deployment

Author: daimor

.github/workflows/deployment.yml

@@ -0,0 +1,124 @@
+name: Cloud Run Deploy
+
+on:
+  workflow_call:
+    inputs:
+      name:
+        description: 'Domain name of deployment, before `.demo.community.intersystems.com`'
+        required: true
+        type: string
+    secrets:
+      SERVICE_ACCOUNT_KEY:
+        required: true
+  workflow_dispatch:
+    inputs:
+      repository:
+        description: 'Deploying repository'
+        required: true
+        type: string
+      ref:
+        description: 'Branch Name in deploying repository'
+        required: true
+        type: choice
+        default: main
+        options:
+          - master
+          - main
+      name:
+        description: 'Domain name of deployment, before `.demo.community.intersystems.com`'
+        required: true
+        type: string
+
+env:
+  # Change this section according to your needs
+  IMAGE_NAME:   ${{ inputs.name }}
+  SERVICE:      ${{ inputs.name }}
+  DOMAIN_NAME:  ${{ inputs.name }}.demo.community.intersystems.com
+
+# Leave this section untouched
+  PROJECT_ID:   iris-community-demos
+  CLUSTER_NAME: demo
+  GITHUB_SHA:   ${{ github.sha }}
+  GCR_LOCATION: eu.gcr.io
+  REGION:       europe-west2
+  NAMESPACE:    demo
+
+jobs:
+  deploy-cloud-run:
+    if: github.event.repository.fork == false && github.event.repository.is_template == false
+    name: Deploy to Cloud Run
+    runs-on: ubuntu-20.04
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+      with:
+        repository: ${{ inputs.repository }}
+        ref: ${{ inputs.ref }}
+
+    - name: 'Cloud Auth'
+      uses: 'google-github-actions/auth@v0'
+      with:
+        credentials_json: '${{ secrets.SERVICE_ACCOUNT_KEY }}'
+
+    - name: Setup Cloud SDK
+      uses: google-github-actions/[email protected]
+
+    - name: Authorize Docker push
+      run: |
+        gcloud auth list
+        gcloud auth configure-docker
+
+    - name: Build and Push image
+      run: |
+        docker buildx build -t ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA} --push .
+
+    - name: Deploy to Cloud Run
+      run: |
+        echo "[INFO] Set google project..."
+        gcloud config set project ${PROJECT_ID}
+
+        echo "[INFO] Deploy service..."
+        gcloud run deploy ${SERVICE}   \
+          --platform gke               \
+          --cluster ${CLUSTER_NAME}    \
+          --cluster-location ${REGION} \
+          --namespace ${NAMESPACE}     \
+          --port 52773                 \
+          --min-instances 1            \
+          --memory 512Mi               \
+          --timeout 300                \
+          --verbosity debug            \
+          --image ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA}
+
+        echo "[INFO] Create domain mappings..."
+        if [[ $(gcloud run domain-mappings list --platform gke --cluster ${CLUSTER_NAME} --cluster-location ${REGION} --namespace ${NAMESPACE} --filter "DOMAIN=${DOMAIN_NAME}" | grep -v DOMAIN | wc -l) == 0 ]]; then
+          gcloud run domain-mappings create \
+            --service ${SERVICE}            \
+            --platform gke                  \
+            --cluster ${CLUSTER_NAME}       \
+            --cluster-location ${REGION}    \
+            --namespace ${NAMESPACE}        \
+            --verbosity debug               \
+            --domain ${DOMAIN_NAME}
+        fi
+
+    - name: Create domain name
+      run: |
+        gcloud container clusters get-credentials ${CLUSTER_NAME} --region ${REGION} --project ${PROJECT_ID}
+        kubectl version
+        echo "[INFO] Checking if [${DOMAIN_NAME}] is in the existing Ingress annotation..."
+        CURRENT_DOMAINS_LIST=$(kubectl -n gke-system get svc istio-ingress -o jsonpath="{.metadata.annotations['external-dns\.alpha\.kubernetes\.io/hostname']}")
+        if [[ $(echo ${CURRENT_DOMAINS_LIST} | grep -w "${DOMAIN_NAME}" | wc -c) -eq 0 ]]; then \
+          echo "[INFO] Domain [${DOMAIN_NAME}] is ABSENT in the domains list. Adding...";       \
+          kubectl -n gke-system annotate --overwrite svc istio-ingress external-dns\.alpha\.kubernetes\.io/hostname=${CURRENT_DOMAINS_LIST},${DOMAIN_NAME}; \
+          echo -n "[INFO] Resulting domain names: "
+          kubectl -n gke-system get svc istio-ingress -o jsonpath="{.metadata.annotations['external-dns\.alpha\.kubernetes\.io/hostname']}"
+        else
+          echo "[INFO] Domain [${DOMAIN_NAME}] is in the domains list. Leave untouched...";     \
+        fi
+
+    - name: Enable TLS-access
+      run: |
+        gcloud container clusters get-credentials ${CLUSTER_NAME} --region ${REGION} --project ${PROJECT_ID}
+        kubectl version
+        kubectl patch configmap config-domainmapping -n knative-serving -p '{"data":{"autoTLS":"Enabled"}}'

README.md

@@ -1,23 +1,26 @@
-InterSystems Demo Deployment action
+InterSystems Demo Deployment
 ===
 
-
 Usage
 ==
 
+In your repository create file `.github/workflows/deploy.yml` with content. Replace `<name-of-demo>` with the domain name, which will be used before `.demo.community.intersystems.com`. Ask for deployment key and set it to secrets as `SERVICE_ACCOUNT_KEY`
+
 ```yaml
+name: Cloud Run Deploy
+
 on:
   push:
     branches:
-      - master
-      - main
+    - master
+    - main
+  workflow_dispatch:
+
 jobs:
   deploy:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Deploy Demo
-        if: github.event.repository.fork == false && github.event.repository.is_template == false
-        uses: intersystems-community/demo-deployment@master
-        with:
-          name: demo
+    uses: intersystems-community/demo-deployment/.github/workflows/deployment.yml@master
+    with:
+      name: <name-of-demo>
+    secrets:
+      SERVICE_ACCOUNT_KEY: ${{ secrets.SERVICE_ACCOUNT_KEY }}
 ```