Skip to content
Build and Deploy to Cloud Run

Merge pull request #27 from gdsc-ssu/chore/#26 #48

Sign in to view logs

Merge pull request #27 from gdsc-ssu/chore/#26

Merge pull request #27 from gdsc-ssu/chore/#26 #48

Workflow file for this run

.github/workflows/google-cloudrun-docker.yml at 4a5e1cf
name: 'Build and Deploy to Cloud Run'
on:
push:
branches: [ "develop" ]
env:
PROJECT_ID: 'poppet-sol4'
REGION: 'asia-northeast3'
SERVICE: 'poppet-sol4'
WORKLOAD_IDENTITY_PROVIDER: 'projects/162314042262/locations/global/workloadIdentityPools/poppet-github-actions/providers/poppet-github-actions'
jobs:
deploy:
runs-on: 'ubuntu-latest'
permissions:
contents: 'read'
id-token: 'write'
steps:
# 1) 소스 체크아웃
- name: 'Checkout'
uses: 'actions/checkout@v4'
# 2) Workload Identity Federation 설정 후 GCP 인증
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}'
service_account: '[email protected]'
# 3) Gradle로 Spring Boot 빌드
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'adopt'
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew bootJar
# 4) 빌드 후 JAR 파일 경로 확인 (디버그용)
- name: Show Jar files
run: find . -name "*.jar"
################################################################
# 5-1) gemini-chat-prompt.txt 생성 (GitHub Secrets -> JSON 파일)
################################################################
# 5-2) poppet-client.json 파일 생성 (Secrets → 실제파일)
- name: Create gemini-chat-prompt.txt
run: echo "$GEMINI_CHAT_PROMPT" > gemini-chat-prompt.txt
env:
GEMINI_CHAT_PROMPT: ${{ secrets.GEMINI_CHAT_PROMPT }}
- name: Create gemini-summary-prompt.txt
run: echo "$GEMINI_SUMMARY_PROMPT" > gemini-summary-prompt.txt
env:
GEMINI_SUMMARY_PROMPT: ${{ secrets.GEMINI_SUMMARY_PROMPT }}
- name: Create poppet-client.json
run: echo "$GCP_CREDENTIALS_JSON" > poppet-client.json
env:
GCP_CREDENTIALS_JSON: ${{ secrets.GCP_CREDENTIALS_JSON }}
# 6) Dockerfile 복호화 (Secrets에서 가져옴)
- name: Decode Dockerfile from secret and save it
run: |
echo "$DOCKERFILE" > Dockerfile
env:
DOCKERFILE: ${{ secrets.DOCKERFILE }}
# 7) Artifact Registry 로그인
- name: 'Docker Auth'
uses: 'docker/login-action@v3'
with:
username: 'oauth2accesstoken'
password: '${{ steps.auth.outputs.auth_token }}'
registry: '${{ env.REGION }}-docker.pkg.dev'
# 8) Docker 빌드 & 푸시
- name: 'Build and Push Container'
run: |-
gcloud auth print-access-token | docker login -u oauth2accesstoken --password-stdin https://asia-northeast3-docker.pkg.dev
DOCKER_TAG="${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/poppet-api:${{ github.sha }}"
docker build --tag "${DOCKER_TAG}" .
docker push "${DOCKER_TAG}"
# 9) Cloud Run 배포
- name: 'Deploy to Cloud Run'
uses: 'google-github-actions/deploy-cloudrun@v2'
with:
service: 'poppet-sol4-server'
region: '${{ env.REGION }}'
image: '${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/poppet-api:${{ github.sha }}'
env_vars: >
DB_URL=${{ secrets.DB_URL }},
DB_USERNAME=${{ secrets.DB_USERNAME }},
DB_PASSWORD=${{ secrets.DB_PASSWORD }},
AI_GEMINI_API_KEY=${{ secrets.AI_GEMINI_API_KEY }},
KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }},
GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }},
GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }},
GOOGLE_APPLICATION_CREDENTIALS=${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }},
AI_GEMINI_CHAT_PROMPT_LOCATION=${{ secrets.AI_GEMINI_CHAT_PROMPT_LOCATION }},
AI_GEMINI_SUMMARY_PROMPT_LOCATION=${{ secrets.AI_GEMINI_SUMMARY_PROMPT_LOCATION }},
MAIL_USERNAME=${{ secrets.MAIL_USERNAME }},
MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }},
JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }},
GOOGLE_REDIRECT=${{ secrets.GOOGLE_REDIRECT }},
KAKAO_REDIRECT=${{ secrets.KAKAO_REDIRECT }}
# 10) 배포 후 URL 출력
- name: 'Show output'
run: |
echo ${{ steps.deploy.outputs.url }}