-
Notifications
You must be signed in to change notification settings - Fork 4
159 lines (147 loc) · 6.28 KB
/
deploy_test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: deploy-test
on:
workflow_run:
workflows: [server-build, ci-web, web-build, worker-build]
types: [completed]
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch }}-${{github.event.workflow_run.name}}
cancel-in-progress: true
env:
GCP_REGION: us-central1
# TODO: Remove after dockerizing the web.
GCS_DEST: gs://cms.test.reearth.dev
# server
SERVER_IMAGE: reearth/reearth-cms:nightly
SERVER_IMAGE_NAME: us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/reearth/reearth-cms:nightly
SERVER_IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-cms:nightly
# web
WEB_IMAGE: reearth/reearth-cms-web:nightly
WEB_IMAGE_NAME: us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/reearth/reearth-cms-web:nightly
WEB_IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-cms-web:nightly
# worker
WORKER_IMAGE: reearth/reearth-cms-worker:nightly
WORKER_IMAGE_NAME: us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/reearth/reearth-cms-worker:nightly
WORKER_IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-cms-worker:nightly
jobs:
# TODO: Remove after dockerizing the web.
deploy_web_gcs:
name: Deploy web to test env
if: github.event.repository.full_name == 'reearth/reearth-cms' && github.event.workflow_run.name == 'ci-web' && github.event.workflow_run.conclusion != 'failure' && github.event.workflow_run.head_branch == 'main'
runs-on: ubuntu-latest
permissions:
contents: read # To checkout
id-token: write # To authenticate with Google Cloud using OIDC
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.GH_APP_ID }}
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
- name: get latest web artifact
uses: dawidd6/action-download-artifact@v3.1.4
with:
github_token: ${{ steps.app-token.outputs.token }}
workflow: ci_web.yml
workflow_conclusion: success
branch: main
name: reearth-cms-web
check_artifacts: true
search_artifacts: true
- name: Extract
run: tar -xvf reearth-cms-web.tar.gz
- uses: google-github-actions/auth@v2
with:
service_account: ${{ secrets.GCP_SA_EMAIL }}
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Deploy
run: gsutil -m -h "Cache-Control:no-store" rsync -x "^reearth_config\\.json$" -dr reearth-cms-web/ $GCS_DEST
deploy_server:
name: Deploy server to test env
runs-on: ubuntu-latest
if: github.event.repository.full_name == 'reearth/reearth-cms' && github.event.workflow_run.name == 'server-build' && github.event.workflow_run.conclusion != 'failure' && github.event.workflow_run.head_branch == 'main'
permissions:
contents: read # To checkout
id-token: write # To authenticate with Google Cloud using OIDC
steps:
- uses: actions/checkout@v4
- uses: google-github-actions/auth@v2
with:
service_account: ${{ secrets.GCP_SA_EMAIL }}
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker push
run: |
docker pull $SERVER_IMAGE
docker tag $SERVER_IMAGE $SERVER_IMAGE_GCP
docker push $SERVER_IMAGE_GCP
- name: Deploy to Cloud Run
run: |
gcloud run deploy reearth-cms-backend \
--image $SERVER_IMAGE_GCP \
--region $GCP_REGION \
--platform managed \
--quiet
deploy_web:
name: Deploy web to test env
runs-on: ubuntu-latest
if: github.event.repository.full_name == 'reearth/reearth-cms' && github.event.workflow_run.name == 'web-build' && github.event.workflow_run.conclusion != 'failure' && github.event.workflow_run.head_branch == 'main'
permissions:
contents: read # To checkout
id-token: write # To authenticate with Google Cloud using OIDC
steps:
- uses: actions/checkout@v4
- uses: google-github-actions/auth@v2
with:
service_account: ${{ secrets.GCP_SA_EMAIL }}
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker push
run: |
docker pull $WEB_IMAGE
docker tag $WEB_IMAGE $WEB_IMAGE_GCP
docker push $WEB_IMAGE_GCP
- name: Deploy to Cloud Run
run: |
gcloud run deploy reearth-cms-web \
--image $WEB_IMAGE_GCP \
--region $GCP_REGION \
--platform managed \
--quiet
deploy_worker:
name: Deploy worker to test env
runs-on: ubuntu-latest
if: github.event.repository.full_name == 'reearth/reearth-cms' && github.event.workflow_run.name == 'worker-build' && github.event.workflow_run.conclusion != 'failure' && github.event.workflow_run.head_branch == 'main'
permissions:
contents: read # To checkout
id-token: write # To authenticate with Google Cloud using OIDC
steps:
- uses: actions/checkout@v4
- uses: google-github-actions/auth@v2
with:
service_account: ${{ secrets.GCP_SA_EMAIL }}
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker push
run: |
docker pull $WORKER_IMAGE
docker tag $WORKER_IMAGE $WORKER_IMAGE_GCP
docker push $WORKER_IMAGE_GCP
- name: Deploy to Cloud Run
run: |
gcloud run deploy reearth-cms-worker \
--image $WORKER_IMAGE_GCP \
--region $GCP_REGION \
--platform managed \
--quiet