ci: permission deny #56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dev Deployment | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Cache docker layers | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Create .env file | |
| run: | | |
| echo "${{ secrets.ENV_DEVELOPMENT }}" > .env | |
| - name: Login to Google Cloud | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.SERVICE_ACCOUNT }} | |
| - name: Docker auth | |
| run: | | |
| gcloud auth configure-docker ${{ vars.DOCKER_REGISTRY_LOCATION }} --quiet | |
| - name: Build and push Docker image | |
| run: | | |
| docker buildx build --tag ${{ vars.DOCKER_REGISTRY_LOCATION }}/${{ secrets.GOOGLE_PROJECT }}/inner-catalog/catalog-ui:dev-${{ github.run_id }} --push . | |
| upload-static: | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Login to Google Cloud | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.SERVICE_ACCOUNT }} | |
| - name: Docker auth | |
| run: | | |
| gcloud auth configure-docker ${{ vars.DOCKER_REGISTRY_LOCATION }} --quiet | |
| - name: Pull docker image | |
| run: | | |
| docker pull ${{ vars.DOCKER_REGISTRY_LOCATION }}/${{ secrets.GOOGLE_PROJECT }}/inner-catalog/catalog-ui:dev-${{ github.run_id }} | |
| - name: Copy app/.next/static directory | |
| run: | | |
| container_id=$(docker create ${{ vars.DOCKER_REGISTRY_LOCATION }}/${{ secrets.GOOGLE_PROJECT }}/inner-catalog/catalog-ui:dev-${{ github.run_id }}) | |
| docker create --name temp ${{ vars.DOCKER_REGISTRY_LOCATION }}/${{ secrets.GOOGLE_PROJECT }}/inner-catalog/catalog-ui:dev-${{ github.run_id }} | |
| mkdir -p $GITHUB_WORKSPACE/temporary/.next/static | |
| docker cp temp:/app/.next/static $GITHUB_WORKSPACE/temporary/.next/static | |
| docker rm temp | |
| - name: Upload static files to R2 bucket | |
| uses: ryand56/r2-upload-action@latest | |
| with: | |
| r2-account-id: ${{ secrets.R2_ACCOUNT_ID }} | |
| r2-access-key-id: ${{ secrets.R2_ACCESS_KEY_ID }} | |
| r2-secret-access-key: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| r2-bucket: ${{ secrets.R2_BUCKET }} | |
| source-dir: $GITHUB_WORKSPACE/temporary/.next/static | |
| destination-dir: ./static/development | |
| deploy: | |
| needs: [upload-static] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Login to google cloud | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.SERVICE_ACCOUNT }} | |
| - name: Deploy to Cloud Run | |
| uses: google-github-actions/deploy-cloudrun@v2 | |
| with: | |
| service: catalog-ui-dev | |
| image: ${{ vars.DOCKER_REGISTRY_LOCATION }}/${{ secrets.GOOGLE_PROJECT }}/inner-catalog/catalog-ui:dev-${{ github.run_id }} | |
| region: asia-southeast2 | |
| flags: '--allow-unauthenticated --port=3000 --memory=256Mi --cpu=1 --min-instances=0 --max-instances=1 --cpu-throttling' |