👷 Deploying to CloudRun #92
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Push-to-Google-CE | |
| on: | |
| push: | |
| branches: [master] | |
| pull_request: | |
| branches: [master] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: Checkout repository | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| publish: | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| needs: build | |
| name: Publish image to Docker Hub | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Authenticate with Google | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| project_id: ${{ secrets.FB_PROJECT_ID }} | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }} | |
| - name: Set up Google Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| with: | |
| project_id: ${{ secrets.FB_PROJECT_ID }} | |
| - name: Build Docker image | |
| run: | | |
| gcloud auth configure-docker ${{vars.REGION}}-docker.pkg.dev | |
| IMAGE="${{vars.REGION}}-docker.pkg.dev/${{secrets.FB_PROJECT_ID}}/colndir-botting/${{ secrets.DOCKER_IMAGE_NAME_STAGING }}:latest" | |
| docker buildx build -t $IMAGE \ | |
| --build-arg "TOKEN=${{ secrets.TOKEN }}" \ | |
| --build-arg "EMOJI_SERVER_ID=${{ secrets.EMOJI_SERVER_ID }}" \ | |
| --build-arg "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" \ | |
| --build-arg "FB_PROJECT_ID=${{ secrets.FB_PROJECT_ID }}" \ | |
| --build-arg "FB_PRIVATE_KEY=${{ secrets.FB_PRIVATE_KEY }}" \ | |
| --build-arg "FB_CLIENT_EMAIL=${{ secrets.FB_CLIENT_EMAIL }}" \ | |
| --build-arg "GOOGLEAPI_PRIVATE_KEY=${{ secrets.GOOGLEAPI_PRIVATE_KEY }}" \ | |
| --build-arg "GOOGLEAPI_CLIENT_EMAIL=${{ secrets.GOOGLEAPI_CLIENT_EMAIL }}" \ | |
| --build-arg "CLOUDRUN_PORT=${{ secrets.CLOUDRUN_PORT }}" . | |
| docker push $IMAGE | |
| deploy: | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| needs: publish | |
| name: Deploy to Google Cloud Run using the built docker image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Authenticate with Google | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| project_id: ${{ secrets.FB_PROJECT_ID }} | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }} | |
| - name: Set up Google Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| with: | |
| project_id: ${{ secrets.FB_PROJECT_ID }} | |
| - name: Deploy to Cloud Run | |
| run: | | |
| gcloud run deploy ${{ vars.CLOUDRUN_SERVICE_NAME }} \ | |
| --image ${{vars.REGION}}-docker.pkg.dev/${{secrets.FB_PROJECT_ID}}/colndir-botting/${{ secrets.DOCKER_IMAGE_NAME_STAGING }}:latest \ | |
| --platform managed \ | |
| --region ${{vars.REGION}} \ | |
| --allow-unauthenticated \ | |
| --no-cpu-throttling \ | |
| --set-env-vars "TOKEN=${{ secrets.TOKEN }},EMOJI_SERVER_ID=${{ secrets.EMOJI_SERVER_ID }},OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }},FB_PROJECT_ID=${{ secrets.FB_PROJECT_ID }},FB_PRIVATE_KEY=${{ secrets.FB_PRIVATE_KEY }},FB_CLIENT_EMAIL=${{ secrets.FB_CLIENT_EMAIL }},GOOGLEAPI_PRIVATE_KEY=${{ secrets.GOOGLEAPI_PRIVATE_KEY }},GOOGLEAPI_CLIENT_EMAIL=${{ secrets.GOOGLEAPI_CLIENT_EMAIL }},CLOUDRUN_PORT=${{ secrets.CLOUDRUN_PORT }}" | |
| - name: Create Scheduler | |
| run: | | |
| GCP_APP_URL=$(gcloud run services list --platform=managed --region=${GCP_REGION} \ | |
| --filter="status.address.url ~ pokecenter-${ENVSUFFIX}" \ | |
| --format="value(status.address.url)") | |
| gcloud scheduler jobs create http ${{ vars.CLOUDRUN_SERVICE_NAME }}-scheduler \ | |
| --schedule="* * * * *" \ | |
| --uri "${GCP_APP_URL}" \ | |
| --http-method "GET" \ | |
| --message-body "token=${{ secrets.TOKEN }}&emoji_server_id=${{ secrets.EMOJI_SERVER_ID }}&openai_api_key=${{ secrets.OPENAI_API_KEY }}&fb_project_id=${{ secrets.FB_PROJECT_ID }}&fb_private_key=${{ secrets.FB_PRIVATE_KEY }}&fb_client_email=${{ secrets.FB_CLIENT_EMAIL }}&googleapi_private_key=${{ secrets.GOOGLEAPI_PRIVATE_KEY }}&googleapi_client_email=${{ secrets.GOOGLEAPI_CLIENT_EMAIL }}&cloudrun_port=${{ secrets.CLOUDRUN_PORT }}" | |
| --oauth-service-account-email "${{ secrets.FB_PROJECT_ID }}@appspot.gserviceaccount.com" | |
| --oauth-token-scope "https://www.googleapis.com/auth/cloud-platform" | |
| --max-retry-attempts 3 | |
| --max-backoff "7d" | |
| --min-backoff "1h" | |
| --max-retry-duration "7d" | |
| --min-retry-duration "1h" | |
| --retry-deadline "7d" | |
| --timeout "540s" | |
| --project ${{ secrets.FB_PROJECT_ID }} | |
| --region ${{vars.REGION }} | |
| --quiet |