From b46b922dbcfc11592d504d096283b0ceddc907c0 Mon Sep 17 00:00:00 2001 From: syedfarhanNF Date: Mon, 30 Jan 2023 07:40:08 -0500 Subject: [PATCH 1/4] Add env_vars GH_AUTH_TOKEN to deploy step. --- .github/workflows/cd.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 401e7bf..2d86457 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -25,4 +25,6 @@ jobs: region: ${{ secrets.GCP_CLOUDRUN_SERVICE_REGION }} project_id: ${{ secrets.GCP_PROJECT_ID }} flags: --allow-unauthenticated --timeout 1800 + env_vars: | + GH_AUTH_TOKEN=${{ secrets.GH_ISSUE_FINDER_TOKEN }} source: . From 983d47f2f2c5ef357b59e46d2a4b14892c4b2ba3 Mon Sep 17 00:00:00 2001 From: syedfarhanNF Date: Mon, 30 Jan 2023 07:54:10 -0500 Subject: [PATCH 2/4] Update readme. --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d280bac..fcf8f5e 100644 --- a/README.md +++ b/README.md @@ -73,11 +73,13 @@ Example response: 2. Create a key for the service account, this key will be configured as a secret in the GitHub actions to be able to deploy the app 3. For the service account, [grant the permissions "Service Account User", "Cloud Run Admin", "Storage Admin"](https://github.com/google-github-actions/deploy-cloudrun) and "Cloud Build Service Account", this last permission is necessary since cloud build will be used to build the image based on the source code directly 4. Clone this repo to your GitHub account -5. In the `Settings` of your GitHub repo, go to `Secrets` and create the `New repository secret` with the names and values below: +5. Create a [Github Personal Access Token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) with `repo: public_repo` scope. Copy this token for use in the next step. +6. In the `Settings` of your GitHub repo, go to `Secrets` and create the `New repository secret` with the names and values below: - `GCP_PROJECT_ID`: The [ID](https://support.google.com/googleapi/answer/7014113?hl=en) of the GCP project as found in your GCP Account - `GCP_CLOUDRUN_SERVICE_NAME`: The name of the cloud run service, you can select any name that you prefer - `GCP_CLOUDRUN_SERVICE_REGION`: The [region](https://cloud.google.com/compute/docs/regions-zones) in the GCP that you want to create the cloud run service - `GCP_SA_KEY`: The key that you created for your service account with the permissions to deploy the app. This is a JSON object and should be used as-is + - `GH_ISSUER_FINDER_PAT`: The Github Personal Access Token created in the last step. After the steps above have been completed, go to `Actions` in your GitHub repo and run the CD workflow located in `.git/workflows/cd.yml`. The file is already configured with the action to deploy the cloud run service using the secrets that were created. From d7150df006069f96d6f7fa0f61735eec9bd50129 Mon Sep 17 00:00:00 2001 From: syedfarhanNF Date: Mon, 30 Jan 2023 08:03:24 -0500 Subject: [PATCH 3/4] Fix naming of GH_ACCESS_TOKEN. --- .github/workflows/cd.yml | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 2d86457..27c5eaf 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -26,5 +26,5 @@ jobs: project_id: ${{ secrets.GCP_PROJECT_ID }} flags: --allow-unauthenticated --timeout 1800 env_vars: | - GH_AUTH_TOKEN=${{ secrets.GH_ISSUE_FINDER_TOKEN }} + GH_AUTH_TOKEN=${{ secrets.GH_ACCESS_TOKEN }} source: . diff --git a/README.md b/README.md index fcf8f5e..528dbd9 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ Example response: - `GCP_CLOUDRUN_SERVICE_NAME`: The name of the cloud run service, you can select any name that you prefer - `GCP_CLOUDRUN_SERVICE_REGION`: The [region](https://cloud.google.com/compute/docs/regions-zones) in the GCP that you want to create the cloud run service - `GCP_SA_KEY`: The key that you created for your service account with the permissions to deploy the app. This is a JSON object and should be used as-is - - `GH_ISSUER_FINDER_PAT`: The Github Personal Access Token created in the last step. + - `GH_ACCESS_TOKEN`: The Github Personal Access Token created in the last step. After the steps above have been completed, go to `Actions` in your GitHub repo and run the CD workflow located in `.git/workflows/cd.yml`. The file is already configured with the action to deploy the cloud run service using the secrets that were created. From 178553a748468520c5d4b086e9ffa211df9548ea Mon Sep 17 00:00:00 2001 From: syedfarhanNF Date: Mon, 30 Jan 2023 10:33:25 -0500 Subject: [PATCH 4/4] Rename GH_ACCESS_TOKEN to GH_AUTH_TOKEN --- .github/workflows/cd.yml | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 27c5eaf..c87f0ec 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -26,5 +26,5 @@ jobs: project_id: ${{ secrets.GCP_PROJECT_ID }} flags: --allow-unauthenticated --timeout 1800 env_vars: | - GH_AUTH_TOKEN=${{ secrets.GH_ACCESS_TOKEN }} + GH_AUTH_TOKEN=${{ secrets.GH_AUTH_TOKEN }} source: . diff --git a/README.md b/README.md index 528dbd9..76faa55 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ Example response: - `GCP_CLOUDRUN_SERVICE_NAME`: The name of the cloud run service, you can select any name that you prefer - `GCP_CLOUDRUN_SERVICE_REGION`: The [region](https://cloud.google.com/compute/docs/regions-zones) in the GCP that you want to create the cloud run service - `GCP_SA_KEY`: The key that you created for your service account with the permissions to deploy the app. This is a JSON object and should be used as-is - - `GH_ACCESS_TOKEN`: The Github Personal Access Token created in the last step. + - `GH_AUTH_TOKEN`: The Github Personal Access Token created in the last step. After the steps above have been completed, go to `Actions` in your GitHub repo and run the CD workflow located in `.git/workflows/cd.yml`. The file is already configured with the action to deploy the cloud run service using the secrets that were created.