143 lines (130 loc) · 5.21 KB
/
build-default.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: Cloud Run Deploy
on:
workflow_call:
inputs:
name:
description: 'Domain name of deployment, before `.demo.community.intersystems.com`'
required: true
type: string
memory:
description: 'Memory for the instance'
type: string
default: 1Gi
port:
description: 'WebPort for the running instance'
type: number
default: 52773
secrets:
SERVICE_ACCOUNT_KEY:
required: true
CONFIG_BASE64:
required: true
workflow_dispatch:
inputs:
repository:
description: 'Deploying repository'
required: true
type: string
ref:
description: 'Branch Name in deploying repository'
required: true
type: choice
default: main
options:
- master
- main
name:
description: 'Domain name of deployment, before `.demo.community.intersystems.com`'
required: true
type: string
env:
# Change this section according to your needs
IMAGE_NAME: ${{ inputs.name }}
SERVICE: ${{ inputs.name }}
DOMAIN_NAME: ${{ inputs.name }}.demo.community.intersystems.com
# Leave this section untouched
PROJECT_ID: iris-community-demos
CLUSTER_NAME: demo
GITHUB_SHA: ${{ github.sha }}
GCR_LOCATION: eu.gcr.io
REGION: europe-west2
NAMESPACE: demo
SERVICE_PORT: ${{ inputs.port }}
SERVICE_MEMORY: ${{ inputs.memory }}
jobs:
deploy-cloud-run:
# if: github.event.repository.fork == false && github.event.repository.is_template == false
name: Deploy to Cloud Run
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v3
with:
repository: ${{ inputs.repository }}
ref: ${{ inputs.ref }}
- name: Google Authentication
uses: google-github-actions/auth@v1.0.0
with:
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }}
- name: Get GKE credentials
uses: google-github-actions/get-gke-credentials@v1.0.1
with:
project_id: ${{ env.PROJECT_ID }}
cluster_name: ${{ env.CLUSTER_NAME }}
location: ${{ env.REGION }}
- name: Setup gcloud cli
uses: google-github-actions/setup-gcloud@v1.0.0
with:
version: '412.0.0'
- name: Authorize Docker push
run: |
gcloud auth list
gcloud --quiet auth configure-docker
- name: Build and Push image
run: |
echo "${{ secrets.CONFIG_BASE64 }}" > ./rh/flask/app/config.b64
docker buildx build -t ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA} --push .
- name: Deploy to Cloud Run
run: |
echo "[INFO] Set google project..."
gcloud config set project ${PROJECT_ID}
echo "[INFO] Deploy service..."
gcloud run deploy ${SERVICE} \
--platform gke \
--cluster ${CLUSTER_NAME} \
--cluster-location ${REGION} \
--namespace ${NAMESPACE} \
--port ${SERVICE_PORT:-52773} \
--min-instances 1 \
--memory ${SERVICE_MEMORY:-512Mi} \
--timeout 300 \
--verbosity debug \
--image ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA}
echo "[INFO] Create domain mappings..."
if [[ $(gcloud run domain-mappings list --platform gke --cluster ${CLUSTER_NAME} --cluster-location ${REGION} --namespace ${NAMESPACE} --filter "DOMAIN=${DOMAIN_NAME}" | grep -v DOMAIN | wc -l) == 0 ]]; then
gcloud run domain-mappings create \
--service ${SERVICE} \
--platform gke \
--cluster ${CLUSTER_NAME} \
--cluster-location ${REGION} \
--namespace ${NAMESPACE} \
--verbosity debug \
--domain ${DOMAIN_NAME}
fi
- name: Create domain name
run: |
kubectl version
echo "[INFO] Checking if [${DOMAIN_NAME}] is in the existing Ingress annotation..."
CURRENT_DOMAINS_LIST=$(kubectl -n gke-system get svc istio-ingress -o jsonpath="{.metadata.annotations['external-dns\.alpha\.kubernetes\.io/hostname']}")
if [[ $(echo ${CURRENT_DOMAINS_LIST} | grep -w "${DOMAIN_NAME}" | wc -c) -eq 0 ]]; then \
echo "[INFO] Domain [${DOMAIN_NAME}] is ABSENT in the domains list. Adding..."; \
kubectl -n gke-system annotate --overwrite svc istio-ingress external-dns\.alpha\.kubernetes\.io/hostname=${CURRENT_DOMAINS_LIST},${DOMAIN_NAME}; \
echo -n "[INFO] Resulting domain names: "
kubectl -n gke-system get svc istio-ingress -o jsonpath="{.metadata.annotations['external-dns\.alpha\.kubernetes\.io/hostname']}"
else
echo "[INFO] Domain [${DOMAIN_NAME}] is in the domains list. Leave untouched..."; \
fi
- name: Enable TLS-access
run: |
kubectl version
kubectl patch configmap config-domainmapping -n knative-serving -p '{"data":{"autoTLS":"Enabled"}}'