From 1e8e16ae4a45311b23dbc65a88cc9d7fdff87ebc Mon Sep 17 00:00:00 2001 From: DominicJamesWhite Date: Thu, 10 Apr 2025 19:08:46 +0200 Subject: [PATCH] Amend script to use google build process --- .github/workflows/deploy-cloud-run.yml | 64 ++++++++++++++++++++------ 1 file changed, 49 insertions(+), 15 deletions(-) diff --git a/.github/workflows/deploy-cloud-run.yml b/.github/workflows/deploy-cloud-run.yml index 53e015dc8..cffed2019 100644 --- a/.github/workflows/deploy-cloud-run.yml +++ b/.github/workflows/deploy-cloud-run.yml @@ -1,4 +1,4 @@ -name: Deploy Cloud Run Services +name: Build and Deploy Cloud Run Services # Trigger manually from the Actions tab on: @@ -6,11 +6,13 @@ on: env: GCP_PROJECT_ID: funny-new-goose - GCP_REGION: us-central1 # Or choose another region if needed - IMAGE_URI: us-central1-docker.pkg.dev/funny-new-goose/cloud-run-source-deploy/canyonchat/canyonchat@sha256:103623b4ec62e1eae0696362f54e4bd1e82714260326435f35d3bdbff0993720 + GCP_REGION: us-central1 # Cloud Run region + GAR_LOCATION: us-central1 # Artifact Registry location (often same as region) + GAR_REPOSITORY: github-actions-builds # Name of your Artifact Registry repo + IMAGE_NAME: canyon-humctl-interface # Name for the image in Artifact Registry jobs: - deploy: + build-and-deploy: runs-on: ubuntu-latest # IMPORTANT: Add all potential *_ENV secret names referenced in the SERVICE_CONFIG variable here! @@ -22,28 +24,60 @@ jobs: DOMINICWHITE01_ENV: ${{ secrets.DOMINICWHITE01_ENV }} # EXAMPLE_SERVICE_ENV: ${{ secrets.EXAMPLE_SERVICE_ENV }} # Add more as needed + # Grant GITHUB_TOKEN permissions to write to Artifact Registry + permissions: + contents: 'read' + id-token: 'write' # Required for google-github-actions/auth + steps: - name: Checkout code uses: actions/checkout@v4 + # --- Build and Push Docker Image --- + + - name: Authenticate to Google Cloud (for GAR) + id: auth + uses: 'google-github-actions/auth@v2' + with: + credentials_json: ${{ env.GCP_SA_KEY }} + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v2 + + - name: Configure Docker for GAR + run: gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev --quiet + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and push Docker image + id: build-push + uses: docker/build-push-action@v5 + with: + context: . # Build from the root of the repo + push: true + tags: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Echo Built Image URI + run: echo "Built image URI: ${{ steps.build-push.outputs.digest }}" + + # --- Deploy Services --- + - name: Install yq (YAML Processor) run: | sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq sudo chmod +x /usr/bin/yq shell: bash - - name: Authenticate to Google Cloud - id: auth - uses: google-github-actions/auth@v2 - with: - credentials_json: ${{ env.GCP_SA_KEY }} - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v2 - - name: Deploy Services Script id: deploy + env: + # Make the built image URI available to the script + BUILT_IMAGE_URI: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} run: | + echo "Using Image URI: $BUILT_IMAGE_URI" echo "Parsing SERVICE_CONFIG variable:" echo "${{ env.SERVICE_CONFIG }}" @@ -115,9 +149,9 @@ jobs: echo "Normalized service name for Cloud Run: $normalized_service_name" # --- Deploy using gcloud --- - echo "Deploying $normalized_service_name to $GCP_REGION..." + echo "Deploying $normalized_service_name to $GCP_REGION using image $BUILT_IMAGE_URI..." gcloud run deploy "$normalized_service_name" \ - --image="$IMAGE_URI" \ + --image="$BUILT_IMAGE_URI" \ --project="$GCP_PROJECT_ID" \ --region="$GCP_REGION" \ --set-env-vars="$formatted_env_vars" \