This repository has been archived by the owner on Aug 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
148 lines (124 loc) · 4.85 KB
/
function-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: function-deploy
on:
push:
branches:
- "master"
- "deploy/**"
paths-ignore:
# Ignore files that are not used in production
- "**.md"
- "LICENSE"
- ".github/workflows/dependabot-auto-merge.yml"
- ".github/dependabot.yml"
- ".github/dependabot-auto-merge.yml"
- "function/_img/**"
- "function/_script/**"
# Ignore files used only by the frontend
- "frontend/**"
- ".github/workflows/frontend-*.yml"
workflow_dispatch:
env:
# e.g. projects/123456789/locations/global/workloadIdentityPools/github-actions/providers/github-actions
WORKLOAD_IDENTITY_PROVIDER: "projects/659376400894/locations/global/workloadIdentityPools/primap/providers/github-actions"
# e.g. terraform@GCP_PROJECT_ID.iam.gserviceaccount.com
SERVICE_ACCOUNT_EMAIL: "deployer@primap.iam.gserviceaccount.com"
permissions:
contents: read
id-token: write
defaults:
run:
working-directory: function
concurrency: function-production
jobs:
function:
name: function
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- function_name: cron-update-shops
function_entry_point: CronUpdateShops
function_trigger_topic: cron-update-shops
function_timeout: 540s # NOTE: This is max
- function_name: queue-save-shop
function_entry_point: QueueSaveShop
function_trigger_topic: shop-save-topic
function_timeout: 30s
steps:
- uses: actions/checkout@v4
- id: auth
uses: google-github-actions/auth@v1
with:
workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.SERVICE_ACCOUNT_EMAIL }}
- name: GCP Authenticate
uses: google-github-actions/setup-gcloud@v1
- name: Add credential path to .gcloudignore
run: |
# e.g.
# CREDENTIAL_FILE_PATH: /home/runner/work/slack-bots-function/slack-bots-function/a08afad6ea60285b8fd69e2e
# GITHUB_WORKSPACE: /home/runner/work/slack-bots-function/slack-bots-function
# After: a08afad6ea60285b8fd69e2e
echo $CREDENTIAL_FILE_PATH | sed -e "s#${GITHUB_WORKSPACE}/##g" >> .gcloudignore
env:
CREDENTIAL_FILE_PATH: ${{ steps.auth.outputs.credentials_file_path }}
- name: Deploy function
run: |
gcloud functions deploy ${FUNCTION_NAME} \
--gen2 \
--retry \
--serve-all-traffic-latest-revision \
--region=asia-northeast1 \
--memory=128Mi \
--runtime=go121 \
--service-account=function@primap.iam.gserviceaccount.com \
--entry-point=${FUNCTION_ENTRY_POINT} \
--timeout=${FUNCTION_TIMEOUT} \
--trigger-topic=${FUNCTION_TRIGGER_TOPIC} \
--set-env-vars=GCP_PROJECT=${GCP_PROJECT},SENTRY_DSN=${SENTRY_DSN},SENTRY_RELEASE=${GITHUB_SHA},SENTRY_ENVIRONMENT=production,SPARQL_ENDPOINT=${SPARQL_ENDPOINT}
env:
FUNCTION_NAME: ${{ matrix.function_name }}
FUNCTION_TIMEOUT: ${{ matrix.function_timeout }}
FUNCTION_TRIGGER_TOPIC: ${{ matrix.function_trigger_topic }}
FUNCTION_ENTRY_POINT: ${{ matrix.function_entry_point }}
SENTRY_DSN: ${{ secrets.FUNCTION_SENTRY_DSN }}
# FIXME: Temporarily use https://github.com/sue445/prismdb because upstream can't get the latest data
# c.f. https://github.com/prickathon/prismdb/issues/539
# SPARQL_ENDPOINT: https://prismdb.takanakahiko.me/sparql
SPARQL_ENDPOINT: https://web-lk3h3ydj7a-an.a.run.app/sparql
- name: Slack Notification (not success)
uses: lazy-actions/slatify@master
if: "! success()"
continue-on-error: true
with:
job_name: ${{ format('*deploy* ({0})', matrix.function_name) }}
type: ${{ job.status }}
icon_emoji: ":octocat:"
url: ${{ secrets.SLACK_WEBHOOK }}
token: ${{ secrets.GITHUB_TOKEN }}
notify:
needs:
- function
runs-on: ubuntu-latest
environment: function-production
steps:
- uses: actions/checkout@v4
- name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT_FUNCTION }}
with:
environment: production
- name: Slack Notification
uses: lazy-actions/slatify@master
if: always()
continue-on-error: true
with:
job_name: '*notify*'
type: ${{ job.status }}
icon_emoji: ":octocat:"
url: ${{ secrets.SLACK_WEBHOOK }}
token: ${{ secrets.GITHUB_TOKEN }}