Merge pull request #27 from bhouston/merge-build-deploy

switch over to artifact registry, keep separate dockerizer-deploy steps.

.github/actions/deploy-cloud-run/action.yml

@@ -10,30 +10,32 @@ inputs:
   credentials_json:
     description: 'Google Cloud Service Account JSON'
     required: true
-  artifact_registry:
-    description: 'Artifact Registry'
-    required: false
+  gar_hostname:
+    description: 'Google Artifact Registry hostname'
+    required: true
     default: us-central1-docker.pkg.dev
+  rollbar_access_token:
+    description: 'Rollbar Access Token'
+    required: false
+    default: ''
 
 runs:
   using: 'composite'
   steps:
-    - id: 'auth'
-      name: gcloud auth
-      uses: google-github-actions/auth@v2
+    - uses: google-github-actions/auth@v2
       with:
         credentials_json: '${{ inputs.credentials_json }}'
 
-    - name: gcloud sdk
-      uses: google-github-actions/setup-gcloud@v2
+    - uses: google-github-actions/deploy-cloudrun@v2
       with:
-        skip_install: true
+        service: ${{ inputs.service_name }}
+        image: ${{ inputs.gar_hostname }}/${{ inputs.project_id }}/shared-docker-registry/${{ inputs.service_name }}:${{ github.sha }}
 
-    - name: gcloud run deploy
-      run: |
-        gcloud run deploy ${{ inputs.service_name }} \
-        --image ${{ inputs.artifact_registry }}/${{ inputs.project_id }}/docker-registry/${{ inputs.service_name }}:${{ github.sha }} \
-        --platform managed \
-        --region us-central1 \
-        --quiet
-      shell: bash
+    - uses: rollbar/github-deploy[email protected]
+      if: ${{ inputs.rollbar_access_token != '' }}
+      with:
+        environment: 'production'
+        version: ${{ github.sha }}
+      env:
+        ROLLBAR_ACCESS_TOKEN: ${{ inputs.rollbar_access_token }}
+        ROLLBAR_USERNAME: ${{ github.actor }}

.github/actions/dockerize/action.yml

@@ -1,4 +1,4 @@
-name: dockerize-and-deploy
+name: dockerize
 description: 'Build, Push Docker Container'
 inputs:
   project_id:
@@ -10,43 +10,52 @@ inputs:
   credentials_json:
     description: 'Google Cloud Service Account JSON'
     required: true
+  gar_hostname:
+    description: 'Google Artifact Registry hostname'
+    required: true
+    default: us-central1-docker.pkg.dev
   dockerfile:
     description: 'Location of Dockerfile'
     required: true
     default: ./Dockerfile
-  artifact_registry:
-    description: 'Artifact Registry'
+  secret_envs:
+    description: 'Secret environment variables'
     required: false
-    default: us-central1-docker.pkg.dev
 
 runs:
   using: 'composite'
   steps:
-    - id: 'auth'
-      name: gcloud auth
-      uses: google-github-actions/auth@v2
+    - run: nproc
+      shell: bash
+
+    - uses: google-github-actions/auth@v2
       with:
         credentials_json: '${{ inputs.credentials_json }}'
 
-    - name: gcloud sdk
-      uses: google-github-actions/setup-gcloud@v2
+    - uses: google-github-actions/setup-gcloud@v2
       with:
         skip_install: true
 
-    - name: gcloud configure docker
-      run: gcloud auth configure-docker ${{ inputs.artifact_registry }}
+    - run: gcloud auth configure-docker ${{ inputs.gar_hostname }}
       shell: bash
 
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+    - uses: docker/setup-buildx-action@v3
+
+    - run: |
+        if docker manifest inspect ${{ inputs.gar_hostname }}/${{ inputs.project_id }}/shared-docker-registry/${{ inputs.service_name }}:${{ github.sha }} > /dev/null; then
+          echo "Image exists. Skipping build and push."
+          echo "SKIP_BUILD=true" >> $GITHUB_ENV
+        else
+          echo "Image does not exist. Proceeding with build and push."
+          echo "SKIP_BUILD=false" >> $GITHUB_ENV
+        fi
+      shell: bash
 
-    # guide to docker caching: https://blacksmith.sh/blog/cache-is-king-a-guide-for-docker-layer-caching-in-github-actions
-    - name: Build and push
+    - if: env.SKIP_BUILD == 'false'
       uses: docker/build-push-action@v5
       with:
         context: .
         file: ${{ inputs.dockerfile }}
         push: true
-        tags: ${{ inputs.artifact_registry }}/${{ inputs.project_id }}/docker-registry/${{ inputs.service_name }}:${{ github.sha }}
-        cache-from: type=registry,ref=${{ inputs.artifact_registry }}/${{ inputs.project_id }}/docker-registry/${{ inputs.service_name }}/app:buildcache
-        cache-to: type=registry,ref=${{ inputs.artifact_registry }}/${{ inputs.project_id }}/docker-registry/${{ inputs.service_name }}/app:buildcache,mode=max
+        tags: ${{ inputs.gar_hostname }}/${{ inputs.project_id }}/shared-docker-registry/${{ inputs.service_name }}:${{ github.sha }}
+        build-args: ${{ inputs.secret_envs }}

.github/workflows/ci.yml

@@ -43,16 +43,30 @@ jobs:
       - name: npm run lint:check
         run: npm run lint:check
 
-  dockerize-and-deploy:
-    name: dockerize-and-deploy
+  dockerize:
     runs-on: ubuntu-latest
-    needs: [test, lint, build]
     steps:
-      - name: git checkout
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Dockerize
+        uses: ./.github/actions/dockerize
+        with:
+          credentials_json: ${{ secrets.GCP_SA_KEY }}
+          project_id: ${{ env.PROJECT_ID }}
+          service_name: ${{ env.SERVICE_NAME }}
+          dockerfile: ./Dockerfile
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: [test, lint, build, dockerize]
+    if: ${{ github.ref == 'refs/heads/main' }}
+    steps:
+      - name: Checkout
         uses: actions/checkout@v4
 
-      - name: prepare docker and deploy
-        uses: ./.github/actions/dockerize-and-deploy
+      - name: Deploy
+        uses: ./.github/actions/deploy-cloud-run
         with:
           credentials_json: ${{ secrets.GCP_SA_KEY }}
           project_id: ${{ env.PROJECT_ID }}