From 182b0e0c54a7efd48942967caa2049592b18cf16 Mon Sep 17 00:00:00 2001 From: Shion Ichikawa Date: Sun, 3 Mar 2024 00:20:59 +0900 Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20Update=20CI/CD=20for=20cloudrun?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 3 + .../workflows/deploy-cloudrun-pr-closed.yaml | 46 +++++++++++ .github/workflows/deploy-cloudrun-pr.yaml | 70 +++++++++++++++++ .../workflows/deploy-cloudrun-release.yaml | 73 ++++++++++++++++++ .github/workflows/deploy-cloudrun-stg.yaml | 76 +++++++++++++++++++ .github/workflows/deploy-gae.yaml | 56 -------------- cloudrun/Dockerfile | 34 +++++++++ 7 files changed, 302 insertions(+), 56 deletions(-) create mode 100644 .dockerignore create mode 100644 .github/workflows/deploy-cloudrun-pr-closed.yaml create mode 100644 .github/workflows/deploy-cloudrun-pr.yaml create mode 100644 .github/workflows/deploy-cloudrun-release.yaml create mode 100644 .github/workflows/deploy-cloudrun-stg.yaml delete mode 100644 .github/workflows/deploy-gae.yaml create mode 100644 cloudrun/Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e7c2d35 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +.nuxt +.output +node_modules diff --git a/.github/workflows/deploy-cloudrun-pr-closed.yaml b/.github/workflows/deploy-cloudrun-pr-closed.yaml new file mode 100644 index 0000000..1cd37a5 --- /dev/null +++ b/.github/workflows/deploy-cloudrun-pr-closed.yaml @@ -0,0 +1,46 @@ +name: Delete Cloud Run (PR closed) +on: + pull_request: + branches: + - main + types: + - closed +jobs: + build-and-deploy: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - name: Login to Google Cloud + id: auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: 'projects/292061085119/locations/global/workloadIdentityPools/github-pool/providers/provider-github' + service_account: 'gh-actions@ynufes-hp-cloudrun.iam.gserviceaccount.com' + + - name: setup gcloud + uses: google-github-actions/setup-gcloud@v2 + with: + version: '>= 363.0.0' + + - name: Delete Cloud Run + id: delete-cloudrun-service + continue-on-error: true + run: | + gcloud run services delete tokiwa23-stg-pr-${{ github.event.number }} --region=asia-northeast1 --quiet + + - name: Delete from Artifact Registry + id: delete-artifact-registry + continue-on-error: true + run: | + gcloud artifacts docker images delete asia-northeast1-docker.pkg.dev/ynufes-hp-cloudrun/staging/tokiwa23-pr-${{ github.event.number }}:latest --quiet + + - name: Notify Failure on Pull Request + if: ${{ steps.delete-cloudrun-service.outcome != 'success' || steps.delete-artifact-registry.outcome != 'success' }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr comment ${{ github.event.number }} -m "Failed to delete resources, CloudRun: ${{ steps.delete-cloudrun-service.outcome }}, Artifact Registry: ${{ steps.delete-artifact-registry.outcome }}" + exit 1 diff --git a/.github/workflows/deploy-cloudrun-pr.yaml b/.github/workflows/deploy-cloudrun-pr.yaml new file mode 100644 index 0000000..6ff54f7 --- /dev/null +++ b/.github/workflows/deploy-cloudrun-pr.yaml @@ -0,0 +1,70 @@ +name: Deploy to Cloud Run (PR preview) +on: + pull_request: + branches: + - main + types: + - opened + - synchronize + - reopened +jobs: + build-and-deploy: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + pull-requests: write + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Google Cloud + id: auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: 'projects/292061085119/locations/global/workloadIdentityPools/github-pool/providers/provider-github' + service_account: 'gh-actions@ynufes-hp-cloudrun.iam.gserviceaccount.com' + + - name: Set up Cloud SDK + uses: 'google-github-actions/setup-gcloud@v2' + with: + version: '>= 363.0.0' + + - name: Authorize Docker + id: docker-auth + uses: docker/login-action@v2 + with: + username: 'oauth2accesstoken' + password: ${{ steps.auth.outputs.access_token }} + registry: asia-northeast1-docker.pkg.dev + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + push: true + tags: asia-northeast1-docker.pkg.dev/ynufes-hp-cloudrun/staging/tokiwa23-pr-${{ github.event.number }}:latest + context: . + file: ./cloudrun/Dockerfile + + - name: Deploy to Cloud Run + id: deploy + uses: google-github-actions/deploy-cloudrun@v2 + with: + service: tokiwa23-stg-pr-${{ github.event.number }} + region: "asia-northeast1" + image: asia-northeast1-docker.pkg.dev/ynufes-hp-cloudrun/staging/tokiwa23-pr-${{ github.event.number }}:latest + + - name: Make CloudRun accessible + run: | + gcloud run services add-iam-policy-binding tokiwa23-stg-pr-${{ github.event.number }} --region=asia-northeast1 --member=allUsers --role=roles/run.invoker + + - name: Post comments + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + URL: ${{ github.event.pull_request.html_url }} + run: + gh pr comment -b "Deployed on ${{ steps.deploy.outputs.url }}" ${{ github.event.number }} diff --git a/.github/workflows/deploy-cloudrun-release.yaml b/.github/workflows/deploy-cloudrun-release.yaml new file mode 100644 index 0000000..91e081e --- /dev/null +++ b/.github/workflows/deploy-cloudrun-release.yaml @@ -0,0 +1,73 @@ +name: Deploy to Cloud Run (Release) +on: + push: + branches: + - release +jobs: + build-and-deploy: + runs-on: ubuntu-latest + permissions: + contents: 'read' + id-token: 'write' + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Google Cloud + id: auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: 'projects/292061085119/locations/global/workloadIdentityPools/github-pool/providers/provider-github' + service_account: 'gh-actions@ynufes-hp-cloudrun.iam.gserviceaccount.com' + + - name: Set up Cloud SDK + uses: 'google-github-actions/setup-gcloud@v2' + with: + version: '>= 363.0.0' + + - name: Authorize Docker + id: docker-auth + uses: docker/login-action@v2 + with: + username: 'oauth2accesstoken' + password: ${{ steps.auth.outputs.access_token }} + registry: asia-northeast1-docker.pkg.dev + + - name: Configure .env + run: | + echo "IS_PRODUCTION=true" >> .env + echo "CONTEST_DATA_URL=${{ secrets.CONTEST_DATA_URL }}" >> .env + + - name: Download events.json from external URL + run: | + curl "${{ secrets.EVENTS_COMPLETE_URL }}" -o ./assets/data/events-detail.json + curl "${{ secrets.EVENTS_SUMMARY_URL }}" -o ./assets/data/events.json + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + push: true + tags: asia-northeast1-docker.pkg.dev/ynufes-hp-cloudrun/release/tokiwa23:latest + context: . + file: ./cloudrun/Dockerfile + + - name: Download Cloud Run Service YAML + run: | + gcloud run services describe hp-main --format yaml --region asia-northeast1 > ./cloudrun/service-hp-main.yaml + + # replace github_sha field to latest commit sha. Changing spec.template is required to deploy new revision. + # reference: https://cloud.google.com/run/docs/deploying?hl=ja#revision -- check yaml tab. + - name: Change some property of service-hp-main.yaml + run: | + sed -i "s/github_sha: .*/github_sha: ${{ github.sha }}/g" ./cloudrun/service-hp-main.yaml + + - name: Deploy to Cloud Run + id: deploy + uses: google-github-actions/deploy-cloudrun@v2 + with: + region: "asia-northeast1" + metadata: "./cloudrun/service-hp-main.yaml" diff --git a/.github/workflows/deploy-cloudrun-stg.yaml b/.github/workflows/deploy-cloudrun-stg.yaml new file mode 100644 index 0000000..2772ce0 --- /dev/null +++ b/.github/workflows/deploy-cloudrun-stg.yaml @@ -0,0 +1,76 @@ +name: Deploy to Cloud Run (Staging) +on: + push: + branches: + - main +jobs: + build-and-deploy: + runs-on: ubuntu-latest + permissions: + contents: 'read' + id-token: 'write' + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Google Cloud + id: auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: 'projects/292061085119/locations/global/workloadIdentityPools/github-pool/providers/provider-github' + service_account: 'gh-actions@ynufes-hp-cloudrun.iam.gserviceaccount.com' + + - name: Set up Cloud SDK + uses: 'google-github-actions/setup-gcloud@v2' + with: + version: '>= 363.0.0' + + - name: Configure .env + run: | + echo "IS_PRODUCTION=false" >> .env + echo "CONTEST_DATA_URL=${{ secrets.CONTEST_DATA_URL_TEST }}" >> .env + + - name: Download events.json from external URL + run: | + curl "${{ secrets.EVENTS_COMPLETE_URL }}" -o ./assets/data/events-detail.json + curl "${{ secrets.EVENTS_SUMMARY_URL }}" -o ./assets/data/events.json + + - name: Authorize Docker + id: docker-auth + uses: docker/login-action@v2 + with: + username: 'oauth2accesstoken' + password: ${{ steps.auth.outputs.access_token }} + registry: asia-northeast1-docker.pkg.dev + + - name: configure url, is_ + + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + push: true + tags: asia-northeast1-docker.pkg.dev/ynufes-hp-cloudrun/staging/tokiwa23:latest + context: . + file: ./cloudrun/Dockerfile + + - name: Download Cloud Run Service YAML + run: | + gcloud run services describe hp-stg --format yaml --region asia-northeast1 > ./cloudrun/service-hp-stg.yaml + + # replace github_sha field to latest commit sha. Changing spec.template is required to deploy new revision. + # reference: https://cloud.google.com/run/docs/deploying?hl=ja#revision -- check yaml tab. + - name: Change some property of service-hp-stg.yaml + run: | + sed -i "s/github_sha: .*/github_sha: ${{ github.sha }}/g" ./cloudrun/service-hp-stg.yaml + + - name: Deploy to Cloud Run + id: deploy + uses: google-github-actions/deploy-cloudrun@v2 + with: + region: "asia-northeast1" + metadata: "./cloudrun/service-hp-stg.yaml" diff --git a/.github/workflows/deploy-gae.yaml b/.github/workflows/deploy-gae.yaml deleted file mode 100644 index 952525a..0000000 --- a/.github/workflows/deploy-gae.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: Deploy to GAE -on: - push: - branches: - - "stg" - - "release" -jobs: - auto_deploy_gae: - permissions: write-all - runs-on: ubuntu-20.04 - timeout-minutes: 10 - steps: - - name: Setup Node.js 18 - uses: actions/setup-node@v2 - with: - node-version: 18 - - uses: actions/checkout@v2 - - name: "Extract branch name" - id: branch-name - shell: bash - run: | - short_ref=${GITHUB_REF#refs/*/} - formatted_ref=$(echo "$short_ref" | tr '[:upper:]' '[:lower:]' | tr '/' '-') - echo "short_ref=${formatted_ref}" >> $GITHUB_ENV - - name: configure service name - run: | - if [[ "${{ env.short_ref }}" == "release" ]]; then - sed -i 's/{{service_name}}/tokiwa23/' app.yaml - echo "BASE_URL=/23/tokiwa/" >> .env - echo "IS_PRODUCTION=true" >> .env - echo "CONTEST_DATA_URL=${{ secrets.CONTEST_DATA_URL }}" >> .env - elif [[ "${{ env.short_ref }}" == "stg" ]]; then - sed -i 's/{{service_name}}/tokiwa23-stg/' app.yaml - echo "BASE_URL=/stg/23/tokiwa/" >> .env - echo "IS_PRODUCTION=false" >> .env - echo "CONTEST_DATA_URL=${{ secrets.CONTEST_DATA_URL_TEST }}" >> .env - fi - # switch service name to configure deployment target appropriately - - name: Download events.json from external URL - run: | - curl "${{ secrets.EVENTS_COMPLETE_URL }}" -o ./assets/data/events-detail.json - curl "${{ secrets.EVENTS_SUMMARY_URL }}" -o ./assets/data/events.json - - name: yarn install - run: yarn install - - name: yarn build - run: yarn build - - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GCP_SA_KEY }}" - - name: "Deploy to App Engine" - id: "deploy" - uses: "google-github-actions/deploy-appengine@v1" - with: - deliverables: "app.yaml" - promote: true diff --git a/cloudrun/Dockerfile b/cloudrun/Dockerfile new file mode 100644 index 0000000..1887116 --- /dev/null +++ b/cloudrun/Dockerfile @@ -0,0 +1,34 @@ +FROM node:20-slim as builder +#nodeのイメージをベースにする + +ENV BASE_URL=/23/tokiwa/ + +WORKDIR /app +#作業ディレクトリの指定 + +COPY ./ ./ +#ynu-fes...の下を/appの下にコピー + +RUN yarn install + +RUN yarn build + +FROM node:20-slim as production + +WORKDIR /app + +COPY --from=builder /app/.output ./.output +COPY --from=builder /app/.nuxt ./.nuxt +#最小限のファイルをコピー + +ENV HOST=0.0.0.0 + +ENV BASE_URL=/23/tokiwa/ + +ENV PORT=8080 +#環境変数の設定 + +CMD ["node" ,"./.output/server/index.mjs"] +#--containerを作成するときに実行されるコマンド + +EXPOSE 8080 \ No newline at end of file