Skip to content

add dockerfile and deploy.yml #4

add dockerfile and deploy.yml

add dockerfile and deploy.yml #4

Workflow file for this run

name: Deploy app to Google Cloudrun
on:
pull_request:
paths:
- "src/**"
- ".github/workflows/deploy.yml"
push:
branches:
- main
paths:
- "src/**"
- ".github/workflows/deploy.yml"
tags:
- "release-*"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
CI: true
PROJECT_ID: ${{ secrets.PROJECT_ID }}
MAIN: ${{ github.ref == 'refs/heads/main' }}
SERVICE: app
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
ELEVENLABS_API_KEY: ${{ secrets.ELEVENLABS_API_KEY }}
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
VERSION: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || format('main-{0}', steps.prepare_env.outputs.SHORT_SHA) }}
MAIN_OR_TAGGED: ${{ fromJSON(env.MAIN) || (fromJSON(steps.prepare_env.outputs.TAGGED) && steps.prepare_env.outputs.TAG_BRANCH_NAME == 'main') }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- id: prepare_env
run: |
echo "TAGGED=${{ startsWith(github.ref, 'refs/tags/api') }}" >> $GITHUB_OUTPUT
SHORT_SHA=$(git rev-parse --short HEAD)
echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_OUTPUT
RAW=$(git branch -r --contains $SHORT_SHA)
TAG_BRANCH_NAME="${RAW##*/}"
echo "TAG_BRANCH_NAME=$TAG_BRANCH_NAME" >> $GITHUB_OUTPUT
lint:
runs-on: ubuntu-latest
needs: prepare
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- id: setup-python
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip" # caching pip dependencies
check-latest: true
- run: pip install --force-reinstall -r requirements.txt
if: ${{ steps.setup-python.outputs.cache-hit != 'true' }}
- run: pip install -r requirements.txt
if: ${{ steps.setup-python.outputs.cache-hit == 'true' }}
- uses: chartboost/ruff-action@v1
deploy:
runs-on: ubuntu-latest
needs: [prepare, lint]
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip" # caching pip dependencies
check-latest: true
- uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.GCP_SA_KEY }}"
- uses: google-github-actions/setup-gcloud@v2
- run: gcloud config set app/cloud_build_timeout 300
- id: deploy
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ env.SERVICE }}
source: ./
tag: ${{ needs.prepare.outputs.VERSION }}
no_traffic: true
timeout: "5m"
gcloud_version: "482.0.0"
env_vars: |
ENV=prod
OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
GEMINI_API_KEY=${{ secrets.GEMINI_API_KEY }}
ANTHROPIC_API_KEY=${{ secrets.ANTHROPIC_API_KEY }}
ELEVENLABS_API_KEY=${{ secrets.ELEVENLABS_API_KEY }}
flags: "--allow-unauthenticated --memory=32Gi --cpu=8 --execution-environment=gen2"
- name: health-check
run: curl -f "${{ steps.deploy.outputs.url }}"
- uses: marocchino/sticky-pull-request-comment@v2
with:
header: api
message: |
app: ${{ steps.deploy.outputs.url }} (${{ github.event.pull_request.head.sha }})
promote:
runs-on: ubuntu-latest
if: (needs.prepare.outputs.MAIN_OR_TAGGED == 'true')
needs: [prepare, deploy, lint]
timeout-minutes: 3
steps:
- uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.GCP_SA_KEY }}"
- uses: google-github-actions/setup-gcloud@v2
- run: gcloud run services update-traffic ${{ env.SERVICE }} --to-tags=${{ needs.prepare.outputs.VERSION }}=100 --project=${{ env.PROJECT_ID }} --region=us-central1
cleanup:
runs-on: ubuntu-latest
needs: promote
timeout-minutes: 3
steps:
- uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.GCP_SA_KEY }}"
- uses: google-github-actions/setup-gcloud@v2
- name: cleanup old revisions
run: |
gcloud run revisions list --service=${{ env.SERVICE }} --project=${{ env.PROJECT_ID }} --region=us-central1 --sort-by=CREATE_TIME --format="value(REVISION)" | tail -n +4 | xargs -I {} gcloud run revisions delete {} --project=${{ env.PROJECT_ID }} --region=us-central1 --quiet