|
4 | 4 | push: |
5 | 5 | branches: |
6 | 6 | - main |
| 7 | + pull_request: |
| 8 | + branches: |
| 9 | + - main |
7 | 10 |
|
8 | | -env: |
9 | | - PROJECT_ID: sb-gcp-project-01 |
10 | | - REGION: europe-west1 |
11 | | - REPO: suntrace-repo |
12 | | - SERVICE: suntrace |
13 | | - GCS_BUCKET: suntrace # ← set this to the bucket where you uploaded your geojson |
| 11 | +permissions: |
| 12 | + contents: read |
| 13 | + id-token: write |
14 | 14 |
|
15 | 15 | jobs: |
16 | 16 | deploy: |
17 | 17 | runs-on: ubuntu-latest |
| 18 | + |
18 | 19 | steps: |
19 | | - - uses: actions/checkout@v3 |
| 20 | + - name: Checkout code |
| 21 | + uses: actions/checkout@v4 |
20 | 22 |
|
21 | | - - name: Authenticate to GCP |
22 | | - uses: google-github-actions/auth@v1 |
| 23 | + - name: Authenticate to GCP via Google Cloud Service Account Key JSON. |
| 24 | + uses: google-github-actions/auth@v2 |
23 | 25 | with: |
24 | | - credentials_json: ${{ secrets.GCP_SA_KEY }} |
| 26 | + credentials_json: '${{ secrets.GOOGLE_CREDENTIALS }}' |
25 | 27 |
|
26 | | - - name: Set up Cloud SDK |
27 | | - uses: google-github-actions/setup-gcloud@v1 |
| 28 | + - name: Set up gcloud SDK |
| 29 | + uses: google-github-actions/setup-gcloud@v2 |
28 | 30 | with: |
29 | | - project_id: ${{ env.PROJECT_ID }} |
30 | | - install_components: ['gcloud', 'beta', 'alpha'] |
| 31 | + project_id: ${{ secrets.GCP_PROJECT_ID }} |
| 32 | + |
| 33 | + - name: Configure Docker for Artifact Registry |
| 34 | + run: | |
| 35 | + gcloud auth configure-docker ${{ secrets.GCP_REGION }}-docker.pkg.dev --quiet |
31 | 36 |
|
32 | 37 | # ← NEW STEP: fetch your geojson folder from GCS into ./data |
33 | 38 | - name: Download GeoJSON data from GCS |
34 | 39 | run: | |
35 | 40 | mkdir -p data |
36 | | - gsutil -m cp -r gs://$GCS_BUCKET/geojson/* data/ |
| 41 | + gsutil -m cp -r gs://${{ secrets.GCS_BUCKET }}/geojson/data/* data/ |
37 | 42 |
|
38 | | - - name: Build with Cloud Build |
| 43 | + - name: Build Docker image |
39 | 44 | run: | |
40 | | - TAG="${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/${{ env.SERVICE }}" |
41 | | - # this will now include data/ in the build context |
42 | | - gcloud builds submit --tag "$TAG" |
| 45 | + IMAGE=${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_PROJECT_REPO }}/${{ secrets.APP_NAME }}:${{ github.sha }} |
| 46 | + docker build -t $IMAGE . |
43 | 47 |
|
44 | | - - name: Deploy to Cloud Run |
| 48 | + - name: Push Docker image |
45 | 49 | run: | |
46 | | - TAG="${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPO }}/${{ env.SERVICE }}" |
47 | | - gcloud run deploy ${{ env.SERVICE }} \ |
48 | | - --image "$TAG" \ |
49 | | - --region ${{ env.REGION }} \ |
50 | | - --platform managed \ |
51 | | - --allow-unauthenticated |
| 50 | + IMAGE=${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_PROJECT_REPO }}/${{ secrets.APP_NAME }}:${{ github.sha }} |
| 51 | + docker push $IMAGE |
| 52 | +
|
| 53 | + - name: Deploy to Cloud Run |
| 54 | + uses: google-github-actions/deploy-cloudrun@v2 |
| 55 | + with: |
| 56 | + service: ${{ secrets.APP_NAME }} |
| 57 | + image: ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_PROJECT_REPO }}/${{ secrets.APP_NAME }}:${{ github.sha }} |
| 58 | + region: ${{ secrets.GCP_REGION }} |
| 59 | + project_id: ${{ secrets.GCP_PROJECT_ID }} |
0 commit comments