Skip to content

INFRA30 (#251)

INFRA30 (#251) #84

name: Build and Deploy to Cloud Run
on:
push:
branches: [ "main" ]
workflow_dispatch:
jobs:
deploy:
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
env:
PUBLIC_FIREBASE_CONFIG: ${{ secrets.FIREBASE_CONFIG }}
PUBLIC_FIREBASE_SERVICE_ACCOUNT: ${{ secrets.FIREBASE_SERVICE_ACCOUNT }}
environment: demo
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Google Auth
id: auth
uses: 'google-github-actions/auth@v2'
with:
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: Docker Auth
id: docker-auth
uses: docker/login-action@v3
with:
registry: '${{ vars.GAR_LOCATION }}-docker.pkg.dev'
username: _json_key
password: ${{ secrets.GCP_CREDENTIALS }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- uses: pnpm/action-setup@v3
name: Install pnpm
with:
version: 8
run_install: false
- name: Get pnpm store directory
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ env.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- run: pnpm install --no-frozen-lockfile
- run: pnpm run build
- name: Build and Push Container
run: |-
docker build --build-arg FIREBASE_CONFIG_ARG='${{ secrets.FIREBASE_CONFIG }}' --build-arg FIREBASE_SERVICE_ACCOUNT_ARG='${{ secrets.FIREBASE_SERVICE_ACCOUNT }}' -t "${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.PROJECT_ID }}/${{ vars.REPOSITORY }}/${{ vars.SERVICE }}:${{ github.sha }}" ./
docker push "${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.PROJECT_ID }}/${{ vars.REPOSITORY }}/${{ vars.SERVICE }}:${{ github.sha }}"
- name: Deploy to Cloud Run
id: deploy
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ vars.SERVICE }}
region: ${{ vars.REGION }}
image: ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.PROJECT_ID }}/${{ vars.REPOSITORY }}/${{ vars.SERVICE }}:${{ github.sha }}
- name: Show Output
run: echo ${{ steps.deploy.outputs.url }}