publicWagsHome/modules
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

use github action instead of script to run new builds

Browse Source
This commit is contained in:
Benjamin
2024-12-13 13:24:58 -06:00
parent ee83bb263d
commit 58ab39439e
3 changed files with 18 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
.github/scripts/deploy-registry.sh vendored
View File

@@ -1,37 +0,0 @@
#!/usr/bin/env bash
set -o pipefail
set -u
VERBOSE="${VERBOSE:-0}"
if [[ "${VERBOSE}" -ne "0" ]]; then
set -x
fi
# List of required environment variables
required_vars=(
"GCLOUD_API_KEY"
"GCLOUD_PROD_DEPLOY_SECRET"
"GCLOUD_DEV_DEPLOY_SECRET"
)
# Check if each required variable is set
for var in "${required_vars[@]}"; do
if [[ -z "${!var:-}" ]]; then
echo "Error: Environment variable '$var' is not set."
exit 1
fi
done
# Trigger a build for dev
# DONT EVER SET ANY FLAGS THAT MIGHT PRINT THE URL, AS IT HAS SECRETS IN IT
curl -X POST "https://cloudbuild.googleapis.com/v1/projects/coder-registry-1/triggers/http-build-registry-v2-dev:webhook?key=${GCLOUD_API_KEY}&secret=${GCLOUD_DEV_DEPLOY_SECRET}" \
-H "Content-Type: application/json" \
-d '{}' \
--fail
# Trigger a build for prod
# DONT EVER SET ANY FLAGS THAT MIGHT PRINT THE URL, AS IT HAS SECRETS IN IT
curl -X POST "https://cloudbuild.googleapis.com/v1/projects/coder-registry-1/triggers/http-build-registry-v2-trigger:webhook?key=${GCLOUD_API_KEY}&secret=${GCLOUD_PROD_DEPLOY_SECRET}" \
-H "Content-Type: application/json" \
-d '{}' \
--fail

23
.github/workflows/deploy-registry.yaml vendored
View File

@@ -5,9 +5,6 @@ on:
branches: branches:
- main - main
pull_request:
workflow_dispatch:
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@@ -15,11 +12,19 @@ jobs:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Run deploy-registry.sh - name: Authenticate to Google Cloud
uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f
with:
workload_identity_provider: projects/309789351055/locations/global/workloadIdentityPools/github-actions/providers/github
service_account: registry-v2-github@coder-registry-1.iam.gserviceaccount.com
- name: Set up Google Cloud SDK
uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a
# For the time being, let's have the first couple merges to main in modules deploy a new version
# to *dev*. Once we review and make sure everything's working, we can deploy a new version to *main*.
# Maybe in the future we could automate this based on the result of E2E tests.
- name: Deploy to dev.registry.coder.com
run: | run: |
./.github/scripts/deploy-registry.sh gcloud builds triggers run 29818181-126d-4f8a-a937-f228b27d3d34 --branch dev
env:
GCLOUD_API_KEY: ${{ secrets.GCLOUD_API_KEY }}
GCLOUD_PROD_DEPLOY_SECRET: ${{ secrets.GCLOUD_PROD_DEPLOY_SECRET }}
GCLOUD_DEV_DEPLOY_SECRET: ${{ secrets.GCLOUD_DEV_DEPLOY_SECRET }}

5
.gitignore vendored
View File

@@ -1,4 +1,7 @@
.terraform* .terraform*
node_modules node_modules
*.tfstate *.tfstate
*.tfstate.lock.info *.tfstate.lock.info
# Ignore generated credentials from google-github-actions/auth
gha-creds-*.json