fix: working gcp cloud build guide and refactor others (#603)

Co-authored-by: Jye Cusch <[email protected]>

Author: davemooreuws

src/pages/guides/deploying/github-actions.mdx

@@ -3,141 +3,231 @@ export const description =
 
 # Deployment Automation with GitHub Actions and Nitric
 
-This guide will demonstrate how Nitric can be used, along with [GitHub Actions](https://github.com/features/actions), to create a continuous deployment pipeline. The actions in the example below target AWS, but can be modified to target Google Cloud or Microsoft Azure.
+This guide will demonstrate how Nitric can be used, along with [GitHub Actions](https://github.com/features/actions), to create a continuous deployment pipeline. We provide examples for deploying to AWS, Google Cloud, and Microsoft Azure, which you can adapt based on your preferred cloud provider.
 
 <Note>
   This guide assumes basic knowledge about GitHub Actions. If you're new to the
   feature you could start by reviewing [GitHub's
   docs](https://github.com/features/actions)
 </Note>
 
-## Workflow setup
+## Configuration
 
-To begin you'll need a Nitric project ready to be deployed. If you haven't created a project yet, take a look at the [quickstart guide](/getting-started/quickstart).
+1. **Prepare Your Nitric Project**<br />
+   Ensure you have a Nitric project ready to deploy. If you haven’t set up a project yet, refer to our [quickstart guide](/getting-started/quickstart).
 
-Next, we'll add a GitHub Actions workflow file to the project. This is where you'll configure the deployment automation steps. Create a yaml file in a `.github/` folder at the root of your project. The file can be named how you like, in our case we'll name it `deploy-aws.yaml`.
+2. **Add a GitHub Actions Workflow File**<br />
+   Create a YAML file in a `.github/` folder at the root of your project to configure the deployment automation steps. You can name the file according to your preference; for our examples, we use `deploy-aws.yaml`, `deploy-azure.yaml`, and `deploy-gcp.yaml`.
 
-Here is example content you can copy into your workflow file. In the next sections we'll breakdown what's happening in this file, so you can modify it as you see fit.
+Here’s example content for each cloud provider:
 
-```yaml {{ tag: ".github/deploy-aws.yaml" }}
+<CodeGroup>
+
+```yaml {{ title: "AWS", tag: ".github/deploy-aws.yaml" }}
 name: Example Nitric AWS Deployment
+
+# Triggers for the workflow
 on:
+  # Allows manual triggering of the workflow from GitHub
   workflow_dispatch:
+
+  # Triggers the workflow on push to the main branch
   push:
     branches:
       - main
+
 jobs:
   update:
-    name: Update Deployment
+    # The workflow will run on the latest Ubuntu OS
     runs-on: ubuntu-latest
+
     steps:
+      # Check out the code from the repository
       - name: Checkout 🛎️
         uses: actions/checkout@v4
 
+      # Install Pulumi for infrastructure management
+      # Learn more about the Pulumi action configuration at https://github.com/pulumi/actions.
       - name: Install and configure Pulumi 📦
         uses: pulumi/actions@v4
 
+      # Apply infrastructure using Nitric
+      # Learn more about the Nitric action configuration at https://github.com/nitrictech/actions.
       - name: Applying infrastructure 🚀
         uses: nitrictech/actions@v1
         with:
+          # The 'up' command deploys the project
           command: up
+
+          # Replace with your stack name
           stack-name: dev
         env:
+          # Configure the environment variables required by Nitric's dependency Pulumi and AWS.
+          # In this example, we store the required values in GitHub secrets. Secrets can be found by navigating to:
+          # https://github.com/{user}/{project}/settings/secrets/actions
+
+          # Pulumi config passphrase
+          # For interaction-free experiences, Pulumi requires a passphrase. Your passphrase generates a unique key that encrypts configuration and state values.
           PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
+
+          # Pulumi access token
+          # You can get a Pulumi access token by logging into Pulumi on the browser and going to your profile settings. Under the 'Access Tokens' tab, click 'Create token.'
           PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
+
+          # AWS access key ID
+          # You can obtain a key ID from the AWS console: https://console.aws.amazon.com/
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+
+          # AWS secret access key
+          # You can obtain an access key from the AWS console: https://console.aws.amazon.com/
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 ```
 
-## Breaking it down
+```yaml {{ title: "Azure", tag: ".github/deploy-azure.yaml" }}
+name: Example Nitric Azure Deployment
 
-Edit the config file and start by defining a name.
+# Triggers for the workflow
+on:
+  # Allows manual triggering of the workflow from GitHub
+  workflow_dispatch:
 
-```yaml
-name: Example Nitric AWS Deployment
-```
+  # Triggers the workflow on push to the main branch
+  push:
+    branches:
+      - main
+
+jobs:
+  update:
+    # The workflow will run on the latest Ubuntu OS
+    runs-on: ubuntu-latest
+
+    steps:
+      # Check out the code from the repository
+      - name: Checkout 🛎️
+        uses: actions/checkout@v4
+
+      # Install Pulumi for infrastructure management
+      # Learn more about the Pulumi action configuration at https://github.com/pulumi/actions.
+      - name: Install and configure Pulumi 📦
+        uses: pulumi/actions@v4
+
+      # Authenticate with Azure to allow deployment
+      - name: Authenticate with Azure 🔑
+        uses: azure/login@v1
+        with:
+          # Azure client ID from GitHub secrets
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+
+          # Azure tenant ID from GitHub secrets
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+
+          # Azure subscription ID from GitHub secrets
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      # Apply infrastructure using Nitric
+      # Learn more about the Nitric action configuration at https://github.com/nitrictech/actions.
+      - name: Applying infrastructure 🚀
+        uses: nitrictech/actions@v1
+        with:
+          # The 'up' command deploys the project
+          command: up
 
-### Setup the workflow trigger(s)
+          # Replace with your stack name
+          stack-name: dev
+        env:
+          # Configure the environment variables required by Nitric's dependency Pulumi and Azure.
+          # In this example, we store the required values in GitHub secrets. Secrets can be found by navigating to:
+          # https://github.com/{user}/{project}/settings/secrets/actions
+
+          # Pulumi config passphrase
+          # For interaction-free experiences, Pulumi requires a passphrase. Your passphrase generates a unique key that encrypts configuration and state values.
+          PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
+
+          # Pulumi access token
+          # You can get a Pulumi access token by logging into Pulumi on the browser and going to your profile settings. Under the 'Access Tokens' tab, click 'Create token.'
+          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
+
+          # Azure client ID
+          # You can obtain the client ID from Azure by creating a service principal or by navigating to the Azure portal.
+          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
 
-Triggers tell your workflow when to run.
+          # Azure tenant ID
+          # You can obtain the tenant ID from the Azure portal.
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
 
-- workflow_dispatch
-  - This trigger allows the workflow to be manually run from GitHub
-- push -> branches -> main
-  - This will trigger the workflow each time there is a push to the `main` branch
+          # Azure subscription ID
+          # You can obtain the subscription ID from the Azure portal.
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+```
 
-```yaml
+```yaml {{ title: "Google Cloud", tag: ".github/deploy-gcp.yaml" }}
+name: Example Nitric GCP Deployment
+
+# Triggers for the workflow
 on:
-  workflow_dispatch:
+  # Triggers the workflow on push to the main branch
   push:
     branches:
       - main
-```
-
-### Intialize your workflow
-
-Assign a name to the first job in the workflow and set which operating system the workflow will be run on.
 
-<Note>We suggest using `ubuntu-latest` as the runs-on value.</Note>
-
-```yaml
 jobs:
   update:
-    name: Update Deployment
+    # The workflow will run on the latest Ubuntu OS
     runs-on: ubuntu-latest
-```
 
-### Install Dependencies
+    steps:
+      # Check out the code from the repository
+      - name: Checkout 🛎️
+        uses: actions/checkout@v4
 
-This step installs Pulumi, allowing you to configure Pulumi settings such as `cloud-url`. You can read more about the Pulumi action configuration at https://github.com/pulumi/actions.
+      # Install Pulumi for infrastructure management
+      # Learn more about the Pulumi action configuration at https://github.com/pulumi/actions.
+      - name: Install and configure Pulumi 📦
+        uses: pulumi/actions@v4
 
-```yaml
-- name: Install and configure Pulumi 📦
-  uses: pulumi/actions@v4
-```
+      # Authenticate with Google Cloud to allow deployment
+      - name: Authenticate with Google 🔑
+        uses: google-github-actions/setup-gcloud@v0
+        with:
+          # Google Cloud service account key from GitHub secrets
+          service_account_key: ${{ secrets.GCP_KEY }}
 
-### Deploy the stack
-
-Finally, checkout your project and run the `up` command to deploy your project. In this example our project has a stack named `dev`. This job uses the official Nitric GitHub action. To learn more, check out the repository at https://github.com/nitrictech/actions.
-
-```yaml
-- name: Applying infrastructure 🚀
-  uses: nitrictech/actions@v1
-  with:
-    command: up
-    stack-name: dev
-  env:
-    PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
-    PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
-    AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-    AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-```
+          # Google Cloud project ID from environment variables
+          project_id: ${{ env.PROJECT_ID }}
 
-### Environment variables
-
-Configure the environment variables required by Nitric's dependency Pulumi and AWS. In this example we store the required values in GitHub secrets. Secrets can be found by navigating to `https://github.com/{user}/{project}/settings/secrets/actions`.
-
-- PULUMI_ACCESS_TOKEN
-  - You can get a pulumi access token by logging into Pulumi on the browser and going to your profile settings. Under the 'Access Tokens' tab click 'Create token'.
-- PULUMI_CONFIG_PASSPHRASE
-  - For interaction free experiences, Pulumi also requires a passphrase to be configured. Your passphrase is used to generate a unique key which encrypts configuration and state values.
-- AWS_ACCESS_KEY_ID
-  - You can obtain an ID key from the [AWS console](https://console.aws.amazon.com/).
-- AWS_SECRET_ACCESS_KEY
-  - You can obtain an access key from the [AWS console](https://console.aws.amazon.com/).
-
-```yaml
-env:
-  PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
-  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
-  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-```
+          # Export default credentials for Google Cloud
+          export_default_credentials: true
+
+      # Apply infrastructure using Nitric
+      # Learn more about the Nitric action configuration at https://github.com/nitrictech/actions.
+      - name: Applying infrastructure 🚀
+        uses: nitrictech/actions@v1
+        with:
+          # The 'up' command deploys the project
+          command: up
 
-## Examples
+          # Replace with your stack name
+          stack-name: dev
+        env:
+          # Configure the environment variables required by Nitric's dependency Pulumi and Google Cloud.
+          # In this example, we store the required values in GitHub secrets. Secrets can be found by navigating to:
+          # https://github.com/{user}/{project}/settings/secrets/actions
+
+          # Pulumi config passphrase
+          # For interaction-free experiences, Pulumi requires a passphrase. Your passphrase generates a unique key that encrypts configuration and state values.
+          PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
 
-Below are some example workflows available in the [actions repo](https://github.com/nitrictech/actions):
+          # Pulumi access token
+          # You can get a Pulumi access token by logging into Pulumi on the browser and going to your profile settings. Under the 'Access Tokens' tab, click 'Create token.'
+          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
+
+          # Google Cloud service account key
+          # You can obtain a service account key from the Google Cloud Console.
+          GCP_KEY: ${{ secrets.GCP_KEY }}
+
+          # Google Cloud project ID
+          # You can obtain the project ID from the Google Cloud Console.
+          PROJECT_ID: ${{ env.PROJECT_ID }}
+```
 
-- [AWS](https://github.com/nitrictech/actions/blob/main/examples/aws.yaml)
-- [Azure](https://github.com/nitrictech/actions/blob/main/examples/azure.yaml)
-- [Google Cloud](https://github.com/nitrictech/actions/blob/main/examples/gcp.yaml)
+</CodeGroup>