-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
136 lines (127 loc) · 4.38 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: Deploy
description: Deploy action for python project hosted in GCP Cloud Run
inputs:
identity-provider:
description: Identity Provider
required: true
service-account-email:
description: Service Account Email
required: true
project-id:
description: GCP Project ID
required: true
service:
description: The name of the Cloud Run service
required: true
flags:
description: Cloud Run deploy flags specific to the environment
required: false
env-vars:
description: Environment variables to set in the Cloud Run deploy. (e.g. WEB_API_KEY=value,SOMETHING_ELSE=value)
required: false
mounted-secrets:
description: Cloud run secret mounts. (e.g. /secret/folder/file=secret:latest)
required: false
docker-context:
description: Context for docker Build
required: false
default: .
docker-file:
description: Path to Dockerfile
required: false
docker-build-args:
description: Environment variables to set in the docker image build. (e.g. VITE_DISCOVER=value,VITE_PRINT_PROXY=value)
required: false
region:
description: GCP region
default: us-central1
required: false
service-now-instance:
description: the sub address to https://{service-now-instance}.service-now.com
required: false
service-now-table:
description: the parent table name to write to
required: false
service-now-system-id:
description: the child record id to write to
required: false
service-now-username:
description: the service account name
required: false
service-now-password:
description: the service account password
required: false
repo-token:
description: GitHub token (e.g. secrets.GITHUB_TOKEN). This is only required if you are providing the service now inputs
required: false
runs:
using: composite
steps:
- name: ⬇️ Set up code
uses: actions/checkout@v4
with:
show-progress: false
- name: 🗝️ Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v2
with:
create_credentials_file: true
token_format: access_token
workload_identity_provider: ${{ inputs.identity-provider }}
service_account: ${{ inputs.service-account-email }}
- name: 🐳 Set up Docker Buildx
id: builder
uses: docker/setup-buildx-action@v3
- name: 🗝️ Authenticate Docker to Google Artifact Registry
uses: docker/login-action@v3
with:
registry: us-central1-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: 🏷️ Extract tags from GitHub
id: meta
uses: docker/metadata-action@v5
with:
images: us-central1-docker.pkg.dev/${{ inputs.project-id }}/images/${{ inputs.service }}
tags: |
type=ref,suffix=-{{sha}},event=branch
type=ref,prefix=pr-,suffix=-{{sha}},event=pr
type=semver,pattern={{version}}
type=raw,value=latest
- name: 📦 Build and push image
uses: docker/build-push-action@v6
with:
builder: ${{ steps.builder.outputs.name }}
tags: ${{ steps.meta.outputs.tags }}
context: ${{ inputs.docker-context }}
file: ${{ inputs.docker-file }}
build-args: ${{ inputs.docker-build-args }}
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: false
- name: 🔍️ Set image name
shell: bash
run: |
IMAGE_ID=$(echo $DOCKER_METADATA_OUTPUT_TAGS | cut -d ' ' -f 1)
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
- name: 🚀 Deploy to Cloud Run
id: deploy
uses: google-github-actions/deploy-cloudrun@v2
with:
service: ${{ inputs.service }}
image: ${{ env.IMAGE_ID }}
region: ${{ inputs.region }}
env_vars: ${{ inputs.env-vars }}
flags: ${{ inputs.flags }}
secrets: ${{ inputs.mounted-secrets }}
- name: 🔔 Publish deployment worknote
uses: agrc/service-now-worknote-action@v1
if: ${{ inputs.service-now-system-id }}
with:
repo-token: ${{ inputs.repo-token }}
username: ${{ inputs.service-now-username }}
password: ${{ inputs.service-now-password }}
instance-name: ${{ inputs.service-now-instance }}
table-name: ${{ inputs.service-now-table }}
system-id: ${{ inputs.service-now-system-id }}