-
-
Notifications
You must be signed in to change notification settings - Fork 3
201 lines (190 loc) · 13.1 KB
/
google.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the "main" branch.
#
# To configure this workflow:
#
# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc.
#
# 2. Create and configure a Workload Identity Provider for GitHub (https://github.com/google-github-actions/auth#setting-up-workload-identity-federation)
#
# 3. Change the values for the GAR_LOCATION, GKE_ZONE, GKE_CLUSTER, IMAGE, REPOSITORY and DEPLOYMENT_NAME environment variables (below).
#
# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke-kustomize
name: Build and Deploy to GKE
on:
push:
branches: [ "main" ]
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
GAR_LOCATION: us-central1 # TODO: update region of the Artifact Registry
GKE_CLUSTER: cluster-1 # TODO: update to cluster name
GKE_ZONE: us-central1-c # TODO: update to cluster zone
DEPLOYMENT_NAME: gke-test # TODO: update to deployment name
REPOSITORY: samples # TODO: update to Artifact Registry docker repository
IMAGE: static-site
jobs:
setup-build-publish-deploy:
name: Setup, Build, Publish, and Deploy
runs-on: ubuntu-latest
environment: production
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Checkout
uses: actions/checkout@v4
# Configure Workload Identity Federation and generate an access token.
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
token_format: 'access_token'
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: 'my-service-account@my-project.iam.gserviceaccount.com'
# Alternative option - authentication via credentials json
# - id: 'auth'
# uses: 'google-github-actions/auth@v0'
# with:
# credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: Docker configuration
run: |-
echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://$GAR_LOCATION-docker.pkg.dev
# Get the GKE credentials so we can deploy to the cluster
- name: Set up GKE credentials
uses: google-github-actions/get-gke-credentials@v0
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_ZONE }}
# Build the Docker image
- name: Build
run: |-
docker build \
--tag "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" \
--build-arg GITHUB_SHA="$GITHUB_SHA" \
--build-arg GITHUB_REF="$GITHUB_REF" \
.
# Push the Docker image to Google Artifact Registry
- name: Publish
run: |-
docker push "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA"
# Set up kustomize
- name: Set up Kustomize
run: |-
curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64
chmod u+x ./kustomize
# Deploy the Docker image to the GKE cluster
- name: Deploy
run: |-
# replacing the image name in the k8s template
./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA
./kustomize build . | kubectl apply -f -
kubectl rollout status deployment/$DEPLOYMENT_NAME
kubectl get services -o wide
- name: Close Stale Issues
uses: actions/stale@v9.0.0
with:
# Token for the repository. Can be passed in using `{{ secrets.GITHUB_TOKEN }}`.
repo-token: # optional, default is ${{ github.token }}
# The message to post on the issue when tagging it. If none provided, will not mark issues stale.
stale-issue-message: # optional
# The message to post on the pull request when tagging it. If none provided, will not mark pull requests stale.
stale-pr-message: # optional
# The message to post on the issue when closing it. If none provided, will not comment when closing an issue.
close-issue-message: # optional
# The message to post on the pull request when closing it. If none provided, will not comment when closing a pull requests.
close-pr-message: # optional
# The number of days old an issue or a pull request can be before marking it stale. Set to -1 to never mark issues or pull requests as stale automatically.
days-before-stale: # optional, default is 60
# The number of days old an issue can be before marking it stale. Set to -1 to never mark issues as stale automatically. Override "days-before-stale" option regarding only the issues.
days-before-issue-stale: # optional
# The number of days old a pull request can be before marking it stale. Set to -1 to never mark pull requests as stale automatically. Override "days-before-stale" option regarding only the pull requests.
days-before-pr-stale: # optional
# The number of days to wait to close an issue or a pull request after it being marked stale. Set to -1 to never close stale issues or pull requests.
days-before-close: # optional, default is 7
# The number of days to wait to close an issue after it being marked stale. Set to -1 to never close stale issues. Override "days-before-close" option regarding only the issues.
days-before-issue-close: # optional
# The number of days to wait to close a pull request after it being marked stale. Set to -1 to never close stale pull requests. Override "days-before-close" option regarding only the pull requests.
days-before-pr-close: # optional
# The label to apply when an issue is stale.
stale-issue-label: # optional, default is Stale
# The label to apply when an issue is closed.
close-issue-label: # optional
# The labels that mean an issue is exempt from being marked stale. Separate multiple labels with commas (eg. "label1,label2").
exempt-issue-labels: # optional, default is
# The reason to use when closing an issue.
close-issue-reason: # optional, default is not_planned
# The label to apply when a pull request is stale.
stale-pr-label: # optional, default is Stale
# The label to apply when a pull request is closed.
close-pr-label: # optional
# The labels that mean a pull request is exempt from being marked as stale. Separate multiple labels with commas (eg. "label1,label2").
exempt-pr-labels: # optional, default is
# The milestones that mean an issue or a pull request is exempt from being marked as stale. Separate multiple milestones with commas (eg. "milestone1,milestone2").
exempt-milestones: # optional, default is
# The milestones that mean an issue is exempt from being marked as stale. Separate multiple milestones with commas (eg. "milestone1,milestone2"). Override "exempt-milestones" option regarding only the issues.
exempt-issue-milestones: # optional, default is
# The milestones that mean a pull request is exempt from being marked as stale. Separate multiple milestones with commas (eg. "milestone1,milestone2"). Override "exempt-milestones" option regarding only the pull requests.
exempt-pr-milestones: # optional, default is
# Exempt all issues and pull requests with milestones from being marked as stale. Default to false.
exempt-all-milestones: # optional, default is false
# Exempt all issues with milestones from being marked as stale. Override "exempt-all-milestones" option regarding only the issues.
exempt-all-issue-milestones: # optional, default is
# Exempt all pull requests with milestones from being marked as stale. Override "exempt-all-milestones" option regarding only the pull requests.
exempt-all-pr-milestones: # optional, default is
# Only issues or pull requests with all of these labels are checked if stale. Defaults to `` (disabled) and can be a comma-separated list of labels.
only-labels: # optional, default is
# Only issues or pull requests with at least one of these labels are checked if stale. Defaults to `` (disabled) and can be a comma-separated list of labels.
any-of-labels: # optional, default is
# Only issues with at least one of these labels are checked if stale. Defaults to `` (disabled) and can be a comma-separated list of labels. Override "any-of-labels" option regarding only the issues.
any-of-issue-labels: # optional, default is
# Only pull requests with at least one of these labels are checked if stale. Defaults to `` (disabled) and can be a comma-separated list of labels. Override "any-of-labels" option regarding only the pull requests.
any-of-pr-labels: # optional, default is
# Only issues with all of these labels are checked if stale. Defaults to `[]` (disabled) and can be a comma-separated list of labels. Override "only-labels" option regarding only the issues.
only-issue-labels: # optional, default is
# Only pull requests with all of these labels are checked if stale. Defaults to `[]` (disabled) and can be a comma-separated list of labels. Override "only-labels" option regarding only the pull requests.
only-pr-labels: # optional, default is
# The maximum number of operations per run, used to control rate limiting (GitHub API CRUD related).
operations-per-run: # optional, default is 30
# Remove stale labels from issues and pull requests when they are updated or commented on.
remove-stale-when-updated: # optional, default is true
# Remove stale labels from issues when they are updated or commented on. Override "remove-stale-when-updated" option regarding only the issues.
remove-issue-stale-when-updated: # optional, default is
# Remove stale labels from pull requests when they are updated or commented on. Override "remove-stale-when-updated" option regarding only the pull requests.
remove-pr-stale-when-updated: # optional, default is
# Run the processor in debug mode without actually performing any operations on live issues.
debug-only: # optional, default is false
# The order to get issues or pull requests. Defaults to false, which is descending.
ascending: # optional, default is false
# Delete the git branch after closing a stale pull request.
delete-branch: # optional, default is false
# The date used to skip the stale action on issue/pull request created before it (ISO 8601 or RFC 2822).
start-date: # optional, default is
# The assignees which exempt an issue or a pull request from being marked as stale. Separate multiple assignees with commas (eg. "user1,user2").
exempt-assignees: # optional, default is
# The assignees which exempt an issue from being marked as stale. Separate multiple assignees with commas (eg. "user1,user2"). Override "exempt-assignees" option regarding only the issues.
exempt-issue-assignees: # optional, default is
# The assignees which exempt a pull request from being marked as stale. Separate multiple assignees with commas (eg. "user1,user2"). Override "exempt-assignees" option regarding only the pull requests.
exempt-pr-assignees: # optional, default is
# Exempt all issues and pull requests with assignees from being marked as stale. Default to false.
exempt-all-assignees: # optional, default is false
# Exempt all issues with assignees from being marked as stale. Override "exempt-all-assignees" option regarding only the issues.
exempt-all-issue-assignees: # optional, default is
# Exempt all pull requests with assignees from being marked as stale. Override "exempt-all-assignees" option regarding only the pull requests.
exempt-all-pr-assignees: # optional, default is
# Exempt draft pull requests from being marked as stale. Default to false.
exempt-draft-pr: # optional, default is false
# Display some statistics at the end regarding the stale workflow (only when the logs are enabled).
enable-statistics: # optional, default is true
# A comma delimited list of labels to add when an issue or pull request becomes unstale.
labels-to-add-when-unstale: # optional, default is
# A comma delimited list of labels to remove when an issue or pull request becomes stale.
labels-to-remove-when-stale: # optional, default is
# A comma delimited list of labels to remove when an issue or pull request becomes unstale.
labels-to-remove-when-unstale: # optional, default is
# Any update (update/comment) can reset the stale idle time on the issues and pull requests.
ignore-updates: # optional, default is false
# Any update (update/comment) can reset the stale idle time on the issues. Override "ignore-updates" option regarding only the issues.
ignore-issue-updates: # optional, default is
# Any update (update/comment) can reset the stale idle time on the pull requests. Override "ignore-updates" option regarding only the pull requests.
ignore-pr-updates: # optional, default is
# Only the issues or the pull requests with an assignee will be marked as stale automatically.
include-only-assigned: # optional, default is false