-
Notifications
You must be signed in to change notification settings - Fork 1
131 lines (114 loc) · 4.11 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Deploy
on:
# Building on manual dispatch, and pushes to dev / main. But restricting
workflow_dispatch:
push:
branches:
- main
- dev
permissions:
id-token: write
contents: read
jobs:
deploy:
runs-on: ubuntu-latest
env:
DOCKER_BUILDKIT: 1
BUILDKIT_PROGRESS: plain
CLOUDSDK_CORE_DISABLE_PROMPTS: 1
# used for generating API
SM_DOCKER: australia-southeast1-docker.pkg.dev/sample-metadata/images/server:${{ github.sha }}
defaults:
run:
shell: bash -eo pipefail -l {0}
steps:
- uses: actions/checkout@v3
- id: "google-cloud-auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v1"
with:
workload_identity_provider: "projects/774248915715/locations/global/workloadIdentityPools/gh-deploy-pool/providers/gh-provider"
service_account: "[email protected]"
- id: "google-cloud-sdk-setup"
name: "Set up Cloud SDK"
uses: google-github-actions/setup-gcloud@v1
- name: "gcloud docker auth"
run: |
gcloud auth configure-docker australia-southeast1-docker.pkg.dev
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- uses: actions/setup-java@v3
with:
distribution: "temurin" # See 'Supported distributions' for available options
java-version: "17"
- name: Setup build env
run: |
pip install -r requirements-dev.txt
pip install -r requirements.txt
wget https://repo1.maven.org/maven2/org/openapitools/openapi-generator-cli/5.3.0/openapi-generator-cli-5.3.0.jar -O openapi-generator-cli.jar
- name: prepare-deployment
run: |
if [[ $GITHUB_REF == 'refs/heads/main' ]]; then
echo DEPLOYMENT_TYPE=prod >> $GITHUB_ENV
echo SM_ENVIRONMENT=production >> $GITHUB_ENV
else
echo DEPLOYMENT_TYPE=dev >> $GITHUB_ENV
echo SM_ENVIRONMENT=development >> $GITHUB_ENV
pip install bump2version
# add
bump2version patch \
--no-commit --allow-dirty \
--new-version $(cat deploy/python/version.txt)dev$(echo $(git rev-parse HEAD) | cut -c1-7)
fi
# we have to build the image first without the web files to
# generate the openapi file to then generate the documentation
- name: "build image"
run: |
docker build \
--build-arg SM_ENVIRONMENT=$SM_ENVIRONMENT \
--tag $SM_DOCKER \
-f deploy/api/Dockerfile \
.
- name: "build deployable API"
run: |
export OPENAPI_COMMAND="java -jar openapi-generator-cli.jar"
python regenerate_api.py
ls -lGh metamist
# also copies build artifacts to api/public
- name: "build web front-end"
run: |
set -eo pipefail
pushd web
# installs package-lock, not what it thinks it should be
npm ci
npm run build
popd
# rebuild docker image now that front-end files are in the right place
- name: "build image II"
run: |
docker build --tag $SM_DOCKER -f deploy/api/Dockerfile .
- name: Build python package
run: python setup.py sdist
- name: "push server image"
run: |
docker push $SM_DOCKER
- name: "deploy to Cloud Run"
run: |
if [[ $GITHUB_REF == 'refs/heads/main' ]]; then
gcloud_deploy_name=sample-metadata-api
else
gcloud_deploy_name=sample-metadata-api-dev
fi
gcloud run deploy \
$gcloud_deploy_name --image $SM_DOCKER \
--region australia-southeast1 --no-allow-unauthenticated \
--platform managed
- name: Publish package
if: github.ref == 'refs/heads/main'
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: dist/
skip-existing: true