From bb523681bcd02dd40bf169168727ee10831a6849 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Mon, 22 May 2023 23:18:59 -0400 Subject: [PATCH 01/21] try again --- .github/workflows/workflow_dispatch.yaml | 2 +- code/helloworld-csharp/Dockerfile | 19 ---------- code/helloworld-csharp/Program.cs | 11 ------ .../Properties/launchSettings.json | 37 ------------------- .../appsettings.Development.json | 8 ---- code/helloworld-csharp/appsettings.json | 9 ----- .../helloworld-csharp.csproj | 9 ----- ...CoreApp,Version=v6.0.AssemblyAttributes.cs | 4 -- .../net6.0/helloworld-csharp.AssemblyInfo.cs | 22 ----------- ...helloworld-csharp.AssemblyInfoInputs.cache | 1 - ....GeneratedMSBuildEditorConfig.editorconfig | 17 --------- .../helloworld-csharp.GlobalUsings.g.cs | 17 --------- .../obj/Debug/net6.0/project.razor.json | 20 ---------- 13 files changed, 1 insertion(+), 175 deletions(-) delete mode 100644 code/helloworld-csharp/Dockerfile delete mode 100644 code/helloworld-csharp/Program.cs delete mode 100644 code/helloworld-csharp/Properties/launchSettings.json delete mode 100644 code/helloworld-csharp/appsettings.Development.json delete mode 100644 code/helloworld-csharp/appsettings.json delete mode 100644 code/helloworld-csharp/helloworld-csharp.csproj delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/.NETCoreApp,Version=v6.0.AssemblyAttributes.cs delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfo.cs delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfoInputs.cache delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GeneratedMSBuildEditorConfig.editorconfig delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GlobalUsings.g.cs delete mode 100644 code/helloworld-csharp/obj/Debug/net6.0/project.razor.json diff --git a/.github/workflows/workflow_dispatch.yaml b/.github/workflows/workflow_dispatch.yaml index 550d49c..eefcbed 100644 --- a/.github/workflows/workflow_dispatch.yaml +++ b/.github/workflows/workflow_dispatch.yaml @@ -17,7 +17,7 @@ env: jobs: dev: if: ${{ github.event.inputs.environment == 'dev' }} - uses: ./github/workflows/deployment.yaml + uses: ./.github/workflows/deployment.yaml with: environment: ${{ github.event.inputs.environment }} ref: ${{ github.ref }} diff --git a/code/helloworld-csharp/Dockerfile b/code/helloworld-csharp/Dockerfile deleted file mode 100644 index 55ec621..0000000 --- a/code/helloworld-csharp/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build-env -WORKDIR /app - -COPY *.csproj ./ -RUN dotnet restore - -COPY . ./ -RUN dotnet publish -r linux-x64 --no-self-contained -p:PublishReadyToRun=true -c Release -o out - -# Copy to runtime image -FROM mcr.microsoft.com/dotnet/aspnet:6.0 -WORKDIR /app -COPY --from=build-env /app/out . - -# Port passed in by Cloud Run via environment variable PORT. Default 8080. -ENV PORT=8080 - -# Run the web service on container startup. -ENTRYPOINT ["dotnet", "helloworld.dll"] diff --git a/code/helloworld-csharp/Program.cs b/code/helloworld-csharp/Program.cs deleted file mode 100644 index 1775514..0000000 --- a/code/helloworld-csharp/Program.cs +++ /dev/null @@ -1,11 +0,0 @@ -var builder = WebApplication.CreateBuilder(args); - -var port = Environment.GetEnvironmentVariable("PORT") ?? "8080"; -var url = $"http://0.0.0.0:{port}"; -var target = Environment.GetEnvironmentVariable("TARGET") ?? "World"; - -var app = builder.Build(); - -app.MapGet("/", () => $"Hello {target}!"); - -app.Run(url); \ No newline at end of file diff --git a/code/helloworld-csharp/Properties/launchSettings.json b/code/helloworld-csharp/Properties/launchSettings.json deleted file mode 100644 index 9c493e0..0000000 --- a/code/helloworld-csharp/Properties/launchSettings.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "iisSettings": { - "windowsAuthentication": false, - "anonymousAuthentication": true, - "iisExpress": { - "applicationUrl": "http://localhost:39526", - "sslPort": 44309 - } - }, - "profiles": { - "http": { - "commandName": "Project", - "dotnetRunMessages": true, - "launchBrowser": true, - "applicationUrl": "http://localhost:5084", - "environmentVariables": { - "ASPNETCORE_ENVIRONMENT": "Development" - } - }, - "https": { - "commandName": "Project", - "dotnetRunMessages": true, - "launchBrowser": true, - "applicationUrl": "https://localhost:7062;http://localhost:5084", - "environmentVariables": { - "ASPNETCORE_ENVIRONMENT": "Development" - } - }, - "IIS Express": { - "commandName": "IISExpress", - "launchBrowser": true, - "environmentVariables": { - "ASPNETCORE_ENVIRONMENT": "Development" - } - } - } -} diff --git a/code/helloworld-csharp/appsettings.Development.json b/code/helloworld-csharp/appsettings.Development.json deleted file mode 100644 index ff66ba6..0000000 --- a/code/helloworld-csharp/appsettings.Development.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - } -} diff --git a/code/helloworld-csharp/appsettings.json b/code/helloworld-csharp/appsettings.json deleted file mode 100644 index 4d56694..0000000 --- a/code/helloworld-csharp/appsettings.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - }, - "AllowedHosts": "*" -} diff --git a/code/helloworld-csharp/helloworld-csharp.csproj b/code/helloworld-csharp/helloworld-csharp.csproj deleted file mode 100644 index e2b5ad1..0000000 --- a/code/helloworld-csharp/helloworld-csharp.csproj +++ /dev/null @@ -1,9 +0,0 @@ - - - - net6.0 - enable - enable - - - \ No newline at end of file diff --git a/code/helloworld-csharp/obj/Debug/net6.0/.NETCoreApp,Version=v6.0.AssemblyAttributes.cs b/code/helloworld-csharp/obj/Debug/net6.0/.NETCoreApp,Version=v6.0.AssemblyAttributes.cs deleted file mode 100644 index 0e18c2b..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/.NETCoreApp,Version=v6.0.AssemblyAttributes.cs +++ /dev/null @@ -1,4 +0,0 @@ -// -using System; -using System.Reflection; -[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETCoreApp,Version=v6.0", FrameworkDisplayName = ".NET 6.0")] diff --git a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfo.cs b/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfo.cs deleted file mode 100644 index d746ef6..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfo.cs +++ /dev/null @@ -1,22 +0,0 @@ -//------------------------------------------------------------------------------ -// -// This code was generated by a tool. -// -// Changes to this file may cause incorrect behavior and will be lost if -// the code is regenerated. -// -//------------------------------------------------------------------------------ - -using System; -using System.Reflection; - -[assembly: System.Reflection.AssemblyCompanyAttribute("helloworld-csharp")] -[assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")] -[assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")] -[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0")] -[assembly: System.Reflection.AssemblyProductAttribute("helloworld-csharp")] -[assembly: System.Reflection.AssemblyTitleAttribute("helloworld-csharp")] -[assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")] - -// Generated by the MSBuild WriteCodeFragment class. - diff --git a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfoInputs.cache b/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfoInputs.cache deleted file mode 100644 index 4be8ec5..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.AssemblyInfoInputs.cache +++ /dev/null @@ -1 +0,0 @@ -48a3255b346c9674d03d81c1c739ef3f56a5e8cd diff --git a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GeneratedMSBuildEditorConfig.editorconfig b/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GeneratedMSBuildEditorConfig.editorconfig deleted file mode 100644 index 6a84dbf..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GeneratedMSBuildEditorConfig.editorconfig +++ /dev/null @@ -1,17 +0,0 @@ -is_global = true -build_property.TargetFramework = net6.0 -build_property.TargetPlatformMinVersion = -build_property.UsingMicrosoftNETSdkWeb = true -build_property.ProjectTypeGuids = -build_property.InvariantGlobalization = -build_property.PlatformNeutralAssembly = -build_property.EnforceExtendedAnalyzerRules = -build_property._SupportedPlatformList = Linux,macOS,Windows -build_property.RootNamespace = helloworld-csharp -build_property.RootNamespace = helloworld-csharp -build_property.ProjectDir = /Users/andrewchasin/Documents/GitHub/sample-code/code/helloworld-csharp/ -build_property.RazorLangVersion = 6.0 -build_property.SupportLocalizedComponentNames = -build_property.GenerateRazorMetadataSourceChecksumAttributes = -build_property.MSBuildProjectDirectory = /Users/andrewchasin/Documents/GitHub/sample-code/code/helloworld-csharp -build_property._RazorSourceGeneratorDebug = diff --git a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GlobalUsings.g.cs b/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GlobalUsings.g.cs deleted file mode 100644 index 025530a..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/helloworld-csharp.GlobalUsings.g.cs +++ /dev/null @@ -1,17 +0,0 @@ -// -global using global::Microsoft.AspNetCore.Builder; -global using global::Microsoft.AspNetCore.Hosting; -global using global::Microsoft.AspNetCore.Http; -global using global::Microsoft.AspNetCore.Routing; -global using global::Microsoft.Extensions.Configuration; -global using global::Microsoft.Extensions.DependencyInjection; -global using global::Microsoft.Extensions.Hosting; -global using global::Microsoft.Extensions.Logging; -global using global::System; -global using global::System.Collections.Generic; -global using global::System.IO; -global using global::System.Linq; -global using global::System.Net.Http; -global using global::System.Net.Http.Json; -global using global::System.Threading; -global using global::System.Threading.Tasks; diff --git a/code/helloworld-csharp/obj/Debug/net6.0/project.razor.json b/code/helloworld-csharp/obj/Debug/net6.0/project.razor.json deleted file mode 100644 index a5730a9..0000000 --- a/code/helloworld-csharp/obj/Debug/net6.0/project.razor.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "SerializedFilePath": "/Users/andrewchasin/Documents/GitHub/sample-code/code/helloworld-csharp/obj/Debug/net6.0/project.razor.json", - "FilePath": "/Users/andrewchasin/Documents/GitHub/sample-code/code/helloworld-csharp/helloworld-csharp.csproj", - "Configuration": { - "ConfigurationName": "MVC-3.0", - "LanguageVersion": "6.0", - "Extensions": [ - { - "ExtensionName": "MVC-3.0" - } - ] - }, - "ProjectWorkspaceState": { - "TagHelpers": [], - "CSharpLanguageVersion": 1000 - }, - "RootNamespace": "helloworld-csharp", - "Documents": [], - "SerializationFormat": "0.3" -} \ No newline at end of file From 02e5c5c9f2b616965f53e691a4642aa12ddf3d33 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Mon, 22 May 2023 23:21:09 -0400 Subject: [PATCH 02/21] remove code --- .github/workflows/deployment.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml index fae2fa8..4196471 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deployment.yaml @@ -30,7 +30,6 @@ jobs: cloud-run: name: "Cloud Run Deployment" runs-on: ubuntu-latest - needs: [terraform] permissions: pull-requests: write id-token: write From 826c3669982d83bab3738503b37849dbb2d39135 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Mon, 22 May 2023 23:24:44 -0400 Subject: [PATCH 03/21] changing inputs --- .github/workflows/deployment.yaml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml index 4196471..dc62a9a 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deployment.yaml @@ -18,14 +18,22 @@ on: type: string required: true description: The Google Cloud project ID. - image_repository: + artifact_registry_repo: type: string required: true - description: The container image repository name. - image_name: + description: The artifact registry repository name. + artifact_registry_location: + type: string + required: true + description: The artifact registry region name. + docker_image_name: type: string required: true description: The container image name. + service_name: + type: string + required: true + description: The container service name. jobs: cloud-run: name: "Cloud Run Deployment" From 6a2cd80be4d52063b452d234493566b81677bc40 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Mon, 22 May 2023 23:27:23 -0400 Subject: [PATCH 04/21] remove pull request permission --- .github/workflows/deployment.yaml | 1 - .github/workflows/workflow_dispatch.yaml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml index dc62a9a..8753c79 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deployment.yaml @@ -39,7 +39,6 @@ jobs: name: "Cloud Run Deployment" runs-on: ubuntu-latest permissions: - pull-requests: write id-token: write contents: read steps: diff --git a/.github/workflows/workflow_dispatch.yaml b/.github/workflows/workflow_dispatch.yaml index eefcbed..dea7164 100644 --- a/.github/workflows/workflow_dispatch.yaml +++ b/.github/workflows/workflow_dispatch.yaml @@ -26,6 +26,7 @@ jobs: artifact_registry_location: us-east4 docker_image_name: pods service_name: pods + secrets: inherit # env: # PROJECT_ID: arched-inkwell-368821 # TODO: update Google Cloud project id From 8d69ce64fbfadeb47d40476e1655e7a85f96835f Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 12:54:37 -0400 Subject: [PATCH 05/21] decoupling to separate workflow files and splitting by environment --- .github/workflows/deployment.yaml | 29 ++++++---- .github/workflows/env_deployment.yaml | 70 ++++++++++++++++++++++++ .github/workflows/workflow_dispatch.yaml | 40 -------------- service-yaml/container.yaml | 2 +- 4 files changed, 88 insertions(+), 53 deletions(-) create mode 100644 .github/workflows/env_deployment.yaml delete mode 100644 .github/workflows/workflow_dispatch.yaml diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml index 8753c79..4bf5823 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deployment.yaml @@ -34,10 +34,16 @@ on: type: string required: true description: The container service name. + code_directory: + type: string + required: true + description: The directory where the source code lives. + jobs: cloud-run: - name: "Cloud Run Deployment" + name: "Image Build & Cloud Run Deploy" runs-on: ubuntu-latest + environment: ${{ inputs.environment }} permissions: id-token: write contents: read @@ -60,30 +66,29 @@ jobs: with: username: 'oauth2accesstoken' password: '${{ steps.auth.outputs.access_token }}' - registry: '${{ env.GAR_LOCATION }}-docker.pkg.dev' + registry: '${{ inputs.artifact_registry_location }}-docker.pkg.dev' - name: Build and Tag id: build-image uses: docker/build-push-action@v3 with: - context: ${{ env.CONTAINER_DIRECTORY }} + context: ${{ inputs.code_directory }} push: true - tags: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.CONTAINER_SERVICE }}:${{ env.IMAGE_TAG }} + tags: ${{ inputs.artifact_registry_location }}-docker.pkg.dev/${{ inputs.gcp_project_id }}/${{ inputs.artifact_registry_repo }}/${{ inputs.service_name }}:${{ inputs.ref }} - name: Docker Push run: |- - docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.CONTAINER_SERVICE }}:${{ env.IMAGE_TAG }}" + docker push "${{ inputs.artifact_registry_location }}-docker.pkg.dev/${{ inputs.gcp_project_id }}/${{ inputs.artifact_registry_repo }}/${{ inputs.service_name }}:${{ inputs.ref }}" - name: Create Service declaration run: |- - export CONTAINER_IMAGE="${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.CONTAINER_SERVICE }}:${{ env.IMAGE_TAG }}" - export CONTAINER_SERVICE="${{ env.CONTAINER_SERVICE }}" - export PROJECT_ID="${{ env.PROJECT_ID }}" - export REVISION_TAG=${{ github.sha }} - export CLOUD_RUN_SA=${{ env.CLOUD_RUN_SA }} + export CONTAINER_IMAGE="${{ inputs.artifact_registry_location }}-docker.pkg.dev/${{ inputs.gcp_project_id }}/${{ inputs.artifact_registry_repo }}/${{ inputs.service_name }}:${{ inputs.ref }}" + export SERVICE_NAME="${{ inputs.service_name }}" + export PROJECT_ID="${{ inputs.gcp_project_id }}" + export REVISION_TAG=${{ inputs.ref }} + export CLOUD_RUN_SA=${{ inputs.cloud_run_sa }} envsubst < ./service-yaml/container.yaml > container.yaml - name: Deploy to Cloud Run - if: github.ref == 'refs/heads/main' && github.event_name == 'push' run: |- - gcloud run services replace container.yaml --region=${{ env.REGION }} \ No newline at end of file + gcloud run services replace container.yaml --region=${{ inputs.artifact_registry_location }} \ No newline at end of file diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml new file mode 100644 index 0000000..0ccc146 --- /dev/null +++ b/.github/workflows/env_deployment.yaml @@ -0,0 +1,70 @@ +name: Build and Deploy to Cloud Run +on: + push: + branches: + - 'develop' + - 'qa' + - 'main' + +env: + CODE_DIRECTORY: ./code/Samples.Run.MarkdownPreview.Editor + REGION: us-east4 + +jobs: + #TODO: add feature branch unit tests + #TODO: add vulnerability scanning + + #DEV + run_if: + if: startsWith(github.head_ref, 'develop') + uses: ./.github/workflows/deployment.yaml + with: + environment: dev + ref: ${{ github.ref }} + gcp_project_id: test + artifact_registry_repo: reference-architectures + artifact_registry_location: ${{ env.REGION }} + docker_image_name: pods + service_name: pods + code_directory: ${{ env.CODE_DIRECTORY }} + secrets: inherit + + #QA + run_if: + if: startsWith(github.head_ref, 'qa') + uses: ./.github/workflows/deployment.yaml + with: + environment: qa + ref: ${{ github.ref }} + gcp_project_id: test + artifact_registry_repo: reference-architectures + artifact_registry_location: ${{ env.REGION }} + docker_image_name: pods + service_name: pods + code_directory: ${{ env.CODE_DIRECTORY }} + secrets: inherit + + #PROD + run_if: + if: startsWith(github.head_ref, 'main') + uses: ./.github/workflows/deployment.yaml + with: + environment: prod + ref: ${{ github.ref }} + gcp_project_id: test + artifact_registry_repo: reference-architectures + artifact_registry_location: ${{ env.REGION }} + docker_image_name: pods + service_name: pods + code_directory: ${{ env.CODE_DIRECTORY }} + secrets: inherit + +# env: +# PROJECT_ID: arched-inkwell-368821 # TODO: update Google Cloud project id +# GAR_LOCATION: us-east4 # TODO: update Artifact Registry location +# REPOSITORY: reference-architectures # TODO: update Artifact Registry repository name +# CONTAINER_SERVICE: pods # TODO: update Cloud Run service name +# REGION: us-east4 # TODO: update Cloud Run service region # +# IMAGE_TAG: latest +# WORKING_DIRECTORY: ./terraform +# CLOUD_RUN_SA: cloud-run-sa \ No newline at end of file diff --git a/.github/workflows/workflow_dispatch.yaml b/.github/workflows/workflow_dispatch.yaml deleted file mode 100644 index dea7164..0000000 --- a/.github/workflows/workflow_dispatch.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Build and Deploy to Cloud Run -on: - workflow_dispatch: - inputs: - environment: - type: choice - required: true - default: "dev" - description: Deployment Environment - options: - - dev - - qa - - prod -env: - CODE_DIRECTORY: ./code/Samples.Run.MarkdownPreview.Editor - -jobs: - dev: - if: ${{ github.event.inputs.environment == 'dev' }} - uses: ./.github/workflows/deployment.yaml - with: - environment: ${{ github.event.inputs.environment }} - ref: ${{ github.ref }} - gcp_project_id: test - artifact_registry_repo: reference-architectures - artifact_registry_location: us-east4 - docker_image_name: pods - service_name: pods - secrets: inherit - -# env: -# PROJECT_ID: arched-inkwell-368821 # TODO: update Google Cloud project id -# GAR_LOCATION: us-east4 # TODO: update Artifact Registry location -# REPOSITORY: reference-architectures # TODO: update Artifact Registry repository name -# CONTAINER_SERVICE: pods # TODO: update Cloud Run service name -# REGION: us-east4 # TODO: update Cloud Run service region # -# IMAGE_TAG: latest -# WORKING_DIRECTORY: ./terraform -# CLOUD_RUN_SA: cloud-run-sa - diff --git a/service-yaml/container.yaml b/service-yaml/container.yaml index bbb5d79..752be79 100644 --- a/service-yaml/container.yaml +++ b/service-yaml/container.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: ${CLOUD_RUN_SA} containers: - image: ${CONTAINER_IMAGE} - name: ${CONTAINER_SERVICE} + name: ${SERVICE_NAME} ports: - name: http1 containerPort: 8080 From e1065493af15ec997f17d2309bada8616b39b31d Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:02:01 -0400 Subject: [PATCH 06/21] changing push var --- .github/workflows/env_deployment.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 0ccc146..290ff3b 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -2,9 +2,10 @@ name: Build and Deploy to Cloud Run on: push: branches: - - 'develop' - - 'qa' - - 'main' + - feature/cicd + # - 'develop' + # - 'qa' + # - 'main' env: CODE_DIRECTORY: ./code/Samples.Run.MarkdownPreview.Editor @@ -16,7 +17,7 @@ jobs: #DEV run_if: - if: startsWith(github.head_ref, 'develop') + if: startsWith(github.head_ref, 'feature/cicd') uses: ./.github/workflows/deployment.yaml with: environment: dev From 2ba8e0fb6026a14e0ae0ab540528e2b546a3e86d Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:04:06 -0400 Subject: [PATCH 07/21] change job names --- .github/workflows/env_deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 290ff3b..de73957 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -16,7 +16,7 @@ jobs: #TODO: add vulnerability scanning #DEV - run_if: + dev: if: startsWith(github.head_ref, 'feature/cicd') uses: ./.github/workflows/deployment.yaml with: @@ -31,7 +31,7 @@ jobs: secrets: inherit #QA - run_if: + qa: if: startsWith(github.head_ref, 'qa') uses: ./.github/workflows/deployment.yaml with: @@ -46,7 +46,7 @@ jobs: secrets: inherit #PROD - run_if: + prod: if: startsWith(github.head_ref, 'main') uses: ./.github/workflows/deployment.yaml with: From 7913440586c0f947b52ce42e2436078859556451 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:07:54 -0400 Subject: [PATCH 08/21] removing env variables for now --- .github/workflows/env_deployment.yaml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index de73957..74d2824 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -7,10 +7,6 @@ on: # - 'qa' # - 'main' -env: - CODE_DIRECTORY: ./code/Samples.Run.MarkdownPreview.Editor - REGION: us-east4 - jobs: #TODO: add feature branch unit tests #TODO: add vulnerability scanning @@ -24,10 +20,10 @@ jobs: ref: ${{ github.ref }} gcp_project_id: test artifact_registry_repo: reference-architectures - artifact_registry_location: ${{ env.REGION }} + artifact_registry_location: us-east4 docker_image_name: pods service_name: pods - code_directory: ${{ env.CODE_DIRECTORY }} + code_directory: ./code/Samples.Run.MarkdownPreview.Editor secrets: inherit #QA @@ -39,10 +35,10 @@ jobs: ref: ${{ github.ref }} gcp_project_id: test artifact_registry_repo: reference-architectures - artifact_registry_location: ${{ env.REGION }} + artifact_registry_location: us-east4 docker_image_name: pods service_name: pods - code_directory: ${{ env.CODE_DIRECTORY }} + code_directory: ./code/Samples.Run.MarkdownPreview.Editor secrets: inherit #PROD @@ -54,10 +50,10 @@ jobs: ref: ${{ github.ref }} gcp_project_id: test artifact_registry_repo: reference-architectures - artifact_registry_location: ${{ env.REGION }} + artifact_registry_location: us-east4 docker_image_name: pods service_name: pods - code_directory: ${{ env.CODE_DIRECTORY }} + code_directory: ./code/Samples.Run.MarkdownPreview.Editor secrets: inherit # env: From 498911b3aba209a8d153cfbed8f2f5b167ecb233 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:08:38 -0400 Subject: [PATCH 09/21] adding token permissions --- .github/workflows/env_deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 74d2824..3f88ab2 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -29,6 +29,8 @@ jobs: #QA qa: if: startsWith(github.head_ref, 'qa') + permissions: + id-token: write uses: ./.github/workflows/deployment.yaml with: environment: qa From 2df8daa5809468d4c3989bca9554a8939099538a Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:12:10 -0400 Subject: [PATCH 10/21] adding perms to dev --- .github/workflows/env_deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 3f88ab2..d19d33d 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -15,6 +15,8 @@ jobs: dev: if: startsWith(github.head_ref, 'feature/cicd') uses: ./.github/workflows/deployment.yaml + permissions: + id-token: write with: environment: dev ref: ${{ github.ref }} @@ -29,8 +31,6 @@ jobs: #QA qa: if: startsWith(github.head_ref, 'qa') - permissions: - id-token: write uses: ./.github/workflows/deployment.yaml with: environment: qa From 856f8176f48b1dbc18a6080ab2ec982502a9a00d Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:12:51 -0400 Subject: [PATCH 11/21] adding contents to read' --- .github/workflows/env_deployment.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index d19d33d..1427301 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -17,6 +17,7 @@ jobs: uses: ./.github/workflows/deployment.yaml permissions: id-token: write + contents: read with: environment: dev ref: ${{ github.ref }} From 13ac53cf2efe85316e290d946dd54075e90f8ebe Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:16:15 -0400 Subject: [PATCH 12/21] adding permissions to all environmments --- .github/workflows/env_deployment.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 1427301..7dfc94f 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -33,6 +33,9 @@ jobs: qa: if: startsWith(github.head_ref, 'qa') uses: ./.github/workflows/deployment.yaml + permissions: + id-token: write + contents: read with: environment: qa ref: ${{ github.ref }} @@ -48,6 +51,9 @@ jobs: prod: if: startsWith(github.head_ref, 'main') uses: ./.github/workflows/deployment.yaml + permissions: + id-token: write + contents: read with: environment: prod ref: ${{ github.ref }} From 3acb7ae27f104564bff322d257450a05a8b0ed22 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:18:47 -0400 Subject: [PATCH 13/21] changing startswith to contains --- .github/workflows/env_deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 7dfc94f..1f9d291 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -13,7 +13,7 @@ jobs: #DEV dev: - if: startsWith(github.head_ref, 'feature/cicd') + if: contains(github.head_ref, 'feature/cicd') uses: ./.github/workflows/deployment.yaml permissions: id-token: write From 64921acd895bb2dfd6c9e1dbe722c1ecdab8eaf1 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:23:18 -0400 Subject: [PATCH 14/21] changing head name to ref name --- .github/workflows/env_deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 1f9d291..77b64ff 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -13,7 +13,7 @@ jobs: #DEV dev: - if: contains(github.head_ref, 'feature/cicd') + if: contains(github.ref_name, 'feature/cicd') uses: ./.github/workflows/deployment.yaml permissions: id-token: write From a2885b4435beabe5ff9fc626bc0b0039d3a42978 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:35:26 -0400 Subject: [PATCH 15/21] change ref to sha --- .github/workflows/env_deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 77b64ff..9074df1 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -20,7 +20,7 @@ jobs: contents: read with: environment: dev - ref: ${{ github.ref }} + ref: ${{ github.sha }} gcp_project_id: test artifact_registry_repo: reference-architectures artifact_registry_location: us-east4 From bf298a12815b5431fd3b402c579bcee56d297e46 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 13:37:15 -0400 Subject: [PATCH 16/21] changing project name --- .github/workflows/env_deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 9074df1..e79b539 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -21,7 +21,7 @@ jobs: with: environment: dev ref: ${{ github.sha }} - gcp_project_id: test + gcp_project_id: arched-inkwell-368821 artifact_registry_repo: reference-architectures artifact_registry_location: us-east4 docker_image_name: pods From 8a622de87e03a85bd61229d5b755698d75a4bf0f Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 15:05:02 -0400 Subject: [PATCH 17/21] remove secret for now --- service-yaml/container.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/service-yaml/container.yaml b/service-yaml/container.yaml index 752be79..8da66df 100644 --- a/service-yaml/container.yaml +++ b/service-yaml/container.yaml @@ -4,11 +4,11 @@ metadata: annotations: run.googleapis.com/launch-stage: ALPHA run.googleapis.com/ingress: internal-and-cloud-load-balancing - name: ${CONTAINER_SERVICE} + name: ${SERVICE_NAME} spec: template: metadata: - name: ${CONTAINER_SERVICE}-${REVISION_TAG} + name: ${SERVICE_NAME}-${REVISION_TAG} annotations: run.googleapis.com/execution-environment: gen1 autoscaling.knative.dev/minScale: '3' @@ -38,11 +38,11 @@ spec: value: sqluser #TODO: change to true database username - name: DB_NAME value: default #TODO: change to true database name - - name: DB_PASS - valueFrom: - secretKeyRef: - name: TEST #TODO: change to true secret name - key: "3" #TODO: change to true secret key + # - name: DB_PASS + # valueFrom: + # secretKeyRef: + # name: TEST #TODO: change to true secret name + # key: "3" #TODO: change to true secret key # It is recommended to use the latest version of the Cloud SQL Auth Proxy # Make sure to update on a regular schedule! From 51c0bec80819bb2dba1235cfab35a300c91984fa Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 15:09:58 -0400 Subject: [PATCH 18/21] adding environment branches --- .github/workflows/env_deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index e79b539..348cd79 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -3,9 +3,9 @@ on: push: branches: - feature/cicd - # - 'develop' - # - 'qa' - # - 'main' + - 'develop' + - 'qa' + - 'main' jobs: #TODO: add feature branch unit tests From fb2f497ac74944efc9394e4a10f67ae8ba2416a7 Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 15:13:48 -0400 Subject: [PATCH 19/21] add correct project --- .github/workflows/env_deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 348cd79..9e58324 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -13,7 +13,7 @@ jobs: #DEV dev: - if: contains(github.ref_name, 'feature/cicd') + if: contains(github.ref_name, 'develop') uses: ./.github/workflows/deployment.yaml permissions: id-token: write @@ -39,7 +39,7 @@ jobs: with: environment: qa ref: ${{ github.ref }} - gcp_project_id: test + gcp_project_id: arched-inkwell-368821 artifact_registry_repo: reference-architectures artifact_registry_location: us-east4 docker_image_name: pods @@ -57,7 +57,7 @@ jobs: with: environment: prod ref: ${{ github.ref }} - gcp_project_id: test + gcp_project_id: arched-inkwell-368821 artifact_registry_repo: reference-architectures artifact_registry_location: us-east4 docker_image_name: pods From ffb8b0fb533df3e3ada3ec609a115c9900fbaa5d Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 15:14:23 -0400 Subject: [PATCH 20/21] change head ref to ref name --- .github/workflows/env_deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 9e58324..0b097d8 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -13,7 +13,7 @@ jobs: #DEV dev: - if: contains(github.ref_name, 'develop') + if: startsWith(github.ref_name, 'develop') uses: ./.github/workflows/deployment.yaml permissions: id-token: write @@ -31,7 +31,7 @@ jobs: #QA qa: - if: startsWith(github.head_ref, 'qa') + if: startsWith(github.ref_name, 'qa') uses: ./.github/workflows/deployment.yaml permissions: id-token: write @@ -49,7 +49,7 @@ jobs: #PROD prod: - if: startsWith(github.head_ref, 'main') + if: startsWith(github.ref_name, 'main') uses: ./.github/workflows/deployment.yaml permissions: id-token: write From 613fd566ded46cf321955505fb7f41204e0a58ac Mon Sep 17 00:00:00 2001 From: Andrew Chasin Date: Tue, 23 May 2023 15:24:22 -0400 Subject: [PATCH 21/21] change ref to sha --- .github/workflows/env_deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/env_deployment.yaml b/.github/workflows/env_deployment.yaml index 0b097d8..d39bcb2 100644 --- a/.github/workflows/env_deployment.yaml +++ b/.github/workflows/env_deployment.yaml @@ -2,7 +2,7 @@ name: Build and Deploy to Cloud Run on: push: branches: - - feature/cicd + - 'feature/**' - 'develop' - 'qa' - 'main' @@ -38,7 +38,7 @@ jobs: contents: read with: environment: qa - ref: ${{ github.ref }} + ref: ${{ github.sha }} gcp_project_id: arched-inkwell-368821 artifact_registry_repo: reference-architectures artifact_registry_location: us-east4 @@ -56,7 +56,7 @@ jobs: contents: read with: environment: prod - ref: ${{ github.ref }} + ref: ${{ github.sha }} gcp_project_id: arched-inkwell-368821 artifact_registry_repo: reference-architectures artifact_registry_location: us-east4