Skip to content
Build and Deploy to Cloud Run

Merge pull request #1689 from HDRUK/features/GAT-5664 #95

Sign in to view logs

Merge pull request #1689 from HDRUK/features/GAT-5664

Merge pull request #1689 from HDRUK/features/GAT-5664 #95

Workflow file for this run

.github/workflows/dev_deployment.yaml at 65c7393
name: Build and Deploy to Cloud Run
on:
push:
branches:
- 'dev'
# paths:
# - 'Chart.yaml'
# workflow_call:
# outputs:
# GITHB_SHA:
# value: ${{ github.sha }} # Map the workflow outputs to job outputs
env:
PROJECT_ID: '${{ secrets.PROJECT_ID }}' # TODO: update Google Cloud project id.
GAR_LOCATION: '${{ secrets.GAR_LOCATION }}' # TODO: update Artifact Registry location
SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_URL}}'
SLACK_CHANNEL: '${{ secrets.GITHUBACTIONS_SLACK_CHANNEL }}'
jobs:
build:
# Add 'id-token' with the intended permissions for workload identity federation
permissions:
contents: write
id-token: write
runs-on: ubuntu-latest
# outputs:
# run: echo ${{ github.sha }}
environment: legacy-dev
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: dev
- name: Read VERSION file
id: getversion
# run: echo "::set-output name=version::$(cat Chart.yaml)"
run: echo "version=$(cat Chart.yaml)" >> $GITHUB_OUTPUT
# To be used in Production pipeline
# - uses: "marvinpinto/action-automatic-releases@latest"
# with:
# repo_token: "${{ secrets.GITHUB_TOKEN }}"
# automatic_release_tag: ${{ steps.getversion.outputs.version }}
# prerelease: false
- name: Google Auth
id: auth
uses: 'google-github-actions/auth@v0'
with:
token_format: 'access_token'
workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'
- name: Login to GAR
id: garlogin
uses: docker/login-action@v2
with:
registry: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.PROJECT_ID }}
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Build and Push Container
id: build
shell: bash
env:
GAR_LOCATION: ${{ secrets.GAR_LOCATION }}
PROJECT_ID: ${{ secrets.PROJECT_ID }}
GAR_NAME: ${{ secrets.GAR_NAME_WEB }}
SKIP_PREFLIGHT_CHECK: ${{ secrets.SKIP_PREFLIGHT_CHECK }}
NODE_ENV: ${{ secrets.NODE_ENV }}
REACT_APP_HOTJAR_CODE: ${{ secrets.REACT_APP_HOTJAR_CODE }}
REACT_APP_HOTJAR_CODE_VERSION: ${{ secrets.REACT_APP_HOTJAR_CODE_VERSION }}
REACT_APP_METADATA_CATALOG_URL: ${{ secrets.REACT_APP_METADATA_CATALOG_URL }}
REACT_APP_NEWSLETTER_EXAMPLE_URL: ${{ secrets.REACT_APP_NEWSLETTER_EXAMPLE_URL }}
REACT_APP_TERMS_AND_CONDITIONS_URL: ${{ secrets.REACT_APP_TERMS_AND_CONDITIONS_URL }}
REACT_APP_GATEWAY_PRIVACY_POLICY_URL: ${{ secrets.REACT_APP_GATEWAY_PRIVACY_POLICY_URL }}
REACT_APP_FIVE_SAFES_URL: ${{ secrets.REACT_APP_FIVE_SAFES_URL }}
run: |-
docker build -t '${{ env.GAR_LOCATION }}'-docker.pkg.dev/'${{ env.PROJECT_ID }}'/'${{ env.GAR_NAME }}'/${{ steps.getversion.outputs.version }}:${{ github.sha }} -t '${{ env.GAR_LOCATION }}'-docker.pkg.dev/'${{ env.PROJECT_ID }}'/'${{ env.GAR_NAME }}'/${{ steps.getversion.outputs.version }}:latest --build-arg SKIP_PREFLIGHT_CHECK='${{ env.SKIP_PREFLIGHT_CHECK }}' --build-arg NODE_ENV='${{ env.NODE_ENV }}' --build-arg REACT_APP_HOTJAR_CODE='${{ env.REACT_APP_HOTJAR_CODE }}' --build-arg REACT_APP_HOTJAR_CODE_VERSION='${{ env.REACT_APP_HOTJAR_CODE_VERSION }}' --build-arg REACT_APP_METADATA_CATALOG_URL='${{ env.REACT_APP_METADATA_CATALOG_URL }}' --build-arg REACT_APP_NEWSLETTER_EXAMPLE_URL='${{ env.REACT_APP_NEWSLETTER_EXAMPLE_URL }}' --build-arg REACT_APP_TERMS_AND_CONDITIONS_URL='${{ env.REACT_APP_TERMS_AND_CONDITIONS_URL }}' --build-arg REACT_APP_GATEWAY_PRIVACY_POLICY_URL='${{ env.REACT_APP_GATEWAY_PRIVACY_POLICY_URL }}' --build-arg REACT_APP_FIVE_SAFES_URL='${{ env.REACT_APP_FIVE_SAFES_URL }}' --cache-from gcr.io/hdruk-gateway-dev/hdruk-gateway-web:dev ./
docker push --all-tags '${{ env.GAR_LOCATION }}'-docker.pkg.dev/'${{ env.PROJECT_ID }}'/'${{ env.GAR_NAME }}'/${{ steps.getversion.outputs.version }}
- name: Build Notification
id: buildnotificationsent
uses: act10ns/slack@v2
with:
status: ${{ job.status }}
steps: ${{ toJson(steps) }}
channel: ${{ env.SLACK_CHANNEL }}
message: Building {{ env.GITHUB_REF_NAME }} branch
if: always()
# END - Docker auth and build
# Deployment please don't modify anything here as the infrastructure is controlled by terraform any changes here please agree with chris and reuben
deploy:
needs: build
permissions:
contents: write
id-token: write
runs-on: ubuntu-latest
environment: legacy-dev
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: dev
- name: Google Auth
id: auth
uses: 'google-github-actions/auth@v0'
with:
token_format: 'access_token'
workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'
- name: Read VERSION file
id: getversion
# run: echo "::set-output name=version::$(cat Chart.yaml)"
run: echo "version=$(cat Chart.yaml)" >> $GITHUB_OUTPUT
- name: Deploy to Cloud Run
uses: actions-hub/gcloud@master
id: deploy
env:
PROJECT_ID: '${{ secrets.PROJECT_ID }}'
GAR_LOCATION: '${{ secrets.GAR_LOCATION }}'
GAR_NAME: '${{ secrets.GAR_NAME_WEB }}'
SERVICE_NAME: '${{ secrets.SERVICE_NAME_WEB }}'
SERVICE_REGION: '${{ secrets.SERVICE_REGION_WEB }}'
with:
args: run services update '${{ env.SERVICE_NAME }}' --image='${{ env.GAR_LOCATION }}'-docker.pkg.dev/'${{ env.PROJECT_ID }}'/'${{ env.GAR_NAME }}'/${{ steps.getversion.outputs.version }}:${{ github.sha }} --region='${{ env.SERVICE_REGION }}' --project='${{ env.PROJECT_ID }}'
- name: Deploy Notification
id: deploynotificationsent
uses: act10ns/slack@v2
with:
status: ${{ job.status }}
steps: ${{ toJson(steps) }}
channel: ${{ env.SLACK_CHANNEL }}
message: Deploying {{ env.GITHUB_REF_NAME }} branch
if: always()
# If required, use the Cloud Run url output in later steps