Skip to content

Add env vars for PubSub handlers (#83) #80

Add env vars for PubSub handlers (#83)

Add env vars for PubSub handlers (#83) #80

Workflow file for this run

name: Deployment
on:
push:
branches: [ master ]
env:
# Required for CI workflow
JAVA_VERSION: "15"
JAVA_DISTRIBUTION: "zulu"
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT }}
GCP_SERVICE: cloudrun-test
GCP_REGION: us-west1
GCP_REPOSITORY: cloudrun-test-repo
GCP_REPOSITORY_FORMAT: docker
GCP_REPOSITORY_IMAGE: cloudrun-test-image
GCP_SA_KEY_DEPLOY: ${{ secrets.GCP_SA_KEY_DEPLOY }}
# Required for build
GCP_SA_KEY_PUBSUB: ${{ secrets.GCP_SA_KEY_PUBSUB }}
FIREBASE_API_KEY: ${{ secrets.FIREBASE_API_KEY }}
FIREBASE_AUTH_DOMAIN: ${{ secrets.FIREBASE_AUTH_DOMAIN }}
FIREBASE_PROJECT_ID: ${{ secrets.FIREBASE_PROJECT_ID }}
FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }}
FIREBASE_GCM_SENDER_ID: ${{ secrets.FIREBASE_GCM_SENDER_ID }}
FIREBASE_APPLICATION_ID: ${{ secrets.FIREBASE_APPLICATION_ID }}
SLACK_SIGNING_SECRET: ${{ secrets.SLACK_SIGNING_SECRET }}
SLACK_REQUEST_VERIFICATION_ENABLED: ${{ secrets.SLACK_REQUEST_VERIFICATION_ENABLED }}
SLACK_CLIENT_ID: ${{ secrets.SLACK_CLIENT_ID }}
SLACK_CLIENT_SECRET: ${{ secrets.SLACK_CLIENT_SECRET }}
APP_LOG_LEVEL: ${{ secrets.APP_LOG_LEVEL }}
APP_NETWORK_HTML_LOG_LEVEL: ${{ secrets.APP_NETWORK_HTML_LOG_LEVEL }}
APP_NETWORK_JSON_LOG_LEVEL: ${{ secrets.APP_NETWORK_JSON_LOG_LEVEL }}
jobs:
jsDeploy:
runs-on: ubuntu-20.04
concurrency:
group: ${{ github.ref }}_jsDeploy
cancel-in-progress: true
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
- name: Set up Gradle cache
uses: gradle/gradle-build-action@v2 # By default, cache is only saved on the 'master' branch
- name: Build
run: |
set -o pipefail &&
bash ./scripts/env.sh &&
./gradlew --no-daemon assemble
- name: Artifacts
uses: actions/upload-artifact@v3
with:
name: Build
path: |
build/bin
local.properties
local-credentials-pubsub.json
- name: Set up deploy environment
run: |
GCP_BUILD_TAG="${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.GCP_REPOSITORY }}/${{ env.GCP_REPOSITORY_IMAGE }}"
echo "GCP_BUILD_TAG=$GCP_BUILD_TAG" >> $GITHUB_ENV
- name: Set up deploy authentication
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ env.GCP_SA_KEY_DEPLOY }}
- name: Set up deploy cli
uses: google-github-actions/[email protected]
with:
project_id: ${{ env.GCP_PROJECT_ID }}
- name: Set up container storage
run: |-
if [ "$(gcloud artifacts repositories describe ${{ env.GCP_REPOSITORY }} --location=${{ env.GCP_REGION }} >&/dev/null ; echo $?)" -ne 0 ]; then
echo "Creating new artifact registry repository"
gcloud artifacts repositories create ${{ env.GCP_REPOSITORY }} --location=${{ env.GCP_REGION }} --repository-format=${{ env.GCP_REPOSITORY_FORMAT }}
else
echo "Artifact registry repository already exists"
fi
- name: Build and push container image
run: |-
gcloud auth configure-docker ${{ env.GCP_REGION }}-docker.pkg.dev
docker build -t $GCP_BUILD_TAG .
docker push $GCP_BUILD_TAG
- name: Deploy
id: deployment
uses: google-github-actions/[email protected]
with:
service: ${{ env.GCP_SERVICE }}
image: ${{ env.GCP_BUILD_TAG }}
region: ${{ env.GCP_REGION }}
- name: Allow public access
run: |
gcloud run services add-iam-policy-binding ${{ env.GCP_SERVICE }} \
--platform managed \
--region ${{ env.GCP_REGION }} \
--member=allUsers \
--role=roles/run.invoker
- name: Deploy output
run: |-
echo "Service available at: ${{ steps.deployment.outputs.url }}"
jsTest:
runs-on: ubuntu-20.04
concurrency:
group: ${{ github.ref }}_jsTest
cancel-in-progress: true
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
- name: Set up Gradle cache
uses: gradle/gradle-build-action@v2
- name: Test
run: |
set -o pipefail &&
bash ./scripts/env.sh &&
./gradlew --no-daemon --continue jsNodeTest
- name: Generate test report
uses: mikepenz/action-junit-report@v3
if: always() # Ensure all test reports are collected, even after errors
with:
report_paths: '**/build/test-results/**/TEST-*.xml'
check_name: 'jsTestResults'
- name: Artifacts
uses: actions/upload-artifact@v3
if: always() # Ensure all artifacts are collected, even after errors
with:
name: Tests
path: '**/build/test-results/**/TEST-*.xml'