Deploy #68
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| - "*" # タグ push 時にデプロイ | |
| env: | |
| PROJECT_ID: ${{ secrets.GCP_PROJECT }} | |
| PROJECT_NUMBER: ${{ secrets.GCP_PROJECT_NUMBER }} | |
| AR_LOCATION: asia-northeast1-docker.pkg.dev | |
| GCR_REGION: asia-northeast1 | |
| REPOSITORY_NAME: logbook | |
| IMAGE_NAME: logbook-api | |
| SERVICE: logbook-api | |
| WI_POOL_ID: ${{ secrets.WI_POOL_ID }} | |
| WI_PROVIDER_ID: ${{ secrets.WI_PROVIDER_ID }} | |
| WI_SERVICE_ACCOUNT: ${{ secrets.WI_SERVICE_ACCOUNT }} | |
| LOGBOOK_ATMOS_TOKEN: ${{ secrets.LOGBOOK_ATMOS_TOKEN }} | |
| LOGBOOK_ATMOS_API: ${{ secrets.LOGBOOK_ATMOS_API }} | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@v4 | |
| - name: Authenticate with Google Cloud using WIF | |
| id: auth | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| token_format: access_token | |
| project_id: ${{ env.PROJECT_ID }} | |
| workload_identity_provider: projects/${{ env.PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ env.WI_POOL_ID }}/providers/${{ env.WI_PROVIDER_ID }} | |
| service_account: ${{ env.WI_SERVICE_ACCOUNT }} | |
| - name: Authenticate Docker to Artifact Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| username: oauth2accesstoken | |
| password: ${{ steps.auth.outputs.access_token }} | |
| registry: ${{ env.AR_LOCATION }} | |
| - name: Build and Push Docker Image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| ${{ env.AR_LOCATION }}/${{ env.PROJECT_ID }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }}:${{ github.sha }} | |
| ${{ env.AR_LOCATION }}/${{ env.PROJECT_ID }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }}:latest | |
| - name: Deploy to Cloud Run | |
| uses: google-github-actions/deploy-cloudrun@v2 | |
| with: | |
| service: ${{ env.SERVICE }} | |
| region: ${{ env.GCR_REGION }} | |
| image: ${{ env.AR_LOCATION }}/${{ env.PROJECT_ID }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }}:latest | |
| project_id: ${{ env.PROJECT_ID }} | |
| env_vars: | | |
| LOGBOOK_ATMOS_TOKEN=${{ env.LOGBOOK_ATMOS_TOKEN }}, | |
| LOGBOOK_ATMOS_API=${{ env.LOGBOOK_ATMOS_API }} | |
| tag: latest | |
| no_traffic: false |