Updates to deploy workflow

Author: mkimberlin

.github/workflows/gradle-build-poc.yml

@@ -1,107 +1,104 @@
-name: Gradle Build & Deploy - POC
+name: Gradle Build & Deploy - Develop
 on:
   push:
     branches:
       # - 'develop'
-      - '2486-create-new-pipeline-for-updated-build-deployment'
-
+      - 'feature-2486/create-new-pipeline-for-updated-env'
+env:
+  HUSKY: 0
+  PROJECT_NUMBER: ${{ secrets.PROJECT_NUM }}
+  PROJECT_ID: ${{ secrets.PROJECT_ID }}
+  PROJECT_NAME: ${{ secrets.PROJECT_NAME }}
+  RUN_REGION: us-central1
+  SERVICE_NAME: checkins-develop
+  TARGET_URL: https://checkins-develop.objectcomputing.com
 jobs:
-  build:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Set up Node Stable
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+      - name: Set up Temurin 21
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: 21
+      - name: Cache Gradle packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+      - name: Run tests with Gradle
+        run: ./gradlew check
+  deploy:
     permissions:
-     id-token: 'write'
+      contents: 'read'
+      id-token: 'write'
     runs-on: ubuntu-latest
     environment:
       name: DEV-POC
-      # url: ${{ env.CLOUD_RUN_ADDRESS }}/
-    env:
-      PROJECT_NUMBER : ${{ secrets.PROJECT_NUM }}
-      PROJECT_ID: ${{ secrets.PROJECT_ID }}
-      PROJECT_NAME: ${{ secrets.PROJECT_NAME }}
-      RUN_REGION: us-central1
-      SERVICE_NAME: checkins-develop
+      url: ${{ env.TARGET_URL }}/
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - id: 'auth_with_gcp'
-        uses: 'google-github-actions/auth@v2'
-        with:
-          project_id: '${{secrets.PROJECT_NUM}}'
-          workload_identity_provider: '${{secrets.WORKLOAD_IDENTITY_PROVIDER}}'
-          service_account: '${{secrets.AUTOMATION_SERVICE_ACCOUNT}}'
-      - id: 'secrets'
-        uses: 'google-github-actions/get-secretmanager-secrets@v2'
-        with:
-          secrets: |-
-            cloud_run_address:${{secrets.PROJECT_NUM}}/CLOUD_RUN_ADDRESS
-            cloud_db_connection_name:${{secrets.PROJECT_NUM}}/CLOUD_DB_CONNECTION_NAME
-            connector_id:${{secrets.PROJECT_NUM}}/CONNECTOR_ID
       - name: Set up Node LTS
         uses: actions/setup-node@v4
         with:
-          node-version: '20'
-      - name: Set up JDK 21
+          node-version: '22'
+      - name: Set up Temurin 21
         uses: actions/setup-java@v4
         with:
           distribution: 'temurin' # See 'Supported distributions' for available options
           java-version: 21
-      - name: Cache SonarQube packages
-        uses: actions/cache@v4
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
       - name: Cache Gradle packages
         uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
           restore-keys: ${{ runner.os }}-gradle
-      - name: Validate Gradle wrapper
-        uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b
-      - name: Build with Gradle
-        uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+      - id: 'auth'
+        uses: 'google-github-actions/auth@v2'
         with:
-          arguments: assemble
-        env:
-          VITE_APP_API_URL: ${{steps.secrets.outputs.cloud_run_address}}
-      - name: Gradle runs tests
-        uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021
+          project_id: ${{ secrets.PROJECT_ID }}
+          workload_identity_provider: 'projects/832140020593/locations/global/workloadIdentityPools/github/providers/my-repo'
+      - id: 'secrets'
+        uses: 'google-github-actions/get-secretmanager-secrets@v2'
         with:
-          arguments: check
-#      - name: Do SonarQube checks
-#        uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021
-#        with:
-#          arguments: sonarqube --info
-#        env:
-#          GITHUB_TOKEN: ${{ secrets.GIT_HUB_TOKEN }}
-#          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-#          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      - name: Setup python
-        run: |
-          sudo apt-get install python2.7
-      - name: Export gcloud related env variable
-        run: export CLOUDSDK_PYTHON="/usr/bin/python2"
-      # Setup gcloud CLI
-      - uses: google-github-actions/setup-gcloud@v2
+          secrets: |-
+            cloud_run_address:${{secrets.PROJECT_NUM}}/CLOUD_RUN_ADDRESS
+            cloud_db_connection_name:${{secrets.PROJECT_NUM}}/CLOUD_DB_CONNECTION_NAME
+            connector_id:${{secrets.PROJECT_NUM}}/CONNECTOR_ID
+      - name: 'Set up Cloud SDK'
+        uses: google-github-actions/setup-gcloud@v2
         with:
-          version: "477.0.0"
-          # service_account_key: ${{ secrets.RUN_SA_KEY }}
-          # project_id: ${{ secrets.RUN_PROJECT }}
-      - name: Auth Configure Docker
+          version: '>= 363.0.0'
+      - name: 'Auth Configure Docker'
         run: |-
           gcloud --quiet auth configure-docker
       - name: Build the Docker image
         run: |-
+          ./gradlew assemble
           cd server
           docker build --tag "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" .
+        env:
+          VITE_APP_API_URL: ${{ env.TARGET_URL }}
       - name: Push the Docker image to Google Container Registry
-        run: |-
-          cd server
-          docker push "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA"
+        run: docker push "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA"
       - name: Deploy image to Cloud Run
         run: |-
           gcloud run deploy "$SERVICE_NAME" \
+            --quiet \
             --project "$PROJECT_ID" \
             --region "$RUN_REGION" \
             --image "gcr.io/$PROJECT_ID/$SERVICE_NAME:$GITHUB_SHA" \
@@ -119,6 +116,10 @@ jobs:
             --set-secrets "SERVICE_ACCOUNT_CREDENTIALS=SERVICE_ACCOUNT_CREDENTIALS:latest" \
             --set-secrets "WEB_ADDRESS=CLOUD_RUN_ADDRESS:latest" \
             --set-secrets "MICRONAUT_ENVIRONMENTS=MICRONAUT_ENVIRONMENTS:latest" \
+            --set-env-vars "SLACK_WEBHOOK_URL=${{ secrets.SLACK_WEBHOOK_URL }}" \
+            --set-env-vars "SLACK_BOT_TOKEN=${{ secrets.SLACK_BOT_TOKEN }}" \
+            --set-env-vars "SLACK_SIGNING_SECRET=${{ secrets.SLACK_PULSE_SIGNING_SECRET }}" \
+            --set-env-vars "SLACK_KUDOS_CHANNEL_ID=${{ secrets.SLACK_KUDOS_CHANNEL_ID }}" \
             --platform "managed" \
             --max-instances 2 \
             --allow-unauthenticated