-
Notifications
You must be signed in to change notification settings - Fork 6
139 lines (115 loc) · 4.41 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: tg-mini-app-template-main-workflow
on: [push, workflow_dispatch]
jobs:
build-api:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./api
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.19
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
with:
working-directory: ./api
- name: Build
run: go build -v ./...
build-ui:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./ui
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up React
run: npm ci
- name: Build
run: npm run build
deploy-ui:
needs: [build-api, build-ui]
if: ${{ github.ref == 'refs/heads/main' }}
env:
PROJECT_ID: ${{ vars.GCP_PROJECT_ID }}
PROJECT_REGION: ${{ vars.GCP_PROJECT_REGION }}
ARTIFACT_REGISTRY: ${{ vars.GCP_ARTIFACT_REGISTRY }}
SERVICE_ACCOUNT: ${{ vars.GCP_SA_EMAIL }}
UI_SERVICE: ${{ vars.GCP_SERVICE_UI_NAME }}
UI_MAX_INSTANCES: ${{ vars.GCP_SERVICE_UI_MAX_INSTANCES }}
UI_IMAGE: ${{ vars.GCP_PROJECT_REGION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GCP_ARTIFACT_REGISTRY }}/${{ vars.GCP_SERVICE_UI_NAME }}:${{ github.sha }}
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./ui
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Authenticate Cloud CLI
uses: 'google-github-actions/auth@v1'
with:
credentials_json: '${{ secrets.GCP_SA_KEY }}'
- name: Setup Cloud CLI
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker ${{ env.PROJECT_REGION }}-docker.pkg.dev
- name: Build and Push Container
run: |-
docker build -t ${{ env.UI_IMAGE }} . -f prod.dockerfile
docker push ${{ env.UI_IMAGE }}
- name: Deploy UI service to Cloud Run
run: |-
gcloud --quiet run deploy ${{ env.UI_SERVICE }} \
--image=${{ env.UI_IMAGE }} \
--region=${{ env.PROJECT_REGION }} \
--service-account=${{ env.SERVICE_ACCOUNT }} \
--max-instances=${{ env.UI_MAX_INSTANCES }} \
--allow-unauthenticated
deploy-api:
needs: [deploy-ui]
if: ${{ github.ref == 'refs/heads/main' }}
env:
PROJECT_ID: ${{ vars.GCP_PROJECT_ID }}
PROJECT_REGION: ${{ vars.GCP_PROJECT_REGION }}
ARTIFACT_REGISTRY: ${{ vars.GCP_ARTIFACT_REGISTRY }}
SERVICE_ACCOUNT: ${{ vars.GCP_SA_EMAIL }}
UI_SERVICE: ${{ vars.GCP_SERVICE_UI_NAME }}
API_SERVICE: ${{ vars.GCP_SERVICE_API_NAME }}
API_MAX_INSTANCES: ${{ vars.GCP_SERVICE_API_MAX_INSTANCES }}
API_IMAGE: ${{ vars.GCP_PROJECT_REGION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GCP_ARTIFACT_REGISTRY }}/${{ vars.GCP_SERVICE_API_NAME }}:${{ github.sha }}
TG_TOKEN_SECRET: ${{ vars.GCP_SECRET_TG_TOKEN }}
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./api
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Authenticate Cloud CLI
uses: 'google-github-actions/auth@v1'
with:
credentials_json: '${{ secrets.GCP_SA_KEY }}'
- name: Setup Cloud CLI
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker ${{ env.PROJECT_REGION }}-docker.pkg.dev
- name: Build and Push Container
run: |-
docker build -t ${{ env.API_IMAGE }} .
docker push ${{ env.API_IMAGE }}
- name: Get UI service URL
run: echo "UI_URL=$(gcloud --quiet run services describe ${{ env.UI_SERVICE }} --platform managed --region ${{ env.PROJECT_REGION }} --format 'value(status.url)')" >> $GITHUB_ENV
- name: Deploy API service to Cloud Run
run: |-
gcloud --quiet run deploy ${{ env.API_SERVICE }} \
--image=${{ env.API_IMAGE }} \
--region=${{ env.PROJECT_REGION }} \
--service-account=${{ env.SERVICE_ACCOUNT }} \
--max-instances=${{ env.API_MAX_INSTANCES }} \
--set-env-vars=TELEGRAM_WEB_APP_URL=${{ env.UI_URL }} \
--set-secrets=TELEGRAM_BOT_TOKEN=${{ env.TG_TOKEN_SECRET }}:latest \
--allow-unauthenticated