-
Notifications
You must be signed in to change notification settings - Fork 0
127 lines (102 loc) · 3.74 KB
/
app.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: app
on: push
jobs:
lint:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
cache: pipenv
- name: Install pipenv
run: curl https://raw.githubusercontent.com/pypa/pipenv/master/get-pipenv.py | python
- name: Install dependencies
run: pipenv sync --dev
- name: Lint
run: pipenv run lint
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:15-alpine
ports:
- 5432:5432
env:
POSTGRES_USER: test
POSTGRES_PASSWORD: password
POSTGRES_DB: ci
permissions:
contents: read
id-token: write
env:
ALLOWED_HOSTS: 127.0.0.1
DATABASE_ENGINE: django.db.backends.postgresql
DATABASE_NAME: ci
DATABASE_USER: test
DATABASE_PASSWORD: password
DATABASE_HOST: 127.0.0.1
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
cache: pipenv
- name: Install pipenv
run: curl https://raw.githubusercontent.com/pypa/pipenv/master/get-pipenv.py | python
- name: Install dependencies
run: pipenv sync
- name: Migration
run: pipenv run python manage.py migrate
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/682889726379/locations/global/workloadIdentityPools/github-actions/providers/github-actions
service_account: github@srandom.iam.gserviceaccount.com
- name: Test
run: pipenv run test
deploy:
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
env:
CLOUDSDK_CORE_DISABLE_PROMPTS: 1
SERVICE: app
REGION: asia-northeast1
IMAGE_APP: asia-northeast1-docker.pkg.dev/srandom/app/app:${{ github.sha }}
IMAGE_CMD_UPDATE_MUSIC: asia-northeast1-docker.pkg.dev/srandom/cmd/update-music:${{ github.sha }}
IMAGE_CMD_EXPORT2CSV: asia-northeast1-docker.pkg.dev/srandom/cmd/export2csv:${{ github.sha }}
steps:
- uses: actions/checkout@v4
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/682889726379/locations/global/workloadIdentityPools/github-actions/providers/github-actions
service_account: github@srandom.iam.gserviceaccount.com
- name: Configure auth
run: gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev
- name: Build and push containers
run: |
./scripts/decrypt-env.sh production
docker build . -f docker/Dockerfile -t ${{ env.IMAGE_APP }}
docker build . -f docker/Dockerfile_update_music -t ${{ env.IMAGE_CMD_UPDATE_MUSIC }}
docker build . -f docker/Dockerfile_export2csv -t ${{ env.IMAGE_CMD_EXPORT2CSV }}
docker push ${{ env.IMAGE_APP }}
docker push ${{ env.IMAGE_CMD_UPDATE_MUSIC }}
docker push ${{ env.IMAGE_CMD_EXPORT2CSV }}
- name: Deploy to Cloud Run
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ env.SERVICE }}
image: ${{ env.IMAGE_APP }}
region: ${{ env.REGION }}
- name: Update Cloud Run Jobs
run: |
gcloud beta run jobs update update-music --image ${{ env.IMAGE_CMD_UPDATE_MUSIC }} --region asia-northeast1
gcloud beta run jobs update export2csv --image ${{ env.IMAGE_CMD_EXPORT2CSV }} --region asia-northeast1