Skip to content

also remove associated roles for network deletion #5259

also remove associated roles for network deletion

also remove associated roles for network deletion #5259

Workflow file for this run

name: deploy-to-preview-environment
on:
pull_request:
branches:
- staging
env:
REGISTRY_URL: eu.gcr.io
PROJECT_ID: airqo-250220
jobs:
branch-name:
name: Format branch name string
runs-on: ubuntu-latest
outputs:
lowercase: ${{ steps.string.outputs.lowercase }} # lowercase version
steps:
- id: string
uses: ASzc/change-string-case-action@v5
with:
string: ${{ github.head_ref || github.ref_name }}
check:
name: check changed microservice(s)
outputs:
run_auth_service: ${{ steps.check_files.outputs.run_auth_service }} # auth service
run_device_registry: ${{ steps.check_files.outputs.run_device_registry }} # device registry
run_device_monitoring: ${{ steps.check_files.outputs.run_device_monitoring }} # device monitoring
run_data_mgt: ${{ steps.check_files.outputs.run_data_mgt }} # data mgt
run_data_proxy: ${{ steps.check_files.outputs.run_data_proxy }} # data proxy
run_analytics: ${{ steps.check_files.outputs.run_analytics }} # analytics
run_locate: ${{ steps.check_files.outputs.run_locate }} # locate
run_predict: ${{ steps.check_files.outputs.run_predict }} # predict
run_meta_data: ${{ steps.check_files.outputs.run_meta_data }} # metadata
run_view: ${{ steps.check_files.outputs.run_view }} # view
run_calibrate: ${{ steps.check_files.outputs.run_calibrate }} # calibrate
run_incentives: ${{ steps.check_files.outputs.run_incentives }} # incentives
run_spatial: ${{ steps.check_files.outputs.run_spatial }} # spatial
run_website: ${{ steps.check_files.outputs.run_website }} # website
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/[email protected]
with:
fetch-depth: 2
#### all microservices ######
- name: check modified microserivce
id: check_files
run: |
echo "=============== list modified files ==============="
git diff --name-only HEAD^ HEAD
echo "========== check paths of modified files =========="
git diff --name-only HEAD^ HEAD > files.txt
echo "run_auth_service=false" >>$GITHUB_OUTPUT
echo "run_device_registry=false" >>$GITHUB_OUTPUT
echo "run_device_monitoring=false" >>$GITHUB_OUTPUT
echo "run_data_mgt=false" >>$GITHUB_OUTPUT
echo "run_data_proxy=false" >>$GITHUB_OUTPUT
echo "run_analytics=false" >>$GITHUB_OUTPUT
echo "run_locate=false" >>$GITHUB_OUTPUT
echo "run_predict=false" >>$GITHUB_OUTPUT
echo "run_meta_data=false" >>$GITHUB_OUTPUT
echo "run_view=false" >>$GITHUB_OUTPUT
echo "run_calibrate=false" >>$GITHUB_OUTPUT
echo "run_incentives=false" >>$GITHUB_OUTPUT
echo "run_spatial=false" >>$GITHUB_OUTPUT
echo "run_website=false" >>$GITHUB_OUTPUT
while IFS= read -r file
do
echo $file
if [[ $file == src/auth-service/* ]]; then
echo "run_auth_service=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/device-registry/* ]]; then
echo "run_device_registry=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/device-monitoring/* ]]; then
echo "run_device_monitoring=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/data-mgt/* ]]; then
echo "run_data_mgt=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/data-proxy/* ]]; then
echo "run_data_proxy=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/analytics/* ]]; then
echo "run_analytics=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/locate/* ]]; then
echo "run_locate=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/predict/* ]]; then
echo "run_predict=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/meta-data/* ]]; then
echo "run_meta_data=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/view/* ]]; then
echo "run_view=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/calibrate/* ]]; then
echo "run_calibrate=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/incentives/* ]]; then
echo "run_incentives=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/spatial/* ]]; then
echo "run_spatial=true" >>$GITHUB_OUTPUT
fi
if [[ $file == src/website/* ]]; then
echo "run_website=true" >>$GITHUB_OUTPUT
fi
done < files.txt
### auth_service ###
auth-service:
name: build-push-deploy-auth-service
needs: [check, branch-name]
if: needs.check.outputs.run_auth_service == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/auth-service/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} \
--port=3000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-auth-service:latest,/etc/config/firebase_admin_sdk.json=sta-key-auth-service-firebase-admin-sdk:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
auth-service-pr-comment:
name: auth-service-preview-link-comment
if: needs.check.outputs.run_auth_service == 'true'
needs: [auth-service]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Auth-service changes in this PR available for preview [here](${{ needs.auth-service.outputs.url }})'
})
### device registry ###
device-registry:
name: build-push-deploy-device-registry
needs: [check, branch-name]
if: needs.check.outputs.run_device_registry == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/device-registry/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} \
--port=3000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-device-registry:latest,/etc/config/google_application_credentials.json=sta-key-device-registry-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
device-registry-pr-comment:
name: device-registry-preview-link-comment
if: needs.check.outputs.run_device_registry == 'true'
needs: [device-registry]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Device registry changes in this PR available for preview [here](${{ needs.device-registry.outputs.url }})'
})
### device monitoring ###
device-monitoring:
name: build-push-deploy-device-monitoring
needs: [check, branch-name]
if: needs.check.outputs.run_device_monitoring == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/device-monitoring/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} \
--port=4001 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-device-monitoring:latest,/etc/config/google_application_credentials.json=sta-key-device-monitoring-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
device-monitoring-pr-comment:
name: device-monitoring-preview-link-comment
if: needs.check.outputs.run_device_monitoring == 'true'
needs: [device-monitoring]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Device monitoring changes in this PR available for preview [here](${{ needs.device-monitoring.outputs.url }})'
})
### run data mgt ###
data-mgt:
name: build-push-deploy-data-mgt
needs: [check, branch-name]
if: needs.check.outputs.run_data_mgt == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/data-mgt/
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} \
--port=3000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-data-mgt-nodejs:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
data-mgt-pr-comment:
name: data-mgt-preview-link-comment
if: needs.check.outputs.run_data_mgt == 'true'
needs: [data-mgt]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Data management changes in this PR available for preview [here](${{ needs.data-mgt.outputs.url }})'
})
### run data proxy ###
data-proxy:
name: build-push-deploy-data-proxy
needs: [check, branch-name]
if: needs.check.outputs.run_data_proxy == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/data-proxy/
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} \
--port=3000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-data-proxy:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
data-proxy-pr-comment:
name: data-proxy-preview-link-comment
if: needs.check.outputs.run_data_proxy == 'true'
needs: [data-proxy]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Data Proxy changes in this PR available for preview [here](${{ needs.data-proxy.outputs.url }})'
})
### analytics ###
analytics:
name: build-push-deploy-analytics
needs: [check, branch-name]
if: needs.check.outputs.run_analytics == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/analytics/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} \
--port=5000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-analytics:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
analytics-pr-comment:
name: analytics-preview-link-comment
if: needs.check.outputs.run_analytics == 'true'
needs: [analytics]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Analytics changes in this PR available for preview [here](${{ needs.analytics.outputs.url }})'
})
### locate ###
locate:
name: build-push-deploy-locate
needs: [check, branch-name]
if: needs.check.outputs.run_locate == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/locate/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-locate-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} \
--port=4001 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-locate:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-locate-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
locate-pr-comment:
name: locate-preview-link-comment
if: needs.check.outputs.run_locate == 'true'
needs: [locate]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Locate API changes in this PR available for preview [here](${{ needs.locate.outputs.url }})'
})
### predict service ###
predict-service:
name: build-push-deploy-predict-service-preview
needs: [check, branch-name]
if: needs.check.outputs.run_predict == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/predict/api/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} \
--port=5000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-predict:latest,/etc/config/google_application_credentials.json=sta-key-predict-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
predict-pr-comment:
name: predict-service-preview-link-comment
if: needs.check.outputs.run_predict == 'true'
needs: [predict-service]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Predict service changes in this PR available for preview [here](${{ needs.predict-service.outputs.url }})'
})
### meta-data ###
meta-data:
name: build-push-deploy-meta-data
needs: [check, branch-name]
if: needs.check.outputs.run_meta_data == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/meta-data/
docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} .
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} \
--port=4001 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-metadata:latest,/etc/config/google_application_credentials.json=sta-key-metadata-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app-dir/.env; gunicorn --bind=0.0.0.0:4001 app:app" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
meta-data-pr-comment:
name: meta-data-preview-link-comment
if: needs.check.outputs.run_meta_data == 'true'
needs: [meta-data]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Meta-data changes in this PR available for preview [here](${{ needs.meta-data.outputs.url }})'
})
### view ###
view:
name: build-push-deploy-view-api
needs: [check, branch-name]
if: needs.check.outputs.run_view == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/view/
docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-view-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} \
--port=8080 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-view-api:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; java -Djava.security.egd=file:/dev/./urandom -Dspring.profiles.active=api -jar /view.jar" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-view-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
view-pr-comment:
name: view-preview-link-comment
if: needs.check.outputs.run_view == 'true'
needs: [view]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'View API changes in this PR available for preview [here](${{ needs.view.outputs.url }})'
})
### calibrate ###
calibrate:
name: build-push-deploy-calibrate
needs: [check, branch-name]
if: needs.check.outputs.run_calibrate == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/calibrate/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} \
--port=4001 \
--cpu=2000m \
--memory=1024Mi \
--update-secrets=/etc/env/.env=sta-env-calibrate:latest,/etc/config/google_application_credentials.json=sta-key-calibrate-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; gunicorn --bind=0.0.0.0:4001 app:app" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
calibrate-pr-comment:
name: calibrate-preview-link-comment
if: needs.check.outputs.run_calibrate == 'true'
needs: [calibrate]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Calibrate changes in this PR available for preview [here](${{ needs.calibrate.outputs.url }})'
})
### incentives ###
incentives:
name: build-push-deploy-incentives
needs: [check, branch-name]
if: needs.check.outputs.run_incentives == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/incentives/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} .
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} \
--port=3000 \
--cpu=1000m \
--memory=256Mi \
--update-secrets=/etc/env/.env=sta-env-incentives:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; npm run stage" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
incentives-pr-comment:
name: incentives-preview-link-comment
if: needs.check.outputs.run_incentives == 'true'
needs: [incentives]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Incentives API changes in this PR available for preview [here](${{ needs.incentives.outputs.url }})'
})
### spatial ###
spatial:
name: build-push-deploy-spatial
needs: [check, branch-name]
if: needs.check.outputs.run_spatial == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/spatial/
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} \
--port=5000 \
--cpu=1000m \
--memory=1024Mi \
--update-secrets=/etc/env/.env=sta-env-spatial:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
spatial-pr-comment:
name: spatial-preview-link-comment
if: needs.check.outputs.run_spatial == 'true'
needs: [spatial]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Spatial changes in this PR available for preview [here](${{ needs.spatial.outputs.url }})'
})
### website ###
website:
name: build-push-deploy-website
needs: [check, branch-name]
if: needs.check.outputs.run_website == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
outputs:
url: ${{ steps.preview-url.outputs.url }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Google Auth
id: auth
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Setup Cloud SDK
uses: google-github-actions/[email protected]
- name: Docker Auth
id: docker-auth
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY_URL }}
username: _json_key
password: ${{ secrets.GCP_SA_CREDENTIALS }}
- name: Build and Push Container
run: |
cd src/website/
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} ./
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-website-preview \
--region=${{ secrets.REGION }} \
--max-instances=10 \
--timeout=60 \
--concurrency=10 \
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} \
--port=8000 \
--cpu=1000m \
--memory=1024Mi \
--update-secrets=/etc/env/.env=sta-env-website-backend:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; /app/entrypoint.sh" \
--allow-unauthenticated
- name: Get preview service url
id: preview-url
run: |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-website-preview \
--format='value(status.url)' \
--platform managed \
--region ${{ secrets.REGION }})
echo "url=${service_url}" >>$GITHUB_OUTPUT
website-pr-comment:
name: website-preview-link-comment
if: needs.check.outputs.run_website == 'true'
needs: [website]
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'website changes in this PR available for preview [here](${{ needs.website.outputs.url }})'
})