-
Notifications
You must be signed in to change notification settings - Fork 6
124 lines (124 loc) · 4.86 KB
/
gradle-deploy-develop.yml
File metadata and controls
124 lines (124 loc) · 4.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: Gradle Build & Deploy - Develop
on:
push:
branches:
- 'develop'
env:
HUSKY: 0
PROJECT_NUMBER: ${{ secrets.PROJECT_NUM }}
PROJECT_ID: ${{ secrets.PROJECT_ID }}
PROJECT_NAME: ${{ secrets.PROJECT_NAME }}
RUN_REGION: us-central1
SERVICE_NAME: checkins-develop
TARGET_URL: https://checkins-develop.objectcomputing.com
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Node Stable
uses: actions/setup-node@v4
with:
node-version: '22'
- name: Set up Temurin 23
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 23
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- name: Run tests with Gradle
run: ./gradlew check
deploy:
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
environment:
name: Development
url: ${{ env.TARGET_URL }}/
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up Node LTS
uses: actions/setup-node@v4
with:
node-version: '22'
- name: Set up Temurin 23
uses: actions/setup-java@v4
with:
distribution: 'temurin' # See 'Supported distributions' for available options
java-version: 23
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
project_id: ${{ secrets.PROJECT_ID }}
workload_identity_provider: 'projects/${{secrets.PROJECT_NUM}}/locations/global/workloadIdentityPools/github-wif-pool/providers/github-provider'
service_account: '${{secrets.AUTOMATION_SERVICE_ACCOUNT}}'
- id: 'secrets'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
with:
secrets: |-
cloud_db_connection_name:${{secrets.PROJECT_NUM}}/CLOUD_DB_CONNECTION_NAME
connector_id:${{secrets.PROJECT_NUM}}/CONNECTOR_ID
- name: 'Set up Cloud SDK'
uses: google-github-actions/setup-gcloud@v2
with:
version: '>= 363.0.0'
- name: 'Auth Configure Docker'
run: |-
gcloud --quiet auth configure-docker
- name: Build the Docker image
run: |-
./gradlew assemble
cd server
docker build --tag "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" .
env:
VITE_APP_API_URL: ${{ env.TARGET_URL }}
- name: Push the Docker image to Google Container Registry
run: docker push "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA"
- name: Deploy image to Cloud Run
run: |-
gcloud run deploy "$SERVICE_NAME" \
--quiet \
--project "$PROJECT_ID" \
--region "$RUN_REGION" \
--image "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" \
--memory 1Gi \
--add-cloudsql-instances ${{steps.secrets.outputs.cloud_db_connection_name }} \
--vpc-connector ${{steps.secrets.outputs.connector_id}} \
--set-secrets "CLOUD_DB_CONNECTION_NAME=CLOUD_DB_CONNECTION_NAME:latest" \
--set-secrets "DB_NAME=DB_NAME:latest" \
--set-secrets "DATASOURCES_DEFAULT_PASSWORD=DATASOURCES_DEFAULT_PASSWORD:latest" \
--set-secrets "DATASOURCES_DEFAULT_USERNAME=DATASOURCES_DEFAULT_USERNAME:latest" \
--set-secrets "AES_KEY=AES_KEY:latest" \
--set-secrets "OAUTH_CLIENT_ID=OAUTH_CLIENT_ID:latest" \
--set-secrets "OAUTH_CLIENT_SECRET=OAUTH_CLIENT_SECRET:latest" \
--set-secrets "GSUITE_SUPER_ADMIN=GSUITE_SUPER_ADMIN:latest" \
--set-secrets "SERVICE_ACCOUNT_CREDENTIALS=SERVICE_ACCOUNT_CREDENTIALS:latest" \
--set-secrets "WEB_ADDRESS=WEB_ADDRESS:latest" \
--set-secrets "MICRONAUT_ENVIRONMENTS=MICRONAUT_ENVIRONMENTS:latest" \
--set-secrets "SLACK_WEBHOOK_URL=SLACK_WEBHOOK_URL:latest" \
--set-secrets "SLACK_BOT_TOKEN=SLACK_BOT_TOKEN:latest" \
--set-secrets "SLACK_SIGNING_SECRET=SLACK_SIGNING_SECRET:latest" \
--set-secrets "SLACK_KUDOS_CHANNEL_ID=SLACK_KUDOS_CHANNEL_ID:latest" \
--platform "managed" \
--max-instances 2 \
--allow-unauthenticated