try adding compute admin perms to svc acct pt 3: didn't push i guess #5
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Docker Build, Push, and Update | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - automate-docker-update | |
| # release: | |
| # types: [published] | |
| # This job uses RafikFarhad's GitHub action to build and | |
| # push a docker image to a specified GCP repository | |
| jobs: | |
| # build-and-push-to-gcr: | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v3 | |
| # with: | |
| # fetch-depth: 0 # to get all tags | |
| # - name: Generate Image Tag | |
| # id: get-tag | |
| # run: | | |
| # REV=$(git rev-list --tags --max-count=1) | |
| # IMAGE_TAG=$(git describe --tags $REV) | |
| # echo "IMAGE_TAG=${IMAGE_TAG//v}" | |
| # echo "IMAGE_TAG=${IMAGE_TAG//v}" >> $GITHUB_OUTPUT | |
| # - name: Build and Push Image | |
| # uses: RafikFarhad/push-to-gcr-github-action@v5-beta | |
| # with: | |
| # gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }} # not needed if you use google-github-actions/auth | |
| # registry: us-central1-docker.pkg.dev | |
| # project_id: monarch-initiative | |
| # image_name: monarch-api/monarch-api | |
| # # image_tag: latest, ${{ steps.get-tag.outputs.IMAGE_TAG }}, ${{ github.sha }} | |
| # image_tag: test, ${{ github.sha }} | |
| # dockerfile: ./backend/Dockerfile | |
| update-gcp-services: | |
| runs-on: ubuntu-latest | |
| # needs: build-and-push-to-gcr | |
| steps: | |
| # gcloud compute ssh monarch-v3-api-manager -- sudo docker service update monarch-v3_api --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-api:${COMMIT_HASH} | |
| # repeat for monarch-v3_nginx and monarch-ui | |
| - id: "auth" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}" | |
| - name: "Set up Cloud SDK" | |
| uses: "google-github-actions/setup-gcloud@v1" | |
| with: | |
| version: ">= 447.0.0" | |
| - name: Check iam permissions | |
| run: | | |
| gcloud projects get-iam-policy monarch-initiative | |
| - name: "Update API Service" | |
| # gcloud compute ssh --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_api --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-api:${{ github.sha }} | |
| run: | | |
| gcloud compute ssh --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_api --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-api:test | |