Merge pull request #216 from GreenTeaProgrammers/develop

v0.1.0 release

.github/pull_request_template.md

@@ -0,0 +1,27 @@
+## チケットへのリンク
+
+- https://github.com/orgs/GreenTeaProgrammers/projects/hogehoge-fugafugaaa
+
+## やったこと
+
+- このプルリクで何をしたのか？
+
+## やらないこと
+
+- このプルリクでやらないことは何か？（あれば。無いなら「無し」で OK）（やらない場合は、いつやるのかを明記する。）
+
+## できるようになること（ユーザ目線）
+
+- 何ができるようになるのか？（あれば。無いなら「無し」で OK）
+
+## できなくなること（ユーザ目線）
+
+- 何ができなくなるのか？（あれば。無いなら「無し」で OK）
+
+## 動作確認
+
+- [] どのような動作確認を行ったのか？　結果はどうか？
+
+## その他
+
+- レビュワーへの参考情報（実装上の懸念点や注意点などあれば記載）

.github/workflows/deploy-to-gcloud.yml

@@ -0,0 +1,68 @@
+name: Deploy to Google Cloud Run
+permissions:
+  id-token: write
+  contents: read
+
+on:
+  push:
+    branches:
+      - develop
+    paths:
+      - "backend/**"
+
+jobs:
+  setup-build-deploy:
+    name: Setup, Build, and Deploy
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Decrypt secrets
+        run: openssl aes-256-cbc -d -in backend/secrets/gcp-credentials.json.enc -out backend/secrets/gcp-credentials.json -k ${{ secrets.DECRYPTION_KEY }}
+
+      - name: Use decrypted secrets
+        run: |
+          echo "Secrets are decrypted and ready to use"
+
+      - name: Setup gcloud CLI
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          project_id: ${{ secrets.GCP_PROJECT_ID }}
+          skip_install: false
+          version: ">= 363.0.0"
+
+      - name: Auth
+        uses: google-github-actions/auth@v2
+        with:
+          workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ secrets.SERVICE_ACCOUNT }}
+          access_token_lifetime: 1200s
+
+      - name: Build Docker Image
+        run: |
+          docker build --tag=gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest \
+            --file=./backend/Dockerfile \
+            --platform linux/amd64 ./backend \
+            --build-arg DSN="${{ secrets.DSN }}" \
+            --build-arg DB_USER_NAME="${{ secrets.DB_USER_NAME }}" \
+            --build-arg DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
+            --build-arg DB_ADDR="${{ secrets.DB_ADDR }}" \
+            --build-arg DB_NAME="${{ secrets.DB_NAME }}" \
+            --build-arg PORT="${{ secrets.PORT }}" \
+            --build-arg MODE_DEV="${{ secrets.MODE_DEV }}" \
+            --build-arg GOOGLE_APPLICATION_CREDENTIALS="${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}" \
+            --build-arg STORAGE_BUCKET_NAME="${{ secrets.STORAGE_BUCKET_NAME }}" \
+            --build-arg PASSWORD_PEPPER="${{ secrets.PASSWORD_PEPPER }}" \
+            --build-arg ML_ADDR="${{ secrets.ML_ADDR }}"
+
+      - name: Configure Docker to use the gcloud command-line tool as a credential helper for the us region
+        run: gcloud auth configure-docker --quiet
+
+      - name: Push Docker Image to Google Container Registry
+        run: |
+          docker push gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest
+
+      - name: Deploy to Cloud Run
+        run: |
+          gcloud run deploy ${{ secrets.GCP_CLOUD_RUN_NAME }} --image=gcr.io/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_DOCKER_IMAGE_NAME }}:latest --platform=managed --project=${{ secrets.GCP_PROJECT_ID }} --region=${{ secrets.REGION }}

.github/workflows/deploy_cloudrun_machine_learning.yml

@@ -0,0 +1,61 @@
+name: Deployment of machine learning gRPC server to CloudRun
+
+on:
+  push:
+    branches:
+      - develop
+      - feature/machine-learning/cicd
+    paths:
+      - ".github/workflows/deploy_cloudrun_machine_learning.yml"
+      - "machine_learning/**"
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup gcloud CLI
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          project_id: ${{ secrets.GCP_PROJECT_ID }}
+          skip_install: false
+          version: latest
+
+      # gcloud CLIを認証するステップを追加
+      - name: Google Cloud Platform Service Account Authentication
+        uses: google-github-actions/auth@v0.4.0
+        with:
+          workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ secrets.SERVICE_ACCOUNT }}
+          access_token_lifetime: 1200s
+
+      - name: Build Docker image
+        run: |
+          docker build \
+            --build-arg GCP_PROJECT_ID=${{ secrets.GCP_PROJECT_ID }} \
+            --build-arg BUCKET_NAME_FOR_ML=${{ secrets.BUCKET_NAME_FOR_ML }} \
+            --build-arg BUCKET_NAME_FOR_FACE=${{ secrets.BUCKET_NAME_FOR_FACE }} \
+            --tag=gcr.io/${{ secrets.GCP_PROJECT_NAME_FOR_ML }}/${{ secrets.GCP_IMAGE_NAME_FOR_ML }}:latest \
+            --file=./machine_learning/Dockerfile \
+            --platform linux/amd64 ./machine_learning
+
+      - name: Authenticate Docker to GCP
+        run: gcloud auth configure-docker --quiet
+
+      - name: Push Docker image to Artifact Registry
+        run: |
+          docker push gcr.io/${{ secrets.GCP_PROJECT_NAME_FOR_ML }}/${{ secrets.GCP_IMAGE_NAME_FOR_ML }}:latest
+
+      - name: Deploy to Cloud Run
+        run: |
+          gcloud run deploy ${{ secrets.GCP_SERVICE_NAME_FOR_ML }} \
+            --image gcr.io/${{ secrets.GCP_PROJECT_NAME_FOR_ML }}/${{ secrets.GCP_IMAGE_NAME_FOR_ML }}:latest \
+            --region ${{ secrets.REGION }} \
+            --platform managed

.github/workflows/golangci-lint.yml

@@ -0,0 +1,37 @@
+name: golangci-lint
+
+on:
+  push:
+    branches:
+      - main      # Changed from 'master' to 'main'
+      - develop   # Added 'develop' branch
+  pull_request:
+    branches:
+      - main      # Specify branches for pull request as well
+      - develop
+
+permissions:
+  contents: read
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.21.5'
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v4
+        with:
+          version: v1.54
+          working-directory: backend  # Set this to the directory where your Go code is located
+
+          # You can uncomment and adjust the following lines if needed:
+          # args: --timeout=30m --config=/backend/.golangci.yml --issues-exit-code=0
+          # only-new-issues: true
+          # skip-cache: true
+          # skip-pkg-cache: true
+          # skip-build-cache: true
+          # install-mode: "goinstall"

backend/.env.example

@@ -0,0 +1,11 @@
+DSN=
+DB_USER_NAME=
+DB_PASSWORD=
+DB_ADDR=
+DB_NAME=
+PORT=
+MODE_DEV=
+GOOGLE_APPLICATION_CREDENTIALS=
+STORAGE_BUCKET_NAME=
+PASSWORD_PEPPER=
+ML_ADDR=

backend/.gitignore

@@ -0,0 +1,33 @@
+# Created by https://www.toptal.com/developers/gitignore/api/go
+# Edit at https://www.toptal.com/developers/gitignore?templates=go
+
+### Go ###
+# If you prefer the allow list template instead of the deny list, see community template:
+# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
+#
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+# Go workspace file
+go.work
+
+# End of https://www.toptal.com/developers/gitignore/api/go
+
+# envfile
+.env
+
+# secrets
+secrets-raw/*

backend/Dockerfile

@@ -0,0 +1,66 @@
+# First stage: build environment
+FROM golang:1.21.5 AS builder
+
+WORKDIR /srv/grpc
+COPY . .
+
+# ARGでビルド時の引数を定義
+ARG DSN
+ARG DB_USER_NAME
+ARG DB_PASSWORD
+ARG DB_ADDR
+ARG DB_NAME
+ARG PORT
+ARG MODE_DEV
+ARG GOOGLE_APPLICATION_CREDENTIALS
+ARG STORAGE_BUCKET_NAME
+ARG PASSWORD_PEPPER
+ARG ML_ADDR
+
+ARG INSIDE_OF_CREDENTIALS
+
+# .env ファイルを生成
+RUN echo "DSN=$DSN" > .env \
+    && echo "DB_USER_NAME=$DB_USER_NAME" >> .env \
+    && echo "DB_PASSWORD=$DB_PASSWORD" >> .env \
+    && echo "DB_ADDR=$DB_ADDR" >> .env \
+    && echo "DB_NAME=$DB_NAME" >> .env \
+    && echo "PORT=$PORT" >> .env \
+    && echo "MODE_DEV=$MODE_DEV" >> .env \
+    && echo "GOOGLE_APPLICATION_CREDENTIALS=$GOOGLE_APPLICATION_CREDENTIALS" >> .env \
+    && echo "STORAGE_BUCKET_NAME=$STORAGE_BUCKET_NAME" >> .env \
+    && echo "PASSWORD_PEPPER=$PASSWORD_PEPPER" >> .env \
+    && echo "ML_ADDR=$ML_ADDR" >> .env
+
+RUN go mod download
+
+ARG VERS="3.11.4"
+ARG ARCH="linux-x86_64"
+
+RUN CGO_ENABLED=0 GOOS=linux \
+    go build -a -installsuffix cgo \
+    -o /go/bin/server \
+    github.com/GreenTeaProgrammers/WhereChildBus/backend/cmd/server
+
+# Final stage: runtime environment
+# CA証明書が必要なので、alpineをベースにする
+# Final stage: runtime environment
+FROM alpine:latest
+
+# 必要なパッケージをインストール
+RUN apk --no-cache add ca-certificates
+
+# アプリケーション実行用のディレクトリを設定
+WORKDIR /app
+
+# ビルドステージからバイナリファイルをコピー
+COPY --from=builder /go/bin/server /app/server
+
+# .envファイルを/appディレクトリにコピー
+COPY --from=builder /srv/grpc/.env /app/.env
+
+# secretsディレクトリを/appディレクトリにコピー
+COPY --from=builder /srv/grpc/secrets /app/secrets
+
+# アプリケーションの起動
+ENTRYPOINT ["/app/server"]

backend/DockerfileLocal

@@ -0,0 +1,29 @@
+# First stage: build environment
+FROM golang:1.21.5 AS builder
+
+WORKDIR /srv/grpc
+COPY . .
+RUN go mod download
+
+ARG VERS="3.11.4"
+ARG ARCH="linux-x86_64"
+
+RUN CGO_ENABLED=0 GOOS=linux \
+    go build -a -installsuffix cgo \
+    -o /go/bin/server \
+    github.com/GreenTeaProgrammers/WhereChildBus/backend/cmd/server
+
+# Final stage: runtime environment
+# CA証明書が必要なので、alpineをベースにする
+FROM alpine:latest
+
+# 必要なパッケージをインストール
+RUN apk --no-cache add ca-certificates
+
+# ビルドステージからバイナリと.envファイルをコピー
+COPY --from=builder /go/bin/server /server
+COPY --from=builder /srv/grpc/.env /
+COPY --from=builder /srv/grpc/secrets /secrets
+
+# アプリケーションの起動
+ENTRYPOINT ["/server"]

backend/Makefile

@@ -0,0 +1,3 @@
+.PHONY: ent/generate
+ent/generate:
+	@GOFLAGS="-mod=mod" go generate ./domain/repository/ent