.github/workflows/prod-deploy.yml

name: Deploy and make release

on:
  push:
    tags:
      - '*'

jobs:
  deploy:
    permissions:
      contents: 'read'
      id-token: 'write'

    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
      # Authenticate and setup SDK
      - id: auth
        uses: 'google-github-actions/auth@v1'
        with:
          workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
          service_account: ${{ secrets.SERVICE_ACCOUNT }}
          token_format: 'access_token'
      - name: Set up Cloud SDK
        uses: 'google-github-actions/setup-gcloud@v1'
      - name: Get gcloud information
        run: gcloud info
      # Cloud Build + Cloud Run
      - name: Extract tag name
        id: tagname
        run: echo "TAG_NAME=${GITHUB_REF/refs\/tags\//}" > $GITHUB_ENV
      - name: Submit to Cloud Build
        id: cloudbuild
        run: |
          gcloud builds submit --config deploy/gcp/cloudbuild.yml --substitutions=TAG_NAME=${{ env.TAG_NAME }}
          echo "GCR_TAG=gcr.io/${{ secrets.PROJECT_ID }}/migas-server:${{ env.TAG_NAME }}" > $GITHUB_ENV
      - name: Create environment file for Cloud Run
        run: echo "${{ secrets.CLOUD_RUN_ENV_FILE }}" > .env
      - name: Deploy to Cloud Run
        id: cloudrun
        run: |
          gcloud run deploy migas-server \
            --region=us-central1 \
            --image=${{ env.GCR_TAG }} \
            --platform=managed \
            --min-instances=1 \
            --max-instances=3 \
            --ingress=all \
            --allow-unauthenticated \
            --set-cloudsql-instances=${{ secrets.SQL_INSTANCE_NAME }} \
            --memory=512Mi \
            --cpu=2 \
            --args=--host,0.0.0.0,--port,8080,--proxy-headers,--header,X-Backend-Server:migas \
            --cpu-throttling \
            --env-vars-file=.env
      - name: Cleanup env file
        run: rm -f .env

  release:
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
    runs-on: ubuntu-latest
    needs: deploy
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ github.ref }}
      - name: Create GitHub release from annotated tag
        uses: spenserblack/actions-tag-to-release@v1.1.0
        with:
          prerelease: auto
          prerelease-pattern: '*rc*'