Comments (4)
This may not work out of the box with GitHub actions due to the container image that is used as a tool to post to the PR. This logic could potentially be updated to use another GitHub action.
Overall, there are 3 different moving parts in this tutorial:
- Deploy to Cloud Run on push to
main
- Build an image with tooling to post preview to PR
- Deploy a preview
Prep image
In order to simplify this a bit, I recommend completing the steps Creating tokens and configurations and Creating a new image for Cloud Build as is. It could be ported over to GitHub actions but you'll really only need to build it once.
However to use the image we need to login and push it to GitHub's Container Registry.
docker image tag gcr.io/PROJECT_ID/deployment-previews ghcr.io/USERNAME/deployment-previews
docker push ghcr.io/USERNAME/deployment-previews
Deploying to Cloud Run via main
The workflow would look like:
on:
push:
branches:
- main
name: prod-deploy
env:
PROJECT_ID: ${{ secrets.GCP_PROJECT }}
SERVICE: myservice
REGION: us-central1
TAG: run-${{ github.run_id }}
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
with:
project_id: ${{ env.PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
- name: Authorize Docker push
run: gcloud auth configure-docker
- name: Build and Push Container
run: |-
docker build -t gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }} .
docker push gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }}
- name: Deploy to Cloud Run
id: deploy
uses: google-github-actions/[email protected]
with:
service: ${{ env.SERVICE }}
image: gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }}
region: ${{ env.REGION }}
flags: "--allow-unauthenticated"
tag: ${{ env.TAG }}
- name: Ensure prod service is live
uses: google-github-actions/[email protected]
with:
service: ${{ env.SERVICE }}
region: ${{ env.REGION }}
tag_traffic: ${{ env.TAG }}=100
Deploying a preview (not working)
The workflow would look like, though I can't actually get the container image to run correctly:
on: pull_request
name: preview-deploy
env:
PROJECT_ID: ${{ secrets.GCP_PROJECT }}
SERVICE: myservice
REGION: us-central1
TAG: pr-${{ github.event.number }}
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
with:
project_id: ${{ env.PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
- name: Authorize Docker push
run: gcloud auth configure-docker
- name: Build and Push Container
run: |-
docker build -t gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }} .
docker push gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }}
- name: Deploy to Cloud Run
id: deploy
uses: google-github-actions/[email protected]
with:
service: ${{ env.SERVICE }}
image: gcr.io/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ env.TAG }}
region: ${{ env.REGION }}
tag: ${{ env.TAG }}
no_traffic: true
preview:
needs: deploy
runs-on: ubuntu-latest
container:
image: ghcr.io/<YOURUSERNAME>/deployment-previews
credentials:
username: ${{ github.actor }}
password: ${{ secrets.ghcr_token }}
steps:
- name: Link revision on pull request # Does not run correctly and could be replace with another action
run: set --project-id ${{ env.PROJECT_ID }} \
--region ${{ env.REGION }} \
--service ${{ env.SERVICE }} \
--pull-request ${{ github.event.number }} \
--repo-name ${{ github.repository }}
--commit-sha ${{ github.sha }}
@glasnt as original tutorial writer
from deploy-cloudrun.
Here's a version of the preview
job section that works:
preview:
needs: deploy
runs-on: ubuntu-latest
container:
image: ghcr.io/YOURUSERNAME/deployment-previews
credentials:
username: ${{ github.actor }}
password: ${{ secrets.ghcr_token }}
steps:
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
with:
project_id: ${{ env.PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
export_default_credentials: true
- name: Link revision on pull request
run: |-
python3 /app/check_status.py set --project-id ${{ env.PROJECT_ID }} \
--region ${{ env.REGION }} \
--service ${{ env.SERVICE }} \
--pull-request ${{ github.event.number }} \
--repo-name ${{ github.repository }} \
--commit-sha ${{ github.event.pull_request.head.sha }}
Notes:
run
commands are run directly in the container shell (docs), so you need to be explicit and add what the Dockerfile'sENTRYPOINT
includes for you (hence adding thepython3 /app/check_status.py
part)- This job needs authentication to gcloud, but the container uses Client APIs, so it needs the exported credentials (hence adding an additional setup step, with
export_default_credentials: true
- Given the requirement of a custom container base, I think splitting
preview
into a separate job is cleaner, but this does lead to this step duplication.
- Given the requirement of a custom container base, I think splitting
- I'm not sure if it's syntax or something else, but I used the multi-line yaml
|-
to ensure all the parameters were sent to the script. - The
github.sha
in this context is a merge commit, and a the commit we can attach a status to. Instead I'm opting to use the head sha on the pull request. This should be conceptually identical to what is intended here.
from deploy-cloudrun.
Thanks, I was able to get the build/deploy github action jobs working, but I'm not sure I fully understand what's needed for the preview:
job.
I'm confused what is the docker container being referenced in the preview job?
image: ghcr.io/YOURUSERNAME/deployment-previews
Is that a custom Docker container, I also saw it referenced as:
image: ghcr.io/averikitsch/deployment-previews
From what I understand the purpose of that job is to set the Cloud Run preview URL on the github commit via the github Checks API?
from deploy-cloudrun.
In @averikitsch's comment, she references the container image she built and hosted on the github container registry, so I removed her name and put a placeholder.
In the original tutorial you build the container from source and host it under your google cloud project. In the "Prep Image" section of Averi's earlier comment, you tag and push that same image to ghci for use in github actions under your username.
Hope this makes sense!
from deploy-cloudrun.
Related Issues (20)
- Overriding yaml from cli HOT 1
- Cannot deploy if an environment variable contains a whitespace
- env_vars_file deprecated? HOT 1
- Environment variables don't seem to be available at build time HOT 2
- Trouble deploying using IAM instructions HOT 2
- service_account_email attribute was not recognized HOT 5
- Error: Image not found HOT 2
- Implement `to_latest: true` HOT 2
- Ability to configure build when deploying from source HOT 2
- .gitignore should be avoided during build. HOT 8
- Can't set cloud run service_account when creating an instance HOT 1
- Docs on handling secrets with colons HOT 5
- No effect of --allow-unauthenticated flag HOT 1
- Not using latest revision HOT 14
- FAILED_PRECONDITION - quota restrictions HOT 7
- Error: google-github-actions/deploy-cloudrun failed with: failed to execute gcloud command HOT 1
- Updating Traffic Failed HOT 2
- `ERROR: Permission denied while accessing Artifact Registry.` despite service account having permission artifactregistry.repositories.get HOT 8
- Cannot use env with no value HOT 1
- Support for setting custom health checks HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from deploy-cloudrun.