-
Notifications
You must be signed in to change notification settings - Fork 6
130 lines (112 loc) · 4.53 KB
/
build-and-deploy-images.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Build and Deploy Docker Images
on:
workflow_dispatch:
push:
branches:
- main
release:
types: [published]
# This job uses RafikFarhad's GitHub action to build and
# push a docker image to a specified GCP repository
jobs:
build-and-push-api-image:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # to get all tags
- name: Generate Image Tag
id: get-tag
run: |
REV=$(git rev-list --tags --max-count=1)
IMAGE_TAG=$(git describe --tags $REV)
echo "IMAGE_TAG=${IMAGE_TAG//v}"
echo "IMAGE_TAG=${IMAGE_TAG//v}" >> $GITHUB_OUTPUT
- name: Build and Push Image
uses: RafikFarhad/push-to-gcr-github-action@v5-beta
with:
gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}
registry: us-central1-docker.pkg.dev
project_id: monarch-initiative
image_name: monarch-api/monarch-api
image_tag: latest, ${{ steps.get-tag.outputs.IMAGE_TAG }}, ${{ github.sha }}
dockerfile: ./backend/Dockerfile
build-and-push-frontend-image:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./frontend
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # to get all tags
- name: Set up Bun
uses: oven-sh/setup-bun@v1
- name: Install packages
run: bun install
- name: Build app
run: bun run build
- name: Generate Image Tag for Frontend Dir
id: get-tag
run: |
REV=$(git rev-list --tags --max-count=1 )
IMAGE_TAG=$(git describe --tags $REV)
echo "IMAGE_TAG=${IMAGE_TAG//v}"
echo "IMAGE_TAG=${IMAGE_TAG//v}" >> $GITHUB_OUTPUT
# the monarch-ui Dockerfile pulls from two places:
# ./frontend/dist/, copied to /var/www/ in the image
# ./services/nginx/config/, copied to /etc/nginx/conf.d/ in the image
- name: Build and Push Image
uses: RafikFarhad/push-to-gcr-github-action@v5-beta
with:
gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}
registry: us-central1-docker.pkg.dev
project_id: monarch-initiative
image_name: monarch-api/monarch-ui
image_tag: latest, ${{ steps.get-tag.outputs.IMAGE_TAG }}, ${{ github.sha }}
dockerfile: ./services/nginx/Dockerfile
context: .
update-gcp-services:
runs-on: ubuntu-latest
needs: [build-and-push-api-image, build-and-push-frontend-image]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # to get all tags
- id: "auth"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}"
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
with:
version: ">= 447.0.0"
- name: "Cache SSH Key"
uses: actions/cache@v4
with:
path: |
~/.ssh/google_compute_engine
~/.ssh/google_compute_engine.pub
key: ${{ runner.os }}-ssh-key
- name: "Remove old SSH keys"
run: |
if [[ $(gcloud compute os-login ssh-keys list | grep -v FINGERPRINT) ]]; then
for i in $(gcloud compute os-login ssh-keys list | grep -v FINGERPRINT)
do
echo $i
gcloud compute os-login ssh-keys remove --key $i
done
fi
- name: "Update API Service"
run: |
gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker system prune -f
gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_api --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-api:${{ github.sha }}
- name: "Update UI Service"
run: |
gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker system prune -f
gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_nginx --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-ui:${{ github.sha }}