Merge pull request #9 from eukarya-inc/add-ci

Add ci
eukarya-inc · Apr 14, 2024 · 8e4d981 · 8e4d981
2 parents 2e7a7a8 + 1d7029f
commit 8e4d981
Show file tree

Hide file tree

Showing 7 changed files with 148 additions and 23 deletions.
diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml
@@ -0,0 +1,42 @@
+name: Build
+on:
+  workflow_call:
+    inputs:
+      workload_identity_provider:
+        type: string
+      service_account:
+        type: string
+      gar_repository:
+        type: string
+      gar_dst:
+        type: string
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - uses: google-github-actions/auth@v2
+        with:
+          workload_identity_provider: ${{ inputs.workload_identity_provider }}
+          service_account: ${{ inputs.service_account }}
+      - name: Set up Cloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GAR
+        run: gcloud auth configure-docker ${{ inputs.gar_repository }} --quiet
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v5
+        with:
+          context: ./
+          file: ./Dockerfile.amd64
+          platforms: linux/amd64
+          push: true
+          tags: |
+            ${{ inputs.gar_dst }}:latest
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -1,22 +1,31 @@
-name: 'CI'
+name: CI
 
 on:
+  push:
+    branches:
+      - main
   pull_request:
-    branches: [ main ]
+  workflow_dispatch:
 jobs:
-  build:
+  ci:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
           node-version: '18.x'
-
       - name: Dependencies
         run: npm ci
-
       - name: Test and Build
         run: npm install -g pkg && npm test && npm run build
+  build:
+    uses: ./.github/workflows/_build.yaml
+    needs: ci
+    if: ${{ !failure() && github.ref_name == 'main' }}
+    with:
+      workload_identity_provider: projects/723082692741/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-provider
+      service_account: reearth-dev-github-oidc@reearth-development.iam.gserviceaccount.com
+      gar_repository: asia-northeast1-docker.pkg.dev
+      gar_dst: asia-northeast1-docker.pkg.dev/reearth-development/eukarya/notion-proxy
diff --git a/.github/workflows/deploy_dev.yml b/.github/workflows/deploy_dev.yml
@@ -0,0 +1,32 @@
+name: Deploy dev
+on:
+  workflow_dispatch:
+env:
+  IMAGE_NAME_GAR: asia-northeast1-docker.pkg.dev/reearth-development/eukarya/notion-proxy
+  GCP_WORKLOAD_IDENTITY_PROVIDER: projects/723082692741/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-provider
+  GCP_SERVICE_ACCOUNT: reearth-dev-github-oidc@reearth-development.iam.gserviceaccount.com
+  GCP_REGION: asia-northeast1
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: read
+    steps:
+      - uses: actions/checkout@v4
+      - uses: google-github-actions/auth@v2
+        with:
+          workload_identity_provider: ${{ env.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ env.GCP_SERVICE_ACCOUNT }}
+      - name: Set up Cloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+      - name: Deploy to Cloud Run
+        run: |
+          gcloud run deploy reearth-help \
+            --image $IMAGE_NAME \
+            --region $GCP_REGION \
+            --platform managed \
+            --quiet
+        env:
+          IMAGE_NAME: ${{ env.IMAGE_NAME_GAR }}:latest
diff --git a/.github/workflows/deploy_prod.yml b/.github/workflows/deploy_prod.yml
@@ -0,0 +1,42 @@
+name: Deploy prod
+on:
+  workflow_dispatch:
+env:
+  IMAGE_NAME_GAR: asia-northeast1-docker.pkg.dev/reearth/eukarya/notion-proxy
+  GCP_WORKLOAD_IDENTITY_PROVIDER: projects/950334725361/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-provider
+  GCP_SERVICE_ACCOUNT: [email protected]
+  GCP_REGION: asia-northeast1
+jobs:
+  # TODO: Refactor with and env param
+  build:
+    uses: ./.github/workflows/_build.yaml
+    with:
+      workload_identity_provider: projects/950334725361/locations/global/workloadIdentityPools/github-oidc-pool/providers/github-provider
+      service_account: [email protected]
+      gar_repository: asia-northeast1-docker.pkg.dev
+      gar_dst: asia-northeast1-docker.pkg.dev/reearth/eukarya/notion-proxy
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    if: ${{ !failure() }}
+    permissions:
+      contents: read
+      id-token: write
+      packages: read
+    steps:
+      - uses: actions/checkout@v4
+      - uses: google-github-actions/auth@v2
+        with:
+          workload_identity_provider: ${{ env.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ env.GCP_SERVICE_ACCOUNT }}
+      - name: Set up Cloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+      - name: Deploy to Cloud Run
+        run: |
+          gcloud run deploy reearth-help \
+            --image $IMAGE_NAME \
+            --region $GCP_REGION \
+            --platform managed \
+            --quiet
+        env:
+          IMAGE_NAME: ${{ env.IMAGE_NAME_GAR }}:latest
diff --git a/Dockerfile.amd64 b/Dockerfile.amd64
@@ -1,7 +1,7 @@
 FROM node:18-slim
 
 # See: https://github.com/puppeteer/puppeteer/tree/main/docker
-# Install chrome on amd64
+# Install chrome for amd64
 RUN apt-get update \
     && apt-get install -y wget gnupg python3 make g++ ca-certificates \
     && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/googlechrome-linux-keyring.gpg \