ci: deploy production #17
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy production | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "web/**" | |
| - "server/**" | |
| - "server.Dockerfile" | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| environment: prod | |
| outputs: | |
| container_tag: ${{ steps.docker_build.outputs.container_tag }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20.x | |
| cache: npm | |
| cache-dependency-path: ./web/package-lock.json | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.22 | |
| cache-dependency-path: ./server/go.sum | |
| - name: Set up Google Authentication | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_CREDENTIALS }} | |
| token_format: access_token | |
| - name: Set up server configs | |
| run: | | |
| sed -i "s/{DB_USER}/${{ secrets.DB_USER }}/" server/config.yml | |
| sed -i "s/{DB_PASSWORD}/${{ secrets.DB_PASSWORD }}/" server/config.yml | |
| sed -i "s/{DB_HOST}/${{ secrets.DB_HOST }}/" server/config.yml | |
| sed -i "s/{DB_PORT}/${{ secrets.DB_PORT }}/" server/config.yml | |
| sed -i "s/{DB_NAME}/${{ secrets.DB_NAME }}/" server/config.yml | |
| - name: Login to Google Artifact Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ vars.REGION }}-docker.pkg.dev | |
| username: _json_key | |
| password: ${{ secrets.GCP_CREDENTIALS }} | |
| - name: Build app | |
| run: | | |
| make -C server | |
| npm --prefix web ci | |
| npm run --prefix web build | |
| mv web/dist server/dist/web | |
| - name: Build container | |
| id: docker_build | |
| run: | | |
| export CONTAINER_TAG=${{ vars.REGION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.ARTIFACT_REPO }}/${{ vars.SERVICE_NAME_SERVER }}:${{ github.sha }} | |
| export BUILD_GIT_HASH=$(git describe --always --dirty) | |
| export BUILD_TIMESTAMP=$(TZ="GMT" LC_TIME="en_US.utf8" date) | |
| docker build -t $CONTAINER_TAG -f server.Dockerfile --output type=tar,dest=/tmp/server.tar --build-arg BUILD_GIT_HASH="$BUILD_GIT_HASH" --build-arg BUILD_TIMESTAMP="$BUILD_TIMESTAMP" . | |
| echo "container_tag=$CONTAINER_TAG" >> "$GITHUB_OUTPUT" | |
| - name: Upload container | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: server | |
| path: /tmp/server.tar | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| environment: prod | |
| steps: | |
| - name: Download container | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: server | |
| path: /tmp | |
| - name: Load image | |
| run: docker load --input /tmp/server.tar | |
| - name: Push container | |
| run: docker push ${{ needs.build.outputs.container_tag }} | |
| - name: Deploy to Cloud Run | |
| id: deploy | |
| uses: google-github-actions/deploy-cloudrun@v2 | |
| with: | |
| service: ${{ vars.SERVICE_NAME_SERVER }} | |
| region: ${{ vars.REGION }} | |
| image: ${{ needs.build.outputs.container_tag }} | |
| - name: Show deployment URL | |
| run: echo "Deployed to ${{ steps.deploy.outputs.url }}" |