An example workflow that uses GitHub Actions to deploy a container to an existing Google Compute Engine (GCE) instance.
This code is intended to be an example. You will likely need to change or update values to match your setup.
For pushes to the master
branch, this workflow will:
-
Download and configure the Google Cloud SDK with the provided credentials.
-
Build, tag, and push a container image to Google Container Registry.
-
Deploy the container image to a Google Compute Engine instance. Note that a GCE deployment requires an existing container-optimized VM.
-
Create a new Google Cloud Project (or select an existing project) and enable the Container Registry and Compute APIs.
-
Create a container-optimized GCE VM or use an existing container-optimized VM. Note the VM name and zone.
-
Create or reuse a GitHub repository for the example workflow:
-
Move into the repository directory:
$ cd <repo>
-
Copy the example into the repository:
$ cp -r <path_to>/github-actions/example-workflows/gce/ .
-
Create a Google Cloud service account if one does not already exist.
-
Add the the following Cloud IAM roles to your service account:
-
Compute Instance Admin
- allows administering GCE VMs -
Storage Admin
- allows pushing to Container Registry -
Service Account User
- run operations as the compute storage account
Note: These permissions are overly broad to favor a quick start. They do not represent best practices around the Principle of Least Privledge. To properly restrict access, you should create a custom IAM role with the most restrictive permissions.
-
-
Create a JSON service account key for the service account.
-
Add the following secrets to your repository's secrets:
-
GCE_PROJECT
: Google Cloud project ID -
GCE_SA_KEY
: the content of the service account JSON file
-
-
Update
.github/workflows/gce.yml
to match the values corresponding to your VM:-
GCE_INSTANCE
- the instance name of the VM -
GCE_INSTANCE_ZONE
- the zone your VM resides
-
-
Add and commit your changes:
$ git add . $ git commit -m "Set up GitHub workflow"
-
Push to the
master
branch:$ git push -u origin master
-
View the GitHub Actions Workflow by selecting the
Actions
tab at the top of your repository on GitHub. Then click on theBuild and Deploy to Google Compute Engine
element to see the details.