-
Notifications
You must be signed in to change notification settings - Fork 0
132 lines (108 loc) · 3.95 KB
/
app.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: app
on: push
jobs:
lint:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
cache: pipenv
- name: Install pipenv
run: curl https://raw.githubusercontent.com/pypa/pipenv/master/get-pipenv.py | python
- name: Install dependencies
run: pipenv sync --dev
- name: Lint
run: pipenv run lint
test:
runs-on: ubuntu-latest
services:
mysql:
image: mysql:8.0
ports:
- 3306:3306
env:
MYSQL_ROOT_PASSWORD: password
MYSQL_DATABASE: ci
options: >-
--health-cmd "mysqladmin ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
permissions:
contents: read
id-token: write
env:
ALLOWED_HOSTS: 127.0.0.1
DATABASE_ENGINE: django.db.backends.mysql
DATABASE_NAME: ci
DATABASE_USER: root
DATABASE_PASSWORD: password
DATABASE_HOST: 127.0.0.1
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
cache: pipenv
- name: Install pipenv
run: curl https://raw.githubusercontent.com/pypa/pipenv/master/get-pipenv.py | python
- name: Install dependencies
run: pipenv sync
- name: Migration
run: pipenv run python manage.py migrate
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/682889726379/locations/global/workloadIdentityPools/github-actions/providers/github-actions
service_account: github@srandom.iam.gserviceaccount.com
- name: Test
run: pipenv run test
deploy:
if: github.ref == 'refs/heads/master'
needs: [lint, test]
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
env:
CLOUDSDK_CORE_DISABLE_PROMPTS: 1
SERVICE: app
REGION: asia-northeast1
IMAGE_APP: asia-northeast1-docker.pkg.dev/srandom/app/app:${{ github.sha }}
IMAGE_CMD_UPDATE_MUSIC: asia-northeast1-docker.pkg.dev/srandom/cmd/update-music:${{ github.sha }}
IMAGE_CMD_EXPORT2CSV: asia-northeast1-docker.pkg.dev/srandom/cmd/export2csv:${{ github.sha }}
steps:
- uses: actions/checkout@v4
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/682889726379/locations/global/workloadIdentityPools/github-actions/providers/github-actions
service_account: github@srandom.iam.gserviceaccount.com
- name: Configure auth
run: gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev
- name: Build and push containers
run: |
git clone https://github.com/planetscale/django_psdb_engine.git
./scripts/decrypt-env.sh production
docker build . -f docker/Dockerfile -t ${{ env.IMAGE_APP }}
docker build . -f docker/Dockerfile_update_music -t ${{ env.IMAGE_CMD_UPDATE_MUSIC }}
docker build . -f docker/Dockerfile_export2csv -t ${{ env.IMAGE_CMD_EXPORT2CSV }}
docker push ${{ env.IMAGE_APP }}
docker push ${{ env.IMAGE_CMD_UPDATE_MUSIC }}
docker push ${{ env.IMAGE_CMD_EXPORT2CSV }}
- name: Deploy to Cloud Run
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ env.SERVICE }}
image: ${{ env.IMAGE_APP }}
region: ${{ env.REGION }}
- name: Update Cloud Run Jobs
run: |
gcloud beta run jobs update update-music --image ${{ env.IMAGE_CMD_UPDATE_MUSIC }} --region asia-northeast1
gcloud beta run jobs update export2csv --image ${{ env.IMAGE_CMD_EXPORT2CSV }} --region asia-northeast1