Skip to content

Commit efa1101

Browse files
author
StockMaster Deployer
committed
Add Cloud Run deploy workflow and doc for required GCP secrets
1 parent a74c08c commit efa1101

2 files changed

Lines changed: 70 additions & 0 deletions

File tree

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
name: Deploy to Google Cloud Run
2+
3+
on:
4+
push:
5+
branches: [ main ]
6+
7+
jobs:
8+
deploy:
9+
runs-on: ubuntu-latest
10+
environment: production
11+
steps:
12+
- name: Checkout
13+
uses: actions/checkout@v4
14+
15+
- name: Authenticate to GCP
16+
uses: google-github-actions/auth@v1
17+
with:
18+
credentials_json: ${{ secrets.GCP_SA_KEY }}
19+
20+
- name: Set up gcloud
21+
uses: google-github-actions/setup-gcloud@v1
22+
with:
23+
project_id: ${{ secrets.GCP_PROJECT }}
24+
25+
- name: Build and push backend image
26+
run: |
27+
IMAGE=gcr.io/${{ secrets.GCP_PROJECT }}/expense-system-backend
28+
docker build -f backend/Dockerfile -t ${IMAGE}:${GITHUB_SHA} .
29+
docker push ${IMAGE}:${GITHUB_SHA}
30+
docker tag ${IMAGE}:${GITHUB_SHA} ${IMAGE}:latest
31+
docker push ${IMAGE}:latest
32+
33+
- name: Deploy backend to Cloud Run
34+
uses: google-github-actions/deploy-cloudrun@v1
35+
with:
36+
service: expense-backend
37+
image: gcr.io/${{ secrets.GCP_PROJECT }}/expense-system-backend:${GITHUB_SHA}
38+
region: ${{ secrets.GCP_REGION }}
39+
allow-unauthenticated: true
40+
41+
- name: Build and push frontend image
42+
run: |
43+
IMAGE=gcr.io/${{ secrets.GCP_PROJECT }}/expense-system-frontend
44+
docker build -f frontend/Dockerfile -t ${IMAGE}:${GITHUB_SHA} .
45+
docker push ${IMAGE}:${GITHUB_SHA}
46+
docker tag ${IMAGE}:${GITHUB_SHA} ${IMAGE}:latest
47+
docker push ${IMAGE}:latest
48+
49+
- name: Deploy frontend to Cloud Run
50+
uses: google-github-actions/deploy-cloudrun@v1
51+
with:
52+
service: expense-frontend
53+
image: gcr.io/${{ secrets.GCP_PROJECT }}/expense-system-frontend:${GITHUB_SHA}
54+
region: ${{ secrets.GCP_REGION }}
55+
allow-unauthenticated: true

README.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,15 +112,30 @@ See also: `TECHSTACK.md` for detailed tech choices and recommended versions.
112112

113113
1. Replace image placeholders in `k8s/*-deployment.yaml` with your image path (GHCR or Docker Hub).
114114
2. Create a secret for `SECRET_KEY`:
115+
115116
```bash
116117
kubectl create secret generic expense-secrets --from-literal=SECRET_KEY='replace-with-secret'
117118
```
119+
118120
3. Apply manifests:
121+
119122
```bash
120123
kubectl apply -f k8s/
121124
```
125+
122126
4. Get the frontend external IP (may take a minute):
127+
123128
```bash
124129
kubectl get svc expense-frontend
125130
```
126131

132+
## Continuous deployment to Cloud Run (one-click when secrets are set)
133+
134+
I added a GitHub Actions workflow `.github/workflows/deploy-cloudrun.yml` that will build and push container images to Google Container Registry (GCR) and deploy them to Cloud Run when you push to `main`.
135+
136+
Required repository secrets (set these in GitHub Settings -> Secrets):
137+
- `GCP_SA_KEY`: JSON service account key with roles `roles/run.admin`, `roles/storage.admin`, `roles/iam.serviceAccountUser` (base64 or raw JSON)
138+
- `GCP_PROJECT`: your GCP project id
139+
- `GCP_REGION`: Cloud Run region (e.g. `us-central1`)
140+
141+
After adding those secrets, pushing to `main` will automatically deploy both services to Cloud Run. Logs and status are available in the Actions tab.

0 commit comments

Comments
 (0)