-
Notifications
You must be signed in to change notification settings - Fork 0
108 lines (94 loc) · 4.29 KB
/
google-cloudrun-docker.yml
File metadata and controls
108 lines (94 loc) · 4.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# This workflow builds and pushes Docker containers to Google Artifact Registry
# and deploys both backend and frontend on Cloud Run when a commit is pushed to the "production"
# branch.
name: 'Build and Deploy QueryPal to Cloud Run'
on:
push:
branches:
- 'production'
workflow_dispatch:
env:
PROJECT_ID: 'gen-lang-client-0698668474'
REGION: 'europe-west1'
BACKEND_SERVICE: 'querypal-backend'
FRONTEND_SERVICE: 'querypal-frontend'
WORKLOAD_IDENTITY_PROVIDER: 'projects/874216619692/locations/global/workloadIdentityPools/github/providers/querypal'
jobs:
deploy:
runs-on: 'ubuntu-latest'
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: 'Checkout'
uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4
# Configure Workload Identity Federation and generate an access token.
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2' # google-github-actions/auth@v2
with:
workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}'
service_account: 'github-actions@gen-lang-client-0698668474.iam.gserviceaccount.com'
# Set up Cloud SDK
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@98ddc00a17442e89a24bbf282954a3b65ce6d200' # google-github-actions/setup-gcloud@v2
# Configure Docker to use gcloud as a credential helper
- name: 'Configure Docker for GCR'
run: |-
gcloud auth configure-docker --quiet
# Build and Push Backend Container
- name: 'Build and Push Backend Container'
run: |-
cd backend
DOCKER_TAG="gcr.io/${{ env.PROJECT_ID }}/${{ env.BACKEND_SERVICE }}:${{ github.sha }}"
docker build --tag "${DOCKER_TAG}" --platform linux/amd64 .
docker push "${DOCKER_TAG}"
# Deploy Backend to Cloud Run
- id: 'deploy-backend'
name: 'Deploy Backend to Cloud Run'
uses: 'google-github-actions/deploy-cloudrun@33553064113a37d688aa6937bacbdc481580be17' # google-github-actions/deploy-cloudrun@v2
with:
service: '${{ env.BACKEND_SERVICE }}'
region: '${{ env.REGION }}'
image: 'gcr.io/${{ env.PROJECT_ID }}/${{ env.BACKEND_SERVICE }}:${{ github.sha }}'
env_vars: |
ENVIRONMENT=production
AZURE_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}
AZURE_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }}
ARM_SCOPE=https://management.azure.com/.default
GEMINI_API_KEY=${{ secrets.GEMINI_API_KEY }}
DB_USER=${{ secrets.DB_USER }}
DB_PASS=${{ secrets.DB_PASS }}
DB_NAME=querypal
DB_UNIX_SOCKET=/cloudsql/gen-lang-client-0698668474:europe-west1:querypal-db
flags: |
--port=8000
--add-cloudsql-instances=gen-lang-client-0698668474:europe-west1:querypal-db
--allow-unauthenticated
# Build and Push Frontend Container
- name: 'Build and Push Frontend Container'
run: |-
cd frontend
DOCKER_TAG="gcr.io/${{ env.PROJECT_ID }}/${{ env.FRONTEND_SERVICE }}:${{ github.sha }}"
docker build --tag "${DOCKER_TAG}" --platform linux/amd64 \
--build-arg VITE_API_BASE_URL=${{ steps.deploy-backend.outputs.url }} \
--build-arg VITE_AZURE_REDIRECT_URI=https://querypal.virtonomy.io \
.
docker push "${DOCKER_TAG}"
# Deploy Frontend to Cloud Run
- id: 'deploy-frontend'
name: 'Deploy Frontend to Cloud Run'
uses: 'google-github-actions/deploy-cloudrun@33553064113a37d688aa6937bacbdc481580be17' # google-github-actions/deploy-cloudrun@v2
with:
service: '${{ env.FRONTEND_SERVICE }}'
region: '${{ env.REGION }}'
image: 'gcr.io/${{ env.PROJECT_ID }}/${{ env.FRONTEND_SERVICE }}:${{ github.sha }}'
flags: |
--port=4000
--allow-unauthenticated
# Show output URLs
- name: 'Show deployment URLs'
run: |-
echo "Backend URL: ${{ steps.deploy-backend.outputs.url }}"
echo "Frontend URL: ${{ steps.deploy-frontend.outputs.url }}"