Skip to content

refactor: 토큰 재발급 기능 추가 #32

refactor: 토큰 재발급 기능 추가

refactor: 토큰 재발급 기능 추가 #32

name: Build and Deploy to Cloud Run
on:
pull_request:
branches: [ main ]
defaults:
run:
working-directory: frontend
env:
PROJECT_ID: ${{secrets.PROJECT_ID}}
SERVICE: ${{secrets.FE_SERVICE}}
REGION: ${{secrets.REGION}}
ARTIFACT_REGISTRY: ${{secrets.FE_ARTIFACT_REGISTRY}}
node-version: '20.12.2'
jobs:
deploy:
# Add 'id-token' with the intended permissions for workload identity federation
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
token: ${{ secrets.ACTION_TOKEN }}
- uses: actions/setup-node@v3
with:
node-version: '20.12.2'
- name: Install dependencies
run: npm install
- name: build
run: npm run build
- name: 검사
run: ls -al && ls -al ./secret && ls -al ./secret/frontend && npm run cp:security && ls -al
- name: Google Auth
id: auth
uses: 'google-github-actions/auth@v2'
with:
token_format: 'access_token'
workload_identity_provider: ${{ secrets.WIF_PROVIDER }} # e.g. - projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider
service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} # e.g. - [email protected]
project_id: ${{env.PROJECT_ID}}
- name: Docker Auth
id: docker-auth
uses: 'docker/login-action@v1'
with:
username : '_json_key'
password : ${{ secrets.GOOGLE_AR_CLIENT_SECRET }}
registry : ${{ env.REGION }}-docker.pkg.dev/${{env.PROJECT_ID}}/${{env.ARTIFACT_REGISTRY}}/${{env.SERVICE}}
- name: Build and Push Container
run: |-
docker build -t ${{ env.REGION }}-docker.pkg.dev/${{env.PROJECT_ID}}/${{env.ARTIFACT_REGISTRY}}/${{env.SERVICE}} ./
docker push "${{ env.REGION }}-docker.pkg.dev/${{env.PROJECT_ID}}/${{env.ARTIFACT_REGISTRY}}/${{env.SERVICE}}"
# END - Docker auth and build
- name: Deploy to Cloud Run
id: deploy
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ env.SERVICE }}
region: ${{ env.REGION }}
# NOTE: If using a pre-built image, update the image name here
image: ${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.ARTIFACT_REGISTRY }}/${{ env.SERVICE }}
# If required, use the Cloud Run url output in later steps
- name: Show Output
run: echo ${{ steps.deploy.outputs.url }}