From f571842f92409a3c2f76eda4f1c36729651db4f7 Mon Sep 17 00:00:00 2001
From: Viktor Lidholt <viktorlidholt@gmail.com>
Date: Mon, 13 Mar 2023 18:02:20 +0100
Subject: [PATCH] Adds Terraform and deployment code

---
 .github/workflows/deployment-gcp.yml          | 88 +++++++++++++++++++
 .gitignore                                    |  1 +
 .../gcp/terraform/config.auto.tfvars          | 15 ++++
 gcp_demo_server/gcp/terraform/main.tf         | 65 ++++++++++++++
 gcp_demo_server/gcp/terraform/variables.tf    | 39 ++++++++
 5 files changed, 208 insertions(+)
 create mode 100644 .github/workflows/deployment-gcp.yml
 create mode 100644 gcp_demo_server/gcp/terraform/config.auto.tfvars
 create mode 100644 gcp_demo_server/gcp/terraform/main.tf
 create mode 100644 gcp_demo_server/gcp/terraform/variables.tf

diff --git a/.github/workflows/deployment-gcp.yml b/.github/workflows/deployment-gcp.yml
new file mode 100644
index 0000000..96820da
--- /dev/null
+++ b/.github/workflows/deployment-gcp.yml
@@ -0,0 +1,88 @@
+name: Deploy to GCP
+on:
+  push:
+    branches: [ deployment-gcp-production, deployment-gcp-staging ]
+  workflow_dispatch:
+    inputs:
+      target:
+        description: 'Target'
+        required: true
+        default: 'production'
+        type: choice
+        options:
+          - 'staging'
+          - 'production'
+
+env:
+  PROJECT: serverpod-deployment-demo # TODO: update Google Cloud project id
+  REGION: us-central1 # TODO: update Cloud Run service region
+  ZONE: us-central1-c # TODO: Template
+
+jobs:
+  deploy:
+    name: Deploy to Google Cloud Run
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Setting Target Mode from Input
+        if: ${{ github.event.inputs.target != '' }}
+        run: echo "TARGET=${{ github.event.inputs.target }}" >> $GITHUB_ENV
+
+      - name: Setting Target mode based on branch
+        if: ${{ github.event.inputs.target == '' }}
+        run: echo "TARGET=${GITHUB_REF##*-}" >> $GITHUB_ENV
+
+      - name: Set repository
+        run: echo "REPOSITORY=serverpod-${{ env.TARGET }}-container" >> $GITHUB_ENV
+
+      - name: Set Image Name
+        run: echo "IMAGE_NAME=serverpod" >> $GITHUB_ENV
+
+      - name: Set Service Name
+        run: echo "SERVICE_NAME=$(echo $IMAGE_NAME | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_ENV
+
+      - name: Test
+        run: echo $SERVICE_NAME
+
+
+      - id: "auth"
+        name: "Authenticate to Google Cloud"
+        uses: "google-github-actions/auth@v1"
+        with:
+          credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}"
+
+      - name: Create passwords file
+        working-directory: gcp_server
+        shell: bash
+        env:
+          SERVERPOD_PASSWORDS: ${{ secrets.SERVERPOD_PASSWORDS }}
+        run: |
+          pwd
+          echo "$SERVERPOD_PASSWORDS" > config/passwords.yaml
+          ls config/
+
+      - name: Configure Docker
+        run: gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev
+
+      - name: Build the Docker image
+        run: "cd gcp_server && docker build -t $IMAGE_NAME . --build-arg mode=$TARGET"
+
+      - name: Tag the Docker image
+        run: docker tag $IMAGE_NAME ${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT }}/${{ env.REPOSITORY }}/$IMAGE_NAME
+
+      - name: Push Docker image
+        run: docker push ${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT }}/${{ env.REPOSITORY }}/$IMAGE_NAME
+
+      # - name: Restart servers in instance group
+      #   run: |
+      #     gcloud compute instance-groups managed rolling-action replace serverpod-${{ env.TARGET }}-group \
+      #      --project=${{ env.PROJECT }} \
+      #      --replacement-method='substitute' \
+      #      --max-surge=1 \
+      #      --max-unavailable=1 \
+      #      --zone=${{ env.ZONE }}
diff --git a/.gitignore b/.gitignore
index 8ed6122..55069e8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ gcp_demo_flutter/windows
 gcp_demo_flutter/android
 gcp_demo_flutter/ios
 credentials.json
+gcp_demo_server/gcp/terraform/.terraform
diff --git a/gcp_demo_server/gcp/terraform/config.auto.tfvars b/gcp_demo_server/gcp/terraform/config.auto.tfvars
new file mode 100644
index 0000000..22bc2bc
--- /dev/null
+++ b/gcp_demo_server/gcp/terraform/config.auto.tfvars
@@ -0,0 +1,15 @@
+# The Project ID from the Google Cloud Console.
+project = "serverpod-deployment-demo"
+
+# The service account email address authorized by your Google Cloud Console.
+service_account_email = "serverpod-demo@serverpod-deployment-demo.iam.gserviceaccount.com"
+
+# The name of your DNS zone.
+dns_managed_zone = "examplepod"
+
+# The top domain of your DNS zone.
+top_domain = "examplepod.com"
+
+# The region and zone to use for the deployment. Default values work.
+region = "us-central1"
+zone = "us-central1-c"
diff --git a/gcp_demo_server/gcp/terraform/main.tf b/gcp_demo_server/gcp/terraform/main.tf
new file mode 100644
index 0000000..80199a2
--- /dev/null
+++ b/gcp_demo_server/gcp/terraform/main.tf
@@ -0,0 +1,65 @@
+# Set up and configure Terraform and the Google Cloud provider.
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "4.51.0"
+    }
+  }
+}
+
+provider "google" {
+  credentials = file("credentials.json")
+
+  project = var.project
+  region  = var.region
+  zone    = var.zone
+}
+
+# Add a Serverpod module configured for production. Full documentation is
+# available at https://github.com/serverpod/google_cloud_serverpod_gce
+module "serverpod_production" {
+  # References the Serverpod module from GitHub.
+  source = "github.com/serverpod/google_cloud_serverpod_gce?ref=dev"
+
+  # Required parameters.
+  project = var.project
+  service_account_email = var.service_account_email
+
+  runmode = "production"
+
+  region = var.region
+  zone   = var.zone
+
+  dns_managed_zone = var.dns_managed_zone
+  top_domain = var.top_domain
+
+  # Size of the auto scaling group.
+  autoscaling_min_size = 1
+  autoscaling_max_size = 2
+  
+  database_password = var.DATABASE_PASSWORD_PRODUCTION
+
+  # Makes it possible to SSH into the individual server instances.
+  enable_ssh = true
+}
+
+# module "serverpod_staging" {
+#   source = "./modules/serverpod"
+#   count  = var.enable_staging ? 1 : 0
+
+#   project = var.project
+#   runmode = "staging"
+
+#   region = var.region
+#   zone   = var.zone
+
+#   top_domain = "examplepod.com"
+
+#   autoscaling_min_size = var.autoscaling_min_size
+#   autoscaling_max_size = var.autoscaling_max_size
+
+#   service_account_email = var.service_account_email
+
+#   database_password = var.DATABASE_PASSWORD_STAGING
+# }
\ No newline at end of file
diff --git a/gcp_demo_server/gcp/terraform/variables.tf b/gcp_demo_server/gcp/terraform/variables.tf
new file mode 100644
index 0000000..06fd73c
--- /dev/null
+++ b/gcp_demo_server/gcp/terraform/variables.tf
@@ -0,0 +1,39 @@
+# Project setup.
+
+variable "project" {
+  type = string
+}
+
+variable "service_account_email" {
+  type    = string
+}
+
+variable "dns_managed_zone" {
+  type    = string
+}
+
+variable "top_domain" {
+  type    = string
+}
+
+variable "region" {
+  type    = string
+  default = "us-central1"
+}
+
+variable "zone" {
+  type    = string
+  default = "us-central1-c"
+}
+
+# Database
+
+variable "DATABASE_PASSWORD_PRODUCTION" {
+  description = "The production database password, you can find it in the config/passwords.yaml file."
+  type        = string
+}
+
+variable "DATABASE_PASSWORD_STAGING" {
+  description = "The staging database password, you can find it in the config/passwords.yaml file (no need to specify if you aren't deployning a staging environment)."
+  type        = string
+}