORKDIR /
+
+RUN pip install poetry
+
+COPY ./poetry.lock ./poetry.lock
+COPY ./pyproject.toml ./pyproject.toml
+
+RUN poetry export -f requirements.txt --output requirements.txt --without-hashes
+
+RUN pip install --no-cache-dir --upgrade -r ./requirements.txt
+
+COPY ./app /app
+COPY ./entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["bash", "./entrypoint.sh"]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 0000000..b989713
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,2 @@
+export ENV=prod
+uvicorn app.main:app --host 0.0.0.0 --port $PORT