also remove associated roles for network deletion #5259
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy-to-preview-environment | |
on: | |
pull_request: | |
branches: | |
- staging | |
env: | |
REGISTRY_URL: eu.gcr.io | |
PROJECT_ID: airqo-250220 | |
jobs: | |
branch-name: | |
name: Format branch name string | |
runs-on: ubuntu-latest | |
outputs: | |
lowercase: ${{ steps.string.outputs.lowercase }} # lowercase version | |
steps: | |
- id: string | |
uses: ASzc/change-string-case-action@v5 | |
with: | |
string: ${{ github.head_ref || github.ref_name }} | |
check: | |
name: check changed microservice(s) | |
outputs: | |
run_auth_service: ${{ steps.check_files.outputs.run_auth_service }} # auth service | |
run_device_registry: ${{ steps.check_files.outputs.run_device_registry }} # device registry | |
run_device_monitoring: ${{ steps.check_files.outputs.run_device_monitoring }} # device monitoring | |
run_data_mgt: ${{ steps.check_files.outputs.run_data_mgt }} # data mgt | |
run_data_proxy: ${{ steps.check_files.outputs.run_data_proxy }} # data proxy | |
run_analytics: ${{ steps.check_files.outputs.run_analytics }} # analytics | |
run_locate: ${{ steps.check_files.outputs.run_locate }} # locate | |
run_predict: ${{ steps.check_files.outputs.run_predict }} # predict | |
run_meta_data: ${{ steps.check_files.outputs.run_meta_data }} # metadata | |
run_view: ${{ steps.check_files.outputs.run_view }} # view | |
run_calibrate: ${{ steps.check_files.outputs.run_calibrate }} # calibrate | |
run_incentives: ${{ steps.check_files.outputs.run_incentives }} # incentives | |
run_spatial: ${{ steps.check_files.outputs.run_spatial }} # spatial | |
run_website: ${{ steps.check_files.outputs.run_website }} # website | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout code | |
uses: actions/[email protected] | |
with: | |
fetch-depth: 2 | |
#### all microservices ###### | |
- name: check modified microserivce | |
id: check_files | |
run: | | |
echo "=============== list modified files ===============" | |
git diff --name-only HEAD^ HEAD | |
echo "========== check paths of modified files ==========" | |
git diff --name-only HEAD^ HEAD > files.txt | |
echo "run_auth_service=false" >>$GITHUB_OUTPUT | |
echo "run_device_registry=false" >>$GITHUB_OUTPUT | |
echo "run_device_monitoring=false" >>$GITHUB_OUTPUT | |
echo "run_data_mgt=false" >>$GITHUB_OUTPUT | |
echo "run_data_proxy=false" >>$GITHUB_OUTPUT | |
echo "run_analytics=false" >>$GITHUB_OUTPUT | |
echo "run_locate=false" >>$GITHUB_OUTPUT | |
echo "run_predict=false" >>$GITHUB_OUTPUT | |
echo "run_meta_data=false" >>$GITHUB_OUTPUT | |
echo "run_view=false" >>$GITHUB_OUTPUT | |
echo "run_calibrate=false" >>$GITHUB_OUTPUT | |
echo "run_incentives=false" >>$GITHUB_OUTPUT | |
echo "run_spatial=false" >>$GITHUB_OUTPUT | |
echo "run_website=false" >>$GITHUB_OUTPUT | |
while IFS= read -r file | |
do | |
echo $file | |
if [[ $file == src/auth-service/* ]]; then | |
echo "run_auth_service=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/device-registry/* ]]; then | |
echo "run_device_registry=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/device-monitoring/* ]]; then | |
echo "run_device_monitoring=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/data-mgt/* ]]; then | |
echo "run_data_mgt=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/data-proxy/* ]]; then | |
echo "run_data_proxy=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/analytics/* ]]; then | |
echo "run_analytics=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/locate/* ]]; then | |
echo "run_locate=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/predict/* ]]; then | |
echo "run_predict=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/meta-data/* ]]; then | |
echo "run_meta_data=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/view/* ]]; then | |
echo "run_view=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/calibrate/* ]]; then | |
echo "run_calibrate=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/incentives/* ]]; then | |
echo "run_incentives=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/spatial/* ]]; then | |
echo "run_spatial=true" >>$GITHUB_OUTPUT | |
fi | |
if [[ $file == src/website/* ]]; then | |
echo "run_website=true" >>$GITHUB_OUTPUT | |
fi | |
done < files.txt | |
### auth_service ### | |
auth-service: | |
name: build-push-deploy-auth-service | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_auth_service == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/auth-service/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} \ | |
--port=3000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-auth-service:latest,/etc/config/firebase_admin_sdk.json=sta-key-auth-service-firebase-admin-sdk:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
auth-service-pr-comment: | |
name: auth-service-preview-link-comment | |
if: needs.check.outputs.run_auth_service == 'true' | |
needs: [auth-service] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Auth-service changes in this PR available for preview [here](${{ needs.auth-service.outputs.url }})' | |
}) | |
### device registry ### | |
device-registry: | |
name: build-push-deploy-device-registry | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_device_registry == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/device-registry/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} \ | |
--port=3000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-device-registry:latest,/etc/config/google_application_credentials.json=sta-key-device-registry-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
device-registry-pr-comment: | |
name: device-registry-preview-link-comment | |
if: needs.check.outputs.run_device_registry == 'true' | |
needs: [device-registry] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Device registry changes in this PR available for preview [here](${{ needs.device-registry.outputs.url }})' | |
}) | |
### device monitoring ### | |
device-monitoring: | |
name: build-push-deploy-device-monitoring | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_device_monitoring == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/device-monitoring/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} \ | |
--port=4001 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-device-monitoring:latest,/etc/config/google_application_credentials.json=sta-key-device-monitoring-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
device-monitoring-pr-comment: | |
name: device-monitoring-preview-link-comment | |
if: needs.check.outputs.run_device_monitoring == 'true' | |
needs: [device-monitoring] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Device monitoring changes in this PR available for preview [here](${{ needs.device-monitoring.outputs.url }})' | |
}) | |
### run data mgt ### | |
data-mgt: | |
name: build-push-deploy-data-mgt | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_data_mgt == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/data-mgt/ | |
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} \ | |
--port=3000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-data-mgt-nodejs:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
data-mgt-pr-comment: | |
name: data-mgt-preview-link-comment | |
if: needs.check.outputs.run_data_mgt == 'true' | |
needs: [data-mgt] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Data management changes in this PR available for preview [here](${{ needs.data-mgt.outputs.url }})' | |
}) | |
### run data proxy ### | |
data-proxy: | |
name: build-push-deploy-data-proxy | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_data_proxy == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/data-proxy/ | |
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} \ | |
--port=3000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-data-proxy:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
data-proxy-pr-comment: | |
name: data-proxy-preview-link-comment | |
if: needs.check.outputs.run_data_proxy == 'true' | |
needs: [data-proxy] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Data Proxy changes in this PR available for preview [here](${{ needs.data-proxy.outputs.url }})' | |
}) | |
### analytics ### | |
analytics: | |
name: build-push-deploy-analytics | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_analytics == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/analytics/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} \ | |
--port=5000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-analytics:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
analytics-pr-comment: | |
name: analytics-preview-link-comment | |
if: needs.check.outputs.run_analytics == 'true' | |
needs: [analytics] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Analytics changes in this PR available for preview [here](${{ needs.analytics.outputs.url }})' | |
}) | |
### locate ### | |
locate: | |
name: build-push-deploy-locate | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_locate == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/locate/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-locate-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} \ | |
--port=4001 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-locate:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-locate-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
locate-pr-comment: | |
name: locate-preview-link-comment | |
if: needs.check.outputs.run_locate == 'true' | |
needs: [locate] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Locate API changes in this PR available for preview [here](${{ needs.locate.outputs.url }})' | |
}) | |
### predict service ### | |
predict-service: | |
name: build-push-deploy-predict-service-preview | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_predict == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/predict/api/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} \ | |
--port=5000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-predict:latest,/etc/config/google_application_credentials.json=sta-key-predict-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
predict-pr-comment: | |
name: predict-service-preview-link-comment | |
if: needs.check.outputs.run_predict == 'true' | |
needs: [predict-service] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Predict service changes in this PR available for preview [here](${{ needs.predict-service.outputs.url }})' | |
}) | |
### meta-data ### | |
meta-data: | |
name: build-push-deploy-meta-data | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_meta_data == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/meta-data/ | |
docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} . | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} \ | |
--port=4001 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-metadata:latest,/etc/config/google_application_credentials.json=sta-key-metadata-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app-dir/.env; gunicorn --bind=0.0.0.0:4001 app:app" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
meta-data-pr-comment: | |
name: meta-data-preview-link-comment | |
if: needs.check.outputs.run_meta_data == 'true' | |
needs: [meta-data] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Meta-data changes in this PR available for preview [here](${{ needs.meta-data.outputs.url }})' | |
}) | |
### view ### | |
view: | |
name: build-push-deploy-view-api | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_view == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/view/ | |
docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-view-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} \ | |
--port=8080 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-view-api:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; java -Djava.security.egd=file:/dev/./urandom -Dspring.profiles.active=api -jar /view.jar" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-view-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
view-pr-comment: | |
name: view-preview-link-comment | |
if: needs.check.outputs.run_view == 'true' | |
needs: [view] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'View API changes in this PR available for preview [here](${{ needs.view.outputs.url }})' | |
}) | |
### calibrate ### | |
calibrate: | |
name: build-push-deploy-calibrate | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_calibrate == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/calibrate/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} \ | |
--port=4001 \ | |
--cpu=2000m \ | |
--memory=1024Mi \ | |
--update-secrets=/etc/env/.env=sta-env-calibrate:latest,/etc/config/google_application_credentials.json=sta-key-calibrate-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; gunicorn --bind=0.0.0.0:4001 app:app" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
calibrate-pr-comment: | |
name: calibrate-preview-link-comment | |
if: needs.check.outputs.run_calibrate == 'true' | |
needs: [calibrate] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Calibrate changes in this PR available for preview [here](${{ needs.calibrate.outputs.url }})' | |
}) | |
### incentives ### | |
incentives: | |
name: build-push-deploy-incentives | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_incentives == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/incentives/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} . | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} \ | |
--port=3000 \ | |
--cpu=1000m \ | |
--memory=256Mi \ | |
--update-secrets=/etc/env/.env=sta-env-incentives:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; npm run stage" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
incentives-pr-comment: | |
name: incentives-preview-link-comment | |
if: needs.check.outputs.run_incentives == 'true' | |
needs: [incentives] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Incentives API changes in this PR available for preview [here](${{ needs.incentives.outputs.url }})' | |
}) | |
### spatial ### | |
spatial: | |
name: build-push-deploy-spatial | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_spatial == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/spatial/ | |
docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} \ | |
--port=5000 \ | |
--cpu=1000m \ | |
--memory=1024Mi \ | |
--update-secrets=/etc/env/.env=sta-env-spatial:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
spatial-pr-comment: | |
name: spatial-preview-link-comment | |
if: needs.check.outputs.run_spatial == 'true' | |
needs: [spatial] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'Spatial changes in this PR available for preview [here](${{ needs.spatial.outputs.url }})' | |
}) | |
### website ### | |
website: | |
name: build-push-deploy-website | |
needs: [check, branch-name] | |
if: needs.check.outputs.run_website == 'true' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
outputs: | |
url: ${{ steps.preview-url.outputs.url }} | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
- name: Google Auth | |
id: auth | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Setup Cloud SDK | |
uses: google-github-actions/[email protected] | |
- name: Docker Auth | |
id: docker-auth | |
uses: docker/[email protected] | |
with: | |
registry: ${{ env.REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.GCP_SA_CREDENTIALS }} | |
- name: Build and Push Container | |
run: | | |
cd src/website/ | |
docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} ./ | |
docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} | |
- name: Deploy to Cloud Run | |
run: |- | |
gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-website-preview \ | |
--region=${{ secrets.REGION }} \ | |
--max-instances=10 \ | |
--timeout=60 \ | |
--concurrency=10 \ | |
--image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} \ | |
--port=8000 \ | |
--cpu=1000m \ | |
--memory=1024Mi \ | |
--update-secrets=/etc/env/.env=sta-env-website-backend:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \ | |
--command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; /app/entrypoint.sh" \ | |
--allow-unauthenticated | |
- name: Get preview service url | |
id: preview-url | |
run: | | |
read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-website-preview \ | |
--format='value(status.url)' \ | |
--platform managed \ | |
--region ${{ secrets.REGION }}) | |
echo "url=${service_url}" >>$GITHUB_OUTPUT | |
website-pr-comment: | |
name: website-preview-link-comment | |
if: needs.check.outputs.run_website == 'true' | |
needs: [website] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
with: | |
script: | | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: 'website changes in this PR available for preview [here](${{ needs.website.outputs.url }})' | |
}) |