Skip to content

Latest commit

 

History

History
100 lines (63 loc) · 3.38 KB

README.md

File metadata and controls

100 lines (63 loc) · 3.38 KB
Raw

Cloud Run - GitHub Actions

An example workflow that uses GitHub Actions to deploy a Hello World Node.js app to Cloud Run.

This code is intended to be an example. You will likely need to change or update values to match your setup.

Workflow description

For pushes to the master branch, this workflow will:

  1. Download and configure the Google Cloud SDK with the provided credentials.

  2. Build, tag, and push a container image to Google Container Registry.

    • The image is built using Cloud Build and pushed to Google Container Registry.

    • The image is available through the following tags: latest and first 8 of the commit SHA.

  3. Deploy the image to Cloud Run.

Setup

  1. Create a new Google Cloud Project (or select an existing project) and enable the Cloud Run and Cloud Build APIs.

  2. Create or reuse a GitHub repository for the example workflow:

    1. Create a repository.

    2. Move into the repository directory:

      $ cd <repo>

    3. Copy the example into the repository:

      $ cp -r <path_to>/github-actions/example-workflows/cloud-run/ .

  3. Create a Google Cloud service account if one does not already exist.

  4. Add the the following Cloud IAM roles to your service account:

    • Cloud Run Admin - allows for the creation of new services

    • Cloud Build Editor - allows for deploying cloud builds

    • Cloud Build Service Account - allows for deploying cloud builds

    • Viewer - allows for viewing the project

    • Service Account User - required to deploy services to Cloud Run

    Note: These permissions are overly broad to favor a quick start. They do not represent best practices around the Principle of Least Privilege. To properly restrict access, you should create a custom IAM role with the most restrictive permissions.

  5. Create a JSON service account key for the service account.

  6. Add the following secrets to your repository's secrets:

    • RUN_PROJECT: Google Cloud project ID

    • RUN_SA_KEY: the content of the service account JSON file

Run the workflow

  1. Add and commit your changes:

    $ git add .
$ git commit -m "Set up GitHub workflow"

  2. Push to the master branch:

    $ git push -u origin master

  3. View the GitHub Actions Workflow by selecting the Actions tab at the top of your repository on GitHub. Then click on the Build and Deploy to Cloud Run element to see the details.