Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: point users to specific example workflow #254

Merged
merged 2 commits into from Dec 22, 2020
Merged

fix: point users to specific example workflow #254

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bb385c2
fix: point users to Cloud Run example workflow
averikitsch Dec 21, 2020
47b1bda
fix: remove app engine example app and update instructions
averikitsch Dec 22, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 0 additions & 4 deletions example-workflows/cloud-run/.dockerignore
View file
Open in desktop

This file was deleted.

58 changes: 0 additions & 58 deletions example-workflows/cloud-run/.github/workflows/cloud-run.yml
View file
Open in desktop

This file was deleted.

34 changes: 0 additions & 34 deletions example-workflows/cloud-run/Dockerfile
View file
Open in desktop

This file was deleted.

79 changes: 19 additions & 60 deletions example-workflows/cloud-run/README.md
View file
Open in desktop
@@ -1,21 +1,25 @@
# Cloud Run - GitHub Actions
# Cloud Run Workflow

An example workflow that uses [GitHub Actions][actions] to deploy a
[Hello World Node.js app](index.js) to [Cloud Run][cloud-run].
An example workflow that uses the `setup-gcloud` action to deploy to [Cloud Run][cloud-run].

_**Checkout the [`deploy-cloudrun` action](https://github.com/google-github-actions/deploy-cloudrun) and [example workflows](https://github.com/google-github-actions/deploy-cloudrun/README.md#example-workflows)
for a specialized implementation.**_

This code is intended to be an _example_. You will likely need to change or
update values to match your setup.

## Workflow description

For pushes to the `master` branch, this workflow will:
For pushes to the `example` branch, this workflow will:
bharathkkb marked this conversation as resolved.
Show resolved Hide resolved

1. Download and configure the Google [Cloud SDK][sdk] with the provided
credentials.

1. Authenticates Docker to push to Google Container Registry

1. Build, tag, and push a container image to Google Container Registry.

- The image is built using Cloud Build and pushed to Google Container Registry.
- The image is built using Docker and pushed to Google Container Registry.

- The image is available through the following tags: `latest` and first 8 of
the commit SHA.
Expand All @@ -24,72 +28,27 @@ For pushes to the `master` branch, this workflow will:

## Setup

1. Create a new Google Cloud Project (or select an existing project) and
[enable the Cloud Run and Cloud Build APIs](https://console.cloud.google.com/flows/enableapi?apiid=cloudbuild.googleapis.com,run.googleapis.com).

1. Create or reuse a GitHub repository for the example workflow:

1. [Create a repository](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-new-repository).

1. Move into the repository directory:
1. Create a new Google Cloud Project (or select an existing project).

```
$ cd <repo>
```
1. [Enable the Cloud Run API](https://console.cloud.google.com/flows/enableapi?apiid=run.googleapis.com).

1. Copy the example into the repository:

```
$ cp -r <path_to>/github-actions/example-workflows/cloud-run/ .
```

1. [Create a Google Cloud service account][create-sa] if one does not already
exist.
1. [Create a Google Cloud service account][sa] or select an existing one.

1. Add the the following [Cloud IAM roles][roles] to your service account:

- `Cloud Run Admin` - allows for the creation of new services

- `Cloud Build Editor` - allows for deploying cloud builds

- `Cloud Build Service Account` - allows for deploying cloud builds

- `Viewer` - allows for viewing the project

- `Service Account User` - required to deploy services to Cloud Run

Note: These permissions are overly broad to favor a quick start. They do not
represent best practices around the Principle of Least Privilege. To
properly restrict access, you should create a custom IAM role with the most
restrictive permissions.


1. [Create a JSON service account key][create-key] for the service account.

1. Add the following secrets to your repository's secrets:

- `RUN_PROJECT`: Google Cloud project ID

- `RUN_SA_KEY`: the content of the service account JSON file
- `Cloud Run Admin` - allows for the creation of new Cloud Run services

## Run the workflow
- `Service Account User` - required to deploy to Cloud Run as service account

1. Add and commit your changes:
- `Storage Admin` - allow push to Google Container Registry

```text
$ git add .
$ git commit -m "Set up GitHub workflow"
```
1. [Download a JSON service account key][create-key] for the service account.

1. Push to the `master` branch:
1. Add the following [secrets to your repository's secrets][gh-secret]:

```text
$ git push -u origin master
```
- `GCP_PROJECT`: Google Cloud project ID

1. View the GitHub Actions Workflow by selecting the `Actions` tab at the top
of your repository on GitHub. Then click on the `Build and Deploy to Cloud
Run` element to see the details.
- `GCP_SA_KEY`: the downloaded service account key

[actions]: https://help.github.com/en/categories/automating-your-workflow-with-github-actions
[cloud-run]: https://cloud.google.com/run/
Expand Down
53 changes: 53 additions & 0 deletions example-workflows/cloud-run/cloud-run.yml
View file
Open in desktop
@@ -0,0 +1,53 @@
# Copyright 2019 Google, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

on:
push:
branches:
- example

name: Build and Deploy to Cloud Run
env:
PROJECT_ID: ${{ secrets.GCP_PROJECT }}
SERVICE: YOUR_SERVICE_NAME
REGION: YOUR_SERVICE_REGION

jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Setup Cloud SDK
uses: google-github-actions/setup-gcloud@v0.2.0
with:
project_id: ${{ env.PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}

- name: Authorize Docker push
run: gcloud auth configure-docker

- name: Build and Push Container
run: |-
docker build -t gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }} .
bharathkkb marked this conversation as resolved.
Show resolved Hide resolved
docker push gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }}

- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ env.SERVICE }} \
--region ${{ env.REGION }} \
--image gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }} \
--platform "managed" \
--quiet
28 changes: 0 additions & 28 deletions example-workflows/cloud-run/index.js
View file
Open in desktop

This file was deleted.