Merge commit '2ae6c1c57c1582d996a9ba3888fff92ff5165419' into ci/backend #97
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Google Cloud Run | |
| permissions: | |
| id-token: write | |
| contents: read | |
| on: | |
| push: | |
| branches: | |
| - ci/backend # デプロイをトリガーするブランチを指定 | |
| jobs: | |
| setup-build-deploy: | |
| name: Setup, Build, and Deploy | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: google-github-actions/auth@v2 | |
| with: | |
| project_id: ${{ secrets.GCP_PROJECT_ID }} | |
| workload_identity_provider: "projects/484440918227/locations/global/workloadIdentityPools/github-action-pool/providers/github-action-provider" | |
| service_account: "grpc-server-sa@wherechildbus.iam.gserviceaccount.com" | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| with: | |
| version: ">= 363.0.0" | |
| - name: Configure Docker to use the gcloud command-line tool as a credential helper for the us region | |
| run: gcloud auth configure-docker us-docker.pkg.dev --quiet | |
| - name: Build Docker Image | |
| run: | | |
| docker build --tag=gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest \ | |
| --file=./backend/Dockerfile \ | |
| --platform linux/amd64 ./backend \ | |
| --build-arg DSN="${{ secrets.DSN }}" \ | |
| --build-arg DB_USER_NAME="${{ secrets.DB_USER_NAME }}" \ | |
| --build-arg DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \ | |
| --build-arg DB_ADDR="${{ secrets.DB_ADDR }}" \ | |
| --build-arg DB_NAME="${{ secrets.DB_NAME }}" \ | |
| --build-arg PORT="${{ secrets.PORT }}" \ | |
| --build-arg MODE_DEV="${{ secrets.MODE_DEV }}" \ | |
| --build-arg GOOGLE_APPLICATION_CREDENTIALS="${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}" \ | |
| --build-arg STORAGE_BUCKET_NAME="${{ secrets.STORAGE_BUCKET_NAME }}" \ | |
| --build-arg PASSWORD_PEPPER="${{ secrets.PASSWORD_PEPPER }}" \ | |
| --build-arg ML_ADDR="${{ secrets.ML_ADDR }}" \ | |
| --build-arg INSIDE_OF_CREDENTIALS="${{ secrets.INSIDE_OF_CREDENTIALS }}" | |
| - name: Push Docker Image to Google Container Registry | |
| run: | | |
| docker push gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest | |
| - name: Deploy to Cloud Run | |
| run: | | |
| gcloud run deploy ${{ secrets.GCP_CLOUD_RUN_NAME }} --image=gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest --platform=managed --allow-unauthenticated --project=${{ secrets.GCP_PROJECT_ID }} --region=${{ secrets.GCP_REGION }} |