FIX: remove dependency on database connection (#68)

* DEL: delete file

* ADD: prod configurations

* UPD:cd workflow with variable names

* UPD:remove workflow dependency on database connection

Author: NewerKey

.github/workflows/cd-workflow.yaml

@@ -1,11 +1,12 @@
-
 name: Deploy backstage
+
 on:
-  workflow_run:
-    workflows: 
-      - CI Workflow
-    types:
-      - completed
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
 
 jobs:
   create-and-push-image:
@@ -21,27 +22,32 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+
       - id: 'setup-qemu'
         name: Set up QEMU
         uses: docker/setup-qemu-action@v3
+
       - id: 'docker-buildx-setup'
         name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
+
       - name: 'Authenticate to Google Cloud'
         id: 'auth'
         uses: 'google-github-actions/auth@v2'
         with:
           create_credentials_file: true
           token_format: "access_token"
-          workload_identity_provider: 'projects/1006240973223/locations/global/workloadIdentityPools/deploy-backstage/providers/github-actions'
-          service_account: '[email protected]'
+          workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ secrets.GCP_DEPLOY_SA }}
+
       - name: "Login to GAR"
         id: 'login-gar'
         uses: docker/login-action@v3
         with:
-          registry: europe-west10-docker.pkg.dev/code-idp/backstage-deploy
+          registry: ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_GAR_REPO }}
           username: oauth2accesstoken
           password: ${{ steps.auth.outputs.access_token }}
+
       - id: 'build-and-push'
         name: 'Build and Push docker Image'
         uses: docker/build-push-action@v5
@@ -50,46 +56,48 @@ jobs:
           context: .
           file: ./Dockerfile
           platforms: linux/amd64
-          tags: europe-west10-docker.pkg.dev/code-idp/backstage-deploy/backstage-image:${{ github.sha }}
+          tags: ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_GAR_REPO }}/backstage-image:${{ github.sha }}
           build-args: |
             APP_ENV=docker
+
+
   deploy-image:
     permissions:
       id-token: write
       contents: read
+
     name: "Deploy image on cloud run"
     runs-on: ubuntu-latest
     defaults:
       run:
         shell: bash
     needs: create-and-push-image
+
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+
       - id: 'auth'
         name: 'Authenticate to Google Cloud'
         uses: 'google-github-actions/auth@v2'
         with:
           create_credentials_file: true
-          workload_identity_provider: 'projects/1006240973223/locations/global/workloadIdentityPools/deploy-backstage/providers/github-actions'
-          service_account: '[email protected]'
-      - id: 'deploy'
+          workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ secrets.GCP_DEPLOY_SA }}
+
+      - name: Deploy to Cloud Run
+        id: 'deploy'
         uses: 'google-github-actions/deploy-cloudrun@v2'
         with:
-          service: 'backstage-deployment'
-          image: 'europe-west10-docker.pkg.dev/code-idp/backstage-deploy/backstage-image:${{ github.sha }}'
-          region: europe-west1
-          flags: '--port=7007 --add-cloudsql-instances=code-idp:europe-west10:backstage-pg'
-          env_vars: |
-            POSTGRES_HOST=/cloudsql/code-idp:europe-west10:backstage-pg
-            POSTGRES_PORT=5432
-            POSTGRES_USER=postgres
-            BASE_URL=https://backstage.foundations-software-engineering.com
+          service: ${{ secrets.GCP_CLOUD_RUN_SERVICE }}
+          image: ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_GAR_REPO }}/backstage-image:${{ github.sha }}
+          region: ${{ secrets.GCP_REGION }}
+          flags: '--platform managed --allow-unauthenticated --port=7007'
           secrets: |-
-            POSTGRES_PASSWORD=postgres-password:latest
             GITHUB_TOKEN=github_token:latest
+            GITLAB_TOKEN=gitlab_token:latest
             GOOGLE_CLIENT_ID=google_client_id:latest
             GOOGLE_CLIENT_SECRET=google_client_secret:latest
-            GITHUB_CLIENT_SECRET=github_client_secret:latest
-            GITHUB_CLIENT_ID=github_client_id:latest
+            PROD_GITHUB_CLIENT_SECRET=github_client_secret:latest
+            PROD_GITHUB_CLIENT_ID=github_client_id:latest
             

.github/workflows/delete-old-branches.yml

@@ -1,9 +1,17 @@
 app:
-  baseUrl: prodlink
+  baseUrl: https://backstage.code-idp.com
 
 backend:
-  baseUrl: prodlink
+  baseUrl: https://backstage.code-idp.com
   cors:
-    origin: prodlink
+    origin: https://backstage.code-idp.com
     methods: [GET, HEAD, PATCH, POST, PUT, DELETE]
-    credentials: true
+    credentials: true
+
+auth:
+  environment: production
+  providers:
+    github:
+      production:
+        clientId: ${PROD_GITHUB_CLIENT_ID}
+        clientSecret: ${PROD_GITHUB_CLIENT_SECRET}