Skip to content

Commit

Permalink
initial commit for cloudrun build and deploy workflows (#244)
Browse files Browse the repository at this point in the history 
* cloudrun build and deploy workflows

* Remove -function suffix

I took this out of the terraform module as well.

* Add two more parameters for items not managed by terraform

* Use environment variables
pass them as secrets

* correct Pusher entry use inputs instead of vars

* update template and add comments

---------

Co-authored-by: Matt Drees <[email protected]>
  • Loading branch information
@cru-Luis-Rodriguez @mattdrees
cru-Luis-Rodriguez and mattdrees authored Oct 30, 2024
1 parent 378bdbe commit 3b222da
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 0 deletions.
95 changes: 95 additions & 0 deletions .github/workflows/build-deploy-cloudrun-function.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
name: Build and Deploy Cloud Run Function

on:
push:
branches:
- $default-branch
- staging
workflow_call:
inputs:
environment:
type: string
description: environment to deploy to
required: true
function_name:
description: 'The name of the Cloud Function to deploy'
type: string
required: true
entry_point:
description: 'The python function serving as the entry point'
type: string
required: true
runtime:
description: 'The function runtime'
type: string
required: true
secrets:
GCP_PROJECT_ID:
GCP_PROJECT_NUMBER:
WORKLOAD_IDENTITY_POOL:
WORKLOAD_IDENTITY_PROVIDER:
GCP_SERVICE_ACCOUNT:
GCP_SERVICE_ACCOUNT_EMAIL:
GCP_REGION:

jobs:
build-and-deploy:
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
permissions:
contents: read
id-token: write
pull-requests: write
steps:
- name: Checkout code
uses: actions/checkout@v4

- id: 'auth'
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
env:
GCP_PROJECT_ID: ${{ vars.GCP_PROJECT_ID }}
GCP_PROJECT_NUMBER: ${{ vars.GCP_PROJECT_NUMBER }}
WORKLOAD_IDENTITY_POOL: ${{ vars.WORKLOAD_IDENTITY_POOL }}
WORKLOAD_IDENTITY_PROVIDER: ${{ vars.WORKLOAD_IDENTITY_PROVIDER }}
GCP_SERVICE_ACCOUNT: ${{ vars.GCP_SERVICE_ACCOUNT }}
GCP_SERVICE_ACCOUNT_EMAIL: ${{ vars.GCP_SERVICE_ACCOUNT_EMAIL }}
with:
project_id: ${{ vars.GCP_PROJECT_ID }}
workload_identity_provider: 'projects/${{ vars.GCP_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ vars.WORKLOAD_IDENTITY_POOL }}/providers/${{ vars.WORKLOAD_IDENTITY_PROVIDER }}'
service_account: '${{ vars.GCP_SERVICE_ACCOUNT }}@${{ vars.GCP_PROJECT_ID }}.iam.gserviceaccount.com'

- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2

- name: Deploy to Cloud Run Functions
id: deploy
env:
GCP_PROJECT_ID: ${{ vars.GCP_PROJECT_ID }}
GCP_SERVICE_ACCOUNT_EMAIL: ${{ vars.GCP_SERVICE_ACCOUNT_EMAIL }}
GCP_REGION: ${{ vars.GCP_REGION }}
run: |
gcloud config set project ${{ vars.GCP_PROJECT_ID }}
gcloud functions deploy ${{ inputs.function_name }} \
--region ${{ vars.GCP_REGION }} \
--source=./${{ inputs.function_name }} \
--entry-point=${{ inputs.entry_point }} \
--runtime=${{ inputs.runtime }} \
--build-service-account=projects/${{ vars.GCP_PROJECT_ID }}/serviceAccounts/${{ vars.GCP_SERVICE_ACCOUNT_EMAIL }}
- uses: actions/github-script@v6
if: github.event.pull_request.merged == true
with:
script: |
const output = `#### GCF Deploy ⚙️\`${{ steps.deploy.outcome }}\`
<details><summary>Show Deploy</summary>
\`\`\`\n
${{ steps.deploy.outputs.stdout }}
\`\`\`
</details>
*Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ inputs.function_name }}\`, Workflow: \`${{ github.workflow }}\`*`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
14 changes: 14 additions & 0 deletions workflow-templates/build-deploy-cloudrun-function.properties.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"name": "Build and Deploy Cloud Run Function",
"description": "Deploy a Cloud Function to Google Cloud Run. This workflow requires authentication to Google Cloud.",
"filePatterns": [
"^Dockerfile",
"^cloudrun-function-config.yml"
],
"inputs": {
"function_name": {
"description": "The name of the Cloud Function to deploy",
"required": true
}
}
}
41 changes: 41 additions & 0 deletions workflow-templates/build-deploy-cloudrun-function.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Build & Deploy Cloudrun Function POC

on:
push:
branches:
# Automatically deploy $default-branch. Create a workflow per branch.
- $default-branch
paths:
- 'Path-to-fuction/**' # Update with path to the function
workflow_dispatch:
inputs:
function_name:
description: 'The name of the Cloud Function to deploy'
required: true
default: 'function-name' # Update with function name
entry_point:
description: 'The python function serving as the entry point'
required: true
default: 'entry_point' # Update with entry point
runtime:
description: 'The function runtime'
required: true
default: 'runtime' # Update with runtime

jobs:
build_and_deploy:

uses: CruGlobal/.github/.github/workflows/build-deploy-cloudrun-function.yml@v1
with:
function_name: ${{ github.event.inputs.function_name }}
entry_point: { entry_point } # hello_http
runtime: { runtime } # python312
environment: { environment } # production
secrets:
GCP_PROJECT_ID: ${{ vars.GCP_PROJECT_ID }}
GCP_PROJECT_NUMBER: ${{ vars.GCP_PROJECT_NUMBER }}
WORKLOAD_IDENTITY_POOL: ${{ vars.WORKLOAD_IDENTITY_POOL }}
WORKLOAD_IDENTITY_PROVIDER: ${{ vars.WORKLOAD_IDENTITY_PROVIDER }}
GCP_SERVICE_ACCOUNT: ${{ vars.GCP_SERVICE_ACCOUNT }}
GCP_SERVICE_ACCOUNT_EMAIL: ${{ vars.GCP_SERVICE_ACCOUNT_EMAIL }}
GCP_REGION: ${{ vars.GCP_REGION }}

0 comments on commit 3b222da

Please sign in to comment.