Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: cloud run auto deploy #549

Merged
merged 9 commits into from
Oct 4, 2023
Merged

ci: cloud run auto deploy #549

Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
467bb7c
ci: cloud run auto deploy
MrOrz Oct 2, 2023
b69199b
fix(workflow): fix GITHUB_TOKEN permission and docker cache
MrOrz Oct 2, 2023
c4b947d
fix(workflows): specify region
MrOrz Oct 2, 2023
ef2de31
ci: try adding environment
MrOrz Oct 3, 2023
5dfd353
ci: Specifying environment name from matrix
MrOrz Oct 3, 2023
0dca403
ci: Add environment URL
MrOrz Oct 3, 2023
a4e2f82
fix(workflow): matrix context does not have env
MrOrz Oct 3, 2023
a4fa9a4
fix(workflow): environment name cannot have env
MrOrz Oct 3, 2023
7202a24
fix(workflow): env are truthy strings
MrOrz Oct 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 46 additions & 4 deletions .github/workflows/build-and-push.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ on:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

env:
TARGET: ${{ startsWith(github.ref, 'refs/tags/release') && 'production' || 'staging' }}
# Docker tag prefix
RELEASE_TAG: ${{ startsWith(github.ref, 'refs/tags/release') && 'latest' || 'dev' }}

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
Expand All @@ -27,8 +32,6 @@ jobs:
postfix: -tw
- locale: ja
postfix: -ja
env:
RELEASE_TAG: ${{ startsWith(github.ref, 'refs/tags/release') && 'latest' || 'dev' }}

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
Expand Down Expand Up @@ -59,8 +62,47 @@ jobs:
build-args: |
APP_ID=RUMORS_SITE
LOCALE=${{ matrix.locales.locale }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Cache for individual languages
# Ref: https://docs.docker.com/build/cache/backends/gha/#scope
cache-from: type=gha,scope=${{env.GITHUB_REF_NAME}}${{matrix.locales.postfix}}
cache-to: type=gha,mode=max,scope=${{env.GITHUB_REF_NAME}}${{matrix.locales.postfix}}

- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}

deploy:
permissions: # Required by google-github-actions/auth
contents: 'read'
id-token: 'write'
needs: build-and-push
runs-on: ubuntu-latest
strategy:
matrix:
locales:
- region: asia-east1
postfix: -tw
hostname: ''
devHostname: dev.
- region: us-east4
postfix: -en
hostname: en.
devHostname: dev-en.
- region: asia-northeast1
postfix: -ja
hostname: ja.
devHostname: dev-ja.
environment:
# environment.name cannot use env
# Ref: https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
name: ${{ startsWith(github.ref, 'refs/tags/release') && 'production' || 'staging' }}${{ matrix.locales.postfix }}
url: https://${{ env.TARGET == 'production' && matrix.locales.hostname || matrix.locales.devHostname }}cofacts.tw
steps:
- uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: ${{ secrets.GC_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GC_SERVICE_ACCOUNT }}
- uses: 'google-github-actions/deploy-cloudrun@v1'
with:
service: ${{ env.TARGET == 'production' && 'site' || 'site-staging' }}${{ matrix.locales.postfix }}
image: cofacts/rumors-site:${{ env.RELEASE_TAG }}${{ matrix.locales.postfix }}
region: ${{ matrix.locales.region }}