Skip to content
This repository has been archived by the owner on Aug 20, 2024. It is now read-only.

Merge pull request #2251 from sue445/dependabot/go_modules/function/g… #644

Merge pull request #2251 from sue445/dependabot/go_modules/function/g…

Merge pull request #2251 from sue445/dependabot/go_modules/function/g… #644

name: function-deploy
on:
push:
branches:
- "master"
- "deploy/**"
paths-ignore:
# Ignore files that are not used in production
- "**.md"
- "LICENSE"
- ".github/workflows/dependabot-auto-merge.yml"
- ".github/dependabot.yml"
- ".github/dependabot-auto-merge.yml"
- "function/_img/**"
- "function/_script/**"
# Ignore files used only by the frontend
- "frontend/**"
- ".github/workflows/frontend-*.yml"
workflow_dispatch:
env:
# e.g. projects/123456789/locations/global/workloadIdentityPools/github-actions/providers/github-actions
WORKLOAD_IDENTITY_PROVIDER: "projects/659376400894/locations/global/workloadIdentityPools/primap/providers/github-actions"
# e.g. terraform@GCP_PROJECT_ID.iam.gserviceaccount.com
SERVICE_ACCOUNT_EMAIL: "deployer@primap.iam.gserviceaccount.com"
permissions:
contents: read
id-token: write
defaults:
run:
working-directory: function
concurrency: function-production
jobs:
function:
name: function
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- function_name: cron-update-shops
function_entry_point: CronUpdateShops
function_trigger_topic: cron-update-shops
function_timeout: 540s # NOTE: This is max
- function_name: queue-save-shop
function_entry_point: QueueSaveShop
function_trigger_topic: shop-save-topic
function_timeout: 30s
steps:
- uses: actions/checkout@v4
- id: auth
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.SERVICE_ACCOUNT_EMAIL }}
- name: GCP Authenticate
uses: google-github-actions/setup-gcloud@v2
- name: Add credential path to .gcloudignore
run: |
# e.g.
# CREDENTIAL_FILE_PATH: /home/runner/work/slack-bots-function/slack-bots-function/a08afad6ea60285b8fd69e2e
# GITHUB_WORKSPACE: /home/runner/work/slack-bots-function/slack-bots-function
# After: a08afad6ea60285b8fd69e2e
echo $CREDENTIAL_FILE_PATH | sed -e "s#${GITHUB_WORKSPACE}/##g" >> .gcloudignore
env:
CREDENTIAL_FILE_PATH: ${{ steps.auth.outputs.credentials_file_path }}
- name: Deploy function
run: |
gcloud functions deploy ${FUNCTION_NAME} \
--gen2 \
--retry \
--serve-all-traffic-latest-revision \
--region=asia-northeast1 \
--memory=128Mi \
--runtime=go122 \
--service-account=function@primap.iam.gserviceaccount.com \
--entry-point=${FUNCTION_ENTRY_POINT} \
--timeout=${FUNCTION_TIMEOUT} \
--trigger-topic=${FUNCTION_TRIGGER_TOPIC} \
--set-env-vars=GCP_PROJECT=${GCP_PROJECT},SENTRY_DSN=${SENTRY_DSN},SENTRY_RELEASE=${GITHUB_SHA},SENTRY_ENVIRONMENT=production,SPARQL_ENDPOINT=${SPARQL_ENDPOINT}
env:
FUNCTION_NAME: ${{ matrix.function_name }}
FUNCTION_TIMEOUT: ${{ matrix.function_timeout }}
FUNCTION_TRIGGER_TOPIC: ${{ matrix.function_trigger_topic }}
FUNCTION_ENTRY_POINT: ${{ matrix.function_entry_point }}
SENTRY_DSN: ${{ secrets.FUNCTION_SENTRY_DSN }}
SPARQL_ENDPOINT: https://prismdb.takanakahiko.me/sparql # https://github.com/prickathon/prismdb
# SPARQL_ENDPOINT: https://web-lk3h3ydj7a-an.a.run.app/sparql # https://github.com/sue445/prismdb
- name: Slack Notification (not success)
uses: act10ns/slack@v2
if: "! success()"
continue-on-error: true
with:
status: ${{ job.status }}
webhook-url: ${{ secrets.SLACK_WEBHOOK }}
matrix: ${{ toJson(matrix) }}
notify:
needs:
- function
runs-on: ubuntu-latest
environment: function-production
steps:
- uses: actions/checkout@v4
- name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT_FUNCTION }}
with:
environment: production
- name: Slack Notification
uses: act10ns/slack@v2
if: always()
continue-on-error: true
with:
status: ${{ job.status }}
webhook-url: ${{ secrets.SLACK_WEBHOOK }}