Refactor deploy_image_prod/deploy_image_dev back into a single workflow

Recombine them by using ${{ ... }} to vary environment and service_account as appropriate. In particular, this avoids building the Docker image twice.
populationgenomics · Oct 1, 2024 · cfea718 · cfea718
1 parent ad2a7e2
commit cfea718
Showing 1 changed file with 4 additions and 44 deletions.
diff --git a/.github/workflows/deploy_container.yaml b/.github/workflows/deploy_container.yaml
@@ -17,20 +17,20 @@ permissions:
   contents: read
 
 jobs:
-  deploy_image_prod:
+  deploy_image:
     runs-on: ubuntu-latest
-    environment: production
+    environment: ${{ github.ref_name == 'main' && 'production' || 'dev' }}
     env:
       DOCKER_BUILDKIT: 1
       BUILDKIT_PROGRESS: plain
       CLOUDSDK_CORE_DISABLE_PROMPTS: 1
+      DOCKER_DEV: australia-southeast1-docker.pkg.dev/cpg-common/images-dev/
       DOCKER_MAIN: australia-southeast1-docker.pkg.dev/cpg-common/images/
       DOCKER_IMAGE: ${{ github.event.inputs.image_name }}:${{ github.event.inputs.image_tag }}
       IMAGE_NAME: ${{ github.event.inputs.image_name }}
       IMAGE_TAG: ${{ github.event.inputs.image_tag }}
 
     steps:
-
       - name: "checkout repo"
         uses: actions/checkout@v4
 
@@ -39,7 +39,7 @@ jobs:
         uses: "google-github-actions/auth@v2"
         with:
           workload_identity_provider: "projects/1051897107465/locations/global/workloadIdentityPools/github-pool/providers/github-provider"
-          service_account: "[email protected]"
+          service_account: "gh-images-${{ github.ref_name == 'main' && 'deployer' || 'dev-deployer' }}@cpg-common.iam.gserviceaccount.com"
 
       - id: "google-cloud-sdk-setup"
         name: "Set up Cloud SDK"
@@ -63,46 +63,6 @@ jobs:
           docker tag $DOCKER_IMAGE $DOCKER_MAIN$DOCKER_IMAGE
           docker push $DOCKER_MAIN$DOCKER_IMAGE
 
-  deploy_image_dev:
-    runs-on: ubuntu-latest
-    environment: dev
-    env:
-      DOCKER_BUILDKIT: 1
-      BUILDKIT_PROGRESS: plain
-      CLOUDSDK_CORE_DISABLE_PROMPTS: 1
-      DOCKER_DEV: australia-southeast1-docker.pkg.dev/cpg-common/images-dev/
-      DOCKER_IMAGE: ${{ github.event.inputs.image_name }}:${{ github.event.inputs.image_tag }}
-      IMAGE_NAME: ${{ github.event.inputs.image_name }}
-      IMAGE_TAG: ${{ github.event.inputs.image_tag }}
-
-    steps:
-
-      - name: "checkout repo"
-        uses: actions/checkout@v4
-
-      - id: "google-cloud-auth"
-        name: "Authenticate to Google Cloud"
-        uses: "google-github-actions/auth@v2"
-        with:
-          workload_identity_provider: "projects/1051897107465/locations/global/workloadIdentityPools/github-pool/providers/github-provider"
-          service_account: "[email protected]"
-
-      - id: "google-cloud-sdk-setup"
-        name: "Set up Cloud SDK"
-        uses: google-github-actions/setup-gcloud@v1
-
-      - name: "gcloud docker auth"
-        run: |
-          gcloud auth configure-docker australia-southeast1-docker.pkg.dev
-
-      - name: "build image"
-        run: |
-          docker build \
-            ${{ inputs.docker_cli_args }} \
-            --build-arg VERSION=$IMAGE_TAG \
-            --tag $DOCKER_IMAGE \
-            images/$IMAGE_NAME
-
       - name: "Push non-main branch to dev artifactory"
         if: ${{ github.ref_name != 'main' }}
         run: |