Skip to content

Commit

Permalink
Merge pull request #3 from sr33hari/staging
Browse files Browse the repository at this point in the history
updated google service account credentials mechanism and added terraform config to deploy image and provision instance
  • Loading branch information
sr33hari authored Jul 9, 2024
2 parents 0b273d7 + 2d6e4fc commit addb1cc
Show file tree
Hide file tree
Showing 9 changed files with 451 additions and 36 deletions.
26 changes: 13 additions & 13 deletions .github/workflows/google-cloudrun-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -91,20 +91,20 @@ jobs:
- name: Build and Push Container
run: |-
docker build -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }}" ./
docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }}"
docker build -t "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.GAR_NAME }}/${{ env.SERVICE }}:${{ github.sha }}" ./
docker push "${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.GAR_NAME }}/${{ env.SERVICE }}:${{ github.sha }}"
# END - Docker auth and build

- name: Deploy to Cloud Run
id: deploy
uses: google-github-actions/deploy-cloudrun@v0
with:
service: ${{ env.SERVICE }}
region: ${{ env.REGION }}
# NOTE: If using a pre-built image, update the image name here
image: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }}
# - name: Deploy to Cloud Run
# id: deploy
# uses: google-github-actions/deploy-cloudrun@v0
# with:
# service: ${{ env.SERVICE }}
# region: ${{ env.REGION }}
# # NOTE: If using a pre-built image, update the image name here
# image: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}:${{ github.sha }}

# If required, use the Cloud Run url output in later steps
- name: Show Output
run: echo ${{ steps.deploy.outputs.url }}
# # If required, use the Cloud Run url output in later steps
# - name: Show Output
# run: echo ${{ steps.deploy.outputs.url }}
38 changes: 38 additions & 0 deletions .terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 0 additions & 10 deletions app.yaml

This file was deleted.

15 changes: 10 additions & 5 deletions main.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
from gspread.exceptions import SpreadsheetNotFound
from googleapiclient.http import MediaIoBaseDownload
from google.oauth2 import service_account
from google.auth import default
import gspread #library for google sheets
import pandas as pd
from sklearn.model_selection import train_test_split
Expand Down Expand Up @@ -66,7 +67,8 @@ def update_json_file_with_datasets(user_name):
json.dump(updated_data, json_file, indent=4)

def get_datasets_update(user_name, data):
creds = ServiceAccountCredentials.from_json_keyfile_name("circle-418602-8aee1aeb2f00.json",scope)
creds, _ = default()
# creds = ServiceAccountCredentials.from_json_keyfile_name("circle-418602-8aee1aeb2f00.json",scope)
gc = gspread.authorize(creds)
try:
sheet = gc.open('circle datasets').sheet1
Expand Down Expand Up @@ -109,8 +111,9 @@ def download_google_sheet_as_csv(file_id, local_file_path, credentials_json='cir
"""

# Authenticate and create the Drive v3 API client
credentials = service_account.Credentials.from_service_account_file(credentials_json, scopes=['https://www.googleapis.com/auth/drive.readonly'])
service = build('drive', 'v3', credentials=credentials)
creds, _ = default()
# credentials = service_account.Credentials.from_service_account_file(credentials_json, scopes=['https://www.googleapis.com/auth/drive.readonly'])
service = build('drive', 'v3', credentials=creds)

# Ensure the local directory exists
local_folder_path = local_file_path
Expand Down Expand Up @@ -158,7 +161,8 @@ def upload_file():
file_path = os.path.join('/tmp', file.filename)
file.save(file_path)

creds = ServiceAccountCredentials.from_json_keyfile_name("circle-418602-8aee1aeb2f00.json",scope)
creds, _ = default()
# creds = ServiceAccountCredentials.from_json_keyfile_name("circle-418602-8aee1aeb2f00.json",scope)
drive_service = build('drive', 'v3', credentials=creds)

file_metadata = {
Expand Down Expand Up @@ -619,7 +623,8 @@ def register():

@app.errorhandler(404)
def page_not_found(e):
return render_template('404.html'), 404
print("not found")
# return render_template('404.html'), 404


if __name__ == "__main__":
Expand Down
119 changes: 111 additions & 8 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,12 +1,115 @@
provider "google" {
project = "circle-425516"
region = "us-west2"
project = var.project_id
region = var.region
}

resource "google_storage_bucket" "my_bucket" {
name = "circle-terraform-bucket"
location = "US"
force_destroy = true
public_access_prevention = "enforced"
project = "circle-425516"
provider "google-beta" {
project = var.project_id
region = var.region
}

data "google_artifact_registry_repository" "existing_repo" {
provider = google-beta
project = var.project_id
location = var.region
repository_id = var.repository_id
}

resource "google_artifact_registry_repository" "my_repo" {
provider = google-beta
project = var.project_id
location = var.region
repository_id = var.repository_id
format = "DOCKER"
labels = {
env = "main"
}

count = length(data.google_artifact_registry_repository.existing_repo.repository_id) == 0 ? 1 : 0
}

resource "null_resource" "build_and_push_image" {
provisioner "local-exec" {
command = <<EOT
gcloud auth configure-docker ${var.region}-docker.pkg.dev
docker build -t ${var.region}-docker.pkg.dev/${var.project_id}/${var.repository_id}/circle-app:${var.image_tag} ./
docker push ${var.region}-docker.pkg.dev/${var.project_id}/${var.repository_id}/circle-app:${var.image_tag}
EOT
}
}

resource "google_compute_instance" "circle_instance" {
name = "circle-instance"
machine_type = "e2-custom-8-16384"
zone = var.zone

boot_disk {
auto_delete = true
device_name = "circle-instance"

initialize_params {
image = "projects/cos-cloud/global/images/cos-109-17800-218-69"
size = 50
type = "pd-balanced"
}

mode = "READ_WRITE"
}

can_ip_forward = false
deletion_protection = false
enable_display = false

labels = {
container-vm = "cos-109-17800-218-69"
goog-ec-src = "vm_add-tf"
}

metadata = {
gce-container-declaration = <<-EOF
spec:
containers:
- name: circle-instance
image: ${var.region}-docker.pkg.dev/${var.project_id}/${var.repository_id}/circle-app:${var.image_tag}
env:
- name: MONGO_URI
value: ${var.mongo_uri}
stdin: false
tty: false
restartPolicy: OnFailure
EOF
google-logging-enabled = "true"
}

network_interface {
network = "default"
subnetwork = "projects/${var.project_id}/regions/${var.region}/subnetworks/default"

access_config {
network_tier = "PREMIUM"
}
}

scheduling {
automatic_restart = true
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
}

service_account {
email = var.service_account_email
scopes = ["https://www.googleapis.com/auth/cloud-platform"]
}

shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}

tags = ["http-server", "https-server"]

depends_on = [null_resource.build_and_push_image]
}

Binary file modified static/images/.DS_Store
Binary file not shown.
Loading

0 comments on commit addb1cc

Please sign in to comment.