From eaacdfdefd542306d4ec4af908130e88a0b251d0 Mon Sep 17 00:00:00 2001 From: Jimmy Briggs Date: Sat, 22 Jun 2024 13:03:37 -0400 Subject: [PATCH] feat: add terraform infra as code and docker build GHA --- .github/workflows/docker-build.yml | 62 ++++++++++++++++++ .../workflows/{pkgdown.yaml => pkgdown.yml} | 0 .../{pr-commands.yaml => pr-commands.yml} | 0 .../{R-CMD-check.yaml => rcmdcheck.yml} | 0 .../{test-coverage.yaml => test-coverage.yml} | 0 inst/.gitignore | 4 -- inst/config/.gitignore | 3 + inst/infra/README.md | 0 inst/infra/main.tf | 63 +++++++++++++++++++ inst/infra/outputs.tf | 3 + inst/infra/providers.tf | 14 +++++ inst/infra/variables.tf | 17 +++++ inst/infra/versions.tf | 3 + 13 files changed, 165 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/docker-build.yml rename .github/workflows/{pkgdown.yaml => pkgdown.yml} (100%) rename .github/workflows/{pr-commands.yaml => pr-commands.yml} (100%) rename .github/workflows/{R-CMD-check.yaml => rcmdcheck.yml} (100%) rename .github/workflows/{test-coverage.yaml => test-coverage.yml} (100%) delete mode 100644 inst/.gitignore create mode 100644 inst/config/.gitignore create mode 100644 inst/infra/README.md create mode 100644 inst/infra/main.tf create mode 100644 inst/infra/outputs.tf create mode 100644 inst/infra/providers.tf create mode 100644 inst/infra/variables.tf create mode 100644 inst/infra/versions.tf diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..8df98e9 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,62 @@ +name: Docker Build + +on: + push: + branches: [main] + tags: [ '*.*.*' ] + +env: + GCP_PROJECT: ${{ secrets.GCP_PROJECT }} + GCP_IMAGE: ${{ secrets.GCP_IMAGE }} + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Prepare + id: prep + run: | + DOCKER_IMAGE=gcr.io/${GCP_PROJECT}/${GCP_IMAGE} + VERSION=$(echo $GITHUB_REF | sed 's/refs\/tags\///') + DOCKER_TAG=${DOCKER_IMAGE}:${VERSION} + if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + MINOR=${VERSION%.*} + MAJOR=${MINOR%.*} + TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR},${DOCKER_IMAGE}:${MAJOR},${DOCKER_IMAGE}:latest" + elif [ "${{ github.event_name }}" = "push" ]; then + TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}" + fi + echo ::set-output name=version::${VERSION} + echo ::set-output name=tags::${TAGS} + echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to GCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v1 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.GCR_JSON_KEY }} + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.prep.outputs.tags }} + labels: | + org.opencontainers.image.title=${{ github.event.repository.name }} + org.opencontainers.image.description=${{ github.event.repository.description }} + org.opencontainers.image.url=${{ github.event.repository.html_url }} + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.version=${{ steps.prep.outputs.version }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} diff --git a/.github/workflows/pkgdown.yaml b/.github/workflows/pkgdown.yml similarity index 100% rename from .github/workflows/pkgdown.yaml rename to .github/workflows/pkgdown.yml diff --git a/.github/workflows/pr-commands.yaml b/.github/workflows/pr-commands.yml similarity index 100% rename from .github/workflows/pr-commands.yaml rename to .github/workflows/pr-commands.yml diff --git a/.github/workflows/R-CMD-check.yaml b/.github/workflows/rcmdcheck.yml similarity index 100% rename from .github/workflows/R-CMD-check.yaml rename to .github/workflows/rcmdcheck.yml diff --git a/.github/workflows/test-coverage.yaml b/.github/workflows/test-coverage.yml similarity index 100% rename from .github/workflows/test-coverage.yaml rename to .github/workflows/test-coverage.yml diff --git a/inst/.gitignore b/inst/.gitignore deleted file mode 100644 index 3b6213b..0000000 --- a/inst/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -* -!.gitignore -!app/ -!WORDLIST diff --git a/inst/config/.gitignore b/inst/config/.gitignore new file mode 100644 index 0000000..7c9d611 --- /dev/null +++ b/inst/config/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!README.md diff --git a/inst/infra/README.md b/inst/infra/README.md new file mode 100644 index 0000000..e69de29 diff --git a/inst/infra/main.tf b/inst/infra/main.tf new file mode 100644 index 0000000..68b45d7 --- /dev/null +++ b/inst/infra/main.tf @@ -0,0 +1,63 @@ +resource "google_project_service" "run" { + service = "run.googleapis.com" +} + +resource "google_cloud_run_service" "rshinycloudrun" { + name = "rshinycloudrun" + location = var.region + project = var.project + + template { + spec { + containers { + image = "gcr.io/rshinycloudrun/rshinycloudrun" + resources { + limits { + cpu = "1000m" + memory = "1024Mi" + } + requests { + cpu = "500m" + memory = "500Mi" + } + } + ports { + container_port = 5000 + } + } + + container_concurrency = 80 + timeout_seconds = 300 + } + metadata { + annotations = { + "autoscaling.knative.dev/minScale" = 0 + "autoscaling.knative.dev/maxScale" = 10 + } + } + } + + traffic { + percent = 100 + latest_revision = true + } + + depends_on = [google_project_service.run] +} + +resource "google_cloud_run_service_iam_member" "allUsers" { + service = google_cloud_run_service.rshinycloudrun.name + location = var.region + project = var.project + role = "roles/run.invoker" + member = "allUsers" +} + +resource "google_cloud_run_domain_mapping" "rshinycloudrun" { + name = "rshinycloudrun" + location = var.region + project = var.project + spec { + route_name = google_cloud_run_service.rshinycloudrun.name + } +} diff --git a/inst/infra/outputs.tf b/inst/infra/outputs.tf new file mode 100644 index 0000000..4a52b61 --- /dev/null +++ b/inst/infra/outputs.tf @@ -0,0 +1,3 @@ +output "url" { + value = google_cloud_run_service.rshinycloudrun.status[0].url +} diff --git a/inst/infra/providers.tf b/inst/infra/providers.tf new file mode 100644 index 0000000..371b5b7 --- /dev/null +++ b/inst/infra/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + google = { + source = "hashicorp/google" + version = ">= 3.56" + } + } +} + +provider "google" { + credentials = file(var.credentials_file) + project = var.project + region = var.region +} diff --git a/inst/infra/variables.tf b/inst/infra/variables.tf new file mode 100644 index 0000000..c5e3ad6 --- /dev/null +++ b/inst/infra/variables.tf @@ -0,0 +1,17 @@ +variable project { + type = string + default = "" + description = "Google Cloud Project ID" +} + +variable region { + type = string + default = "us-east1" + description = "Google Cloud Region" +} + +variable credentials_file { + type = string + default = "" + description = "Path to Google Cloud credentials file" +} diff --git a/inst/infra/versions.tf b/inst/infra/versions.tf new file mode 100644 index 0000000..8cb00ef --- /dev/null +++ b/inst/infra/versions.tf @@ -0,0 +1,3 @@ +terraform { + required_version = ">= 0.13" +}