Added deployment workflow with github actions #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will install Python dependencies, run tests and lint with a single version of Python | ||
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions | ||
# The full GCP authentication setup is described in this nice blog post: https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions | ||
# Here you see how to push to google cloud artifact registry: https://roger-that-dev.medium.com/push-code-with-github-actions-to-google-clouds-artifact-registry-60d256f8072f | ||
# Here you see how to deploy a cloudrun: https://github.com/google-github-actions/deploy-cloudrun | ||
# Or more generically, setup gcloud: https://github.com/google-github-actions/setup-gcloud | ||
name: GCP app deployment | ||
on: | ||
push: | ||
branches: [ deployment/dev, deployment/prod ] | ||
# pull_request: | ||
# branches: [ master ] | ||
#virtualenv venv | ||
#source venv/bin/activate | ||
#pip install -r ./requirements.txt | ||
# | ||
#gcloud auth configure-docker europe-west1-docker.pkg.dev | ||
#docker build -t europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app . | ||
#OR | ||
#docker buildx build --platform linux/arm64/v8,linux/amd64 -t europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app . | ||
#docker tag europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app:test1 | ||
#docker push europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app:test1 | ||
#docker run -it -e PORT=8080 -p 8080:8080 --rm europe-west1-docker.pkg.dev/tom-toolkit-dev-hxm/remote-observatory-tom-repo/tom_app:test | ||
## Cloudrun deployment | ||
#gcloud run services proxy tom-toolkit-instance-dev-b614bde8 --port=8080 --project=tom-toolkit-dev-hxm --region=europe-west1 | ||
#Then go to http://localhost:8080 | ||
env: | ||
IMAGE_NAME: '' | ||
PROJECT_ID: '' | ||
AR_REPO_LOCATION: '' | ||
AR_URL: '' | ||
SERVICE_ACCOUNT: '' | ||
WORKLOAD_IDENTITY_PROVIDER: '' | ||
CLOUDRUN_INSTANCE_NAME: '' | ||
jobs: | ||
push_to_gcp_artifact_registry: | ||
permissions: | ||
id-token: write # This is required for requesting the JWT | ||
contents: read # This is required for actions/checkout | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: 'actions/checkout@v4' | ||
- id: auth | ||
uses: 'google-github-actions/auth@v2' | ||
with: | ||
token_format: 'access_token' | ||
project_id: ${{ env.PROJECT_ID }} | ||
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }} | ||
service_account: ${{ env.SERVICE_ACCOUNT }} | ||
- id: 'docker-auth | ||
uses: 'docker/login-action@v1' | ||
with: | ||
username: 'oauth2accesstoken' | ||
password: '${{ steps.auth.outputs.access_token }}' | ||
registry: '${{ env.AR_REPO_LOCATION }}-docker.pkg.dev' | ||
# - id: 'Set up Cloud SDK' | ||
# uses: 'google-github-actions/setup-gcloud@v2' | ||
# with: | ||
# version: '>= 363.0.0' | ||
- id: 'build_and_push' | ||
run: |- | ||
docker build -t ${{ env.AR_URL }}/{{ env.IMAGE_NAME }} . | ||
docker tag ${{ env.AR_URL }}/{{ env.IMAGE_NAME }} ${{ env.AR_URL }}/{{ env.IMAGE_NAME }}:${{ github.sha }} | ||
docker push ${{ env.AR_URL }}/{{ env.IMAGE_NAME }}:${{ github.sha }} | ||
# Deploy comes from https://github.com/google-github-actions/deploy-cloudrun | ||
deploy: | ||
permissions: | ||
contents: 'read' | ||
id-token: 'write' | ||
steps: | ||
- uses: 'actions/checkout@v4' | ||
- uses: 'google-github-actions/auth@v2' | ||
with: | ||
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }} | ||
service_account: ${{ env.SERVICE_ACCOUNT }} | ||
- id: 'deploy' | ||
uses: 'google-github-actions/deploy-cloudrun@v2' | ||
with: | ||
service: ${{ env.CLOUDRUN_INSTANCE_NAME }} | ||
image: ${{ env.AR_URL }}/{{ env.IMAGE_NAME }}:${{ github.sha }} | ||
# - name: 'Use output' | ||
# run: 'curl "${{ steps.deploy.outputs.url }}"' |