From a4f1af3612ec8068a12616e8815ee54038c7229f Mon Sep 17 00:00:00 2001 From: Suke-H Date: Sun, 3 Nov 2024 12:19:14 +0900 Subject: [PATCH] =?UTF-8?q?:green=5Fheart:=20fix:=20Artifact=20Registry?= =?UTF-8?q?=E3=81=AE=E8=A8=AD=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/cd.yaml | 10 +++++----- terraform/main.tf | 14 ++++++++++++-- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index c1de534..717dad7 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -36,17 +36,17 @@ jobs: - name: Build Docker image run: | - docker build --no-cache -t gcr.io/${{ secrets.PROJECT_ID }}/${{ env.SERVICE_NAME }}:$GITHUB_SHA . + docker build --no-cache -t ${{ env.REGION }}-docker.pkg.dev/${{ secrets.PROJECT_ID }}/docker-repo/${{ env.SERVICE_NAME }}:$GITHUB_SHA . - name: Push Docker image run: | - gcloud auth configure-docker - docker push gcr.io/${{ secrets.PROJECT_ID }}/${{ env.SERVICE_NAME }}:$GITHUB_SHA + gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev + docker push ${{ env.REGION }}-docker.pkg.dev/${{ secrets.PROJECT_ID }}/docker-repo/${{ env.SERVICE_NAME }}:$GITHUB_SHA - name: Deploy to Cloud Run run: | gcloud run deploy ${{ env.SERVICE_NAME }} \ - --image gcr.io/${{ secrets.PROJECT_ID }}/${{ env.SERVICE_NAME }}:$GITHUB_SHA \ + --image ${{ env.REGION }}-docker.pkg.dev/${{ secrets.PROJECT_ID }}/docker-repo/${{ env.SERVICE_NAME }}:$GITHUB_SHA \ --platform managed \ - --region ${{ env.REGION }}\ + --region ${{ env.REGION }} \ --allow-unauthenticated diff --git a/terraform/main.tf b/terraform/main.tf index 9607a79..74603a2 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -51,6 +51,17 @@ resource "google_project_service" "services" { } } +# Artifact Registryリポジトリの作成 +resource "google_artifact_registry_repository" "docker_repo" { + depends_on = [google_project_service.services] + + location = var.region + repository_id = "docker-repo" + description = "Docker repository for GitHub Actions" + format = "DOCKER" + project = var.project_id +} + # GitHub Actions用のサービスアカウントの作成 resource "google_service_account" "github_actions" { depends_on = [ @@ -107,7 +118,7 @@ resource "google_project_iam_member" "service_account_roles" { member = "serviceAccount:${google_service_account.github_actions.email}" } -# Workload Identity Pool と サービスアカウントの紐付け +# Workload Identity Poolとサービスアカウントの紐付け resource "google_service_account_iam_member" "workload_identity_user" { service_account_id = google_service_account.github_actions.name role = "roles/iam.workloadIdentityUser" @@ -115,7 +126,6 @@ resource "google_service_account_iam_member" "workload_identity_user" { } # Secretsに必要な情報を出力 - output "PROJECT_ID" { value = var.project_id description = "GCP Project ID"