From b445e19b34cc351bce863258838840cfe7a7e4f1 Mon Sep 17 00:00:00 2001 From: BlackBoiEvsen <100245530+BlackBoiEvsen@users.noreply.github.com> Date: Tue, 28 May 2024 17:03:12 -0400 Subject: [PATCH 1/2] Create blank.yml --- .github/workflows/blank.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/blank.yml diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml new file mode 100644 index 0000000000..01502b13e1 --- /dev/null +++ b/.github/workflows/blank.yml @@ -0,0 +1,36 @@ +# This is a basic workflow to help you get started with Actions + +name: CI + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the "main" branch + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v4 + + # Runs a single command using the runners shell + - name: Run a one-line script + run: echo Hello, world! + + # Runs a set of commands using the runners shell + - name: Run a multi-line script + run: | + echo Add other actions to build, + echo test, and deploy your project. From 9bb72a4b8fe2798e84c230beb315790927a4e1c2 Mon Sep 17 00:00:00 2001 From: BlackBoiEvsen <100245530+BlackBoiEvsen@users.noreply.github.com> Date: Tue, 28 May 2024 17:03:34 -0400 Subject: [PATCH 2/2] Create google.yml --- .github/workflows/google.yml | 91 ++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 .github/workflows/google.yml diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml new file mode 100644 index 0000000000..aed19f3b8b --- /dev/null +++ b/.github/workflows/google.yml @@ -0,0 +1,91 @@ +# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the "main" branch. +# +# To configure this workflow: +# +# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. +# +# 2. Create and configure a Workload Identity Provider for GitHub (https://github.com/google-github-actions/auth#setting-up-workload-identity-federation) +# +# 3. Change the values for the GAR_LOCATION, GKE_ZONE, GKE_CLUSTER, IMAGE, REPOSITORY and DEPLOYMENT_NAME environment variables (below). +# +# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke-kustomize + +name: Build and Deploy to GKE + +on: + push: + branches: [ "main" ] + +env: + PROJECT_ID: ${{ secrets.GKE_PROJECT }} + GAR_LOCATION: us-central1 # TODO: update region of the Artifact Registry + GKE_CLUSTER: cluster-1 # TODO: update to cluster name + GKE_ZONE: us-central1-c # TODO: update to cluster zone + DEPLOYMENT_NAME: gke-test # TODO: update to deployment name + REPOSITORY: samples # TODO: update to Artifact Registry docker repository + IMAGE: static-site + +jobs: + setup-build-publish-deploy: + name: Setup, Build, Publish, and Deploy + runs-on: ubuntu-latest + environment: production + + permissions: + contents: 'read' + id-token: 'write' + + steps: + - name: Checkout + uses: actions/checkout@v4 + + # Configure Workload Identity Federation and generate an access token. + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@v0' + with: + token_format: 'access_token' + workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' + service_account: 'my-service-account@my-project.iam.gserviceaccount.com' + + # Alternative option - authentication via credentials json + # - id: 'auth' + # uses: 'google-github-actions/auth@v0' + # with: + # credentials_json: '${{ secrets.GCP_CREDENTIALS }}' + + - name: Docker configuration + run: |- + echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://$GAR_LOCATION-docker.pkg.dev + # Get the GKE credentials so we can deploy to the cluster + - name: Set up GKE credentials + uses: google-github-actions/get-gke-credentials@v0 + with: + cluster_name: ${{ env.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + + # Build the Docker image + - name: Build + run: |- + docker build \ + --tag "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" \ + --build-arg GITHUB_SHA="$GITHUB_SHA" \ + --build-arg GITHUB_REF="$GITHUB_REF" \ + . + # Push the Docker image to Google Artifact Registry + - name: Publish + run: |- + docker push "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" + # Set up kustomize + - name: Set up Kustomize + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 + chmod u+x ./kustomize + # Deploy the Docker image to the GKE cluster + - name: Deploy + run: |- + # replacing the image name in the k8s template + ./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide