Skip to content

refactor: 🔥 tear down to absolute basics #2

refactor: 🔥 tear down to absolute basics

refactor: 🔥 tear down to absolute basics #2

Workflow file for this run

name: Surface Demo CICD
on:
push:
branches:
- main
jobs:
test:
name: "Test"
runs-on: ubuntu-latest
env:
JWT_SECRET: "test.fake.secret"
steps:
- uses: actions/checkout@v4
- uses: oven-sh/setup-bun@v1
- name: "Bun test"
run: |
bun install
bunx tsr generate
bun test
docker:
needs: test
name: "Docker Build & Publish to AR"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: google-github-actions/setup-gcloud@v2
- uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.GCP_CICD_KEY }}"
- name: "Auth to AR"
run: gcloud auth configure-docker us-east4-docker.pkg.dev
- name: "Push to AR"
run: |
docker build . \
-f Dockerfile.node \
-t ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6} \
-t ${{ secrets.GCP_AR_PATH }}/app:latest
docker push ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}
docker push ${{ secrets.GCP_AR_PATH }}/app:latest
deploy:
name: "Deploy on Cloud Run"
runs-on: ubuntu-latest
needs: docker
steps:
- uses: actions/checkout@v4
- uses: google-github-actions/setup-gcloud@v2
- uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.GCP_CICD_KEY }}"
- name: "Deploy"
if:
run: |
echo "***DO NOT USE*** THESE VALUES IN PRODUCTION!"
echo " I MAY NOT BE ABLE TO FIRE YOU, BUT YOU SHOULD BE FIRED IF YOU DO."
echo "USE SECRETS MANAGER FOR JWT SIGNING KEY, OR A THIRD PARTY PROVIDER LIKE HASHICORP."
echo "DEBUG: surface:*" >> env.yaml
echo "SELF_RPC_HOST: https://surface-demo-app-5v6fvk5ela-uw.a.run.app/" >> env.yaml
echo "JWT_SECRET: sup4h.secr1t.jwt.🔑" >> env.yaml
gcloud run deploy surface-demo-app \
--image "${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}" \
--env-vars-file env.yaml \
--service-account ${{ secrets.GCP_APP_SERVICE_ACCOUNT }} \
--region us-west1 \
--allow-unauthenticated