v1.8.0 #220
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Docker Images | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| release: | |
| types: [published] | |
| # This job uses RafikFarhad's GitHub action to build and | |
| # push a docker image to a specified GCP repository | |
| jobs: | |
| build-and-push-api-image: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # to get all tags | |
| - name: Generate Image Tag | |
| id: get-tag | |
| run: | | |
| REV=$(git rev-list --tags --max-count=1) | |
| IMAGE_TAG=$(git describe --tags $REV) | |
| echo "IMAGE_TAG=${IMAGE_TAG//v}" | |
| echo "IMAGE_TAG=${IMAGE_TAG//v}" >> $GITHUB_OUTPUT | |
| - name: Build and Push Image | |
| uses: RafikFarhad/push-to-gcr-github-action@v5-beta | |
| with: | |
| gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }} | |
| registry: us-central1-docker.pkg.dev | |
| project_id: monarch-initiative | |
| image_name: monarch-api/monarch-api | |
| image_tag: latest, ${{ steps.get-tag.outputs.IMAGE_TAG }}, ${{ github.sha }} | |
| dockerfile: ./backend/Dockerfile | |
| build-and-push-frontend-image: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./frontend | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # to get all tags | |
| - name: Set up Bun | |
| uses: oven-sh/setup-bun@v1 | |
| - name: Install packages | |
| run: bun install | |
| - name: Build app | |
| run: bun run build | |
| - name: Generate Image Tag for Frontend Dir | |
| id: get-tag | |
| run: | | |
| REV=$(git rev-list --tags --max-count=1 ) | |
| IMAGE_TAG=$(git describe --tags $REV) | |
| echo "IMAGE_TAG=${IMAGE_TAG//v}" | |
| echo "IMAGE_TAG=${IMAGE_TAG//v}" >> $GITHUB_OUTPUT | |
| # the monarch-ui Dockerfile pulls from two places: | |
| # ./frontend/dist/, copied to /var/www/ in the image | |
| # ./services/nginx/config/, copied to /etc/nginx/conf.d/ in the image | |
| - name: Build and Push Image | |
| uses: RafikFarhad/push-to-gcr-github-action@v5-beta | |
| with: | |
| gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }} | |
| registry: us-central1-docker.pkg.dev | |
| project_id: monarch-initiative | |
| image_name: monarch-api/monarch-ui | |
| image_tag: latest, ${{ steps.get-tag.outputs.IMAGE_TAG }}, ${{ github.sha }} | |
| dockerfile: ./services/nginx/Dockerfile | |
| context: . | |
| update-gcp-services: | |
| runs-on: ubuntu-latest | |
| needs: [build-and-push-api-image, build-and-push-frontend-image] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # to get all tags | |
| - id: "auth" | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| credentials_json: "${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}" | |
| - name: "Set up Cloud SDK" | |
| uses: "google-github-actions/setup-gcloud@v2" | |
| with: | |
| version: ">= 447.0.0" | |
| - name: "Cache SSH Key" | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.ssh/google_compute_engine | |
| ~/.ssh/google_compute_engine.pub | |
| key: ${{ runner.os }}-ssh-key | |
| - name: "Remove old SSH keys" | |
| run: | | |
| if [[ $(gcloud compute os-login ssh-keys list | grep -v FINGERPRINT) ]]; then | |
| for i in $(gcloud compute os-login ssh-keys list | grep -v FINGERPRINT) | |
| do | |
| echo $i | |
| gcloud compute os-login ssh-keys remove --key $i | |
| done | |
| fi | |
| - name: "Update API Service" | |
| run: | | |
| gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker system prune -f | |
| gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_api --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-api:${{ github.sha }} | |
| - name: "Update UI Service" | |
| run: | | |
| gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker system prune -f | |
| gcloud compute ssh --ssh-key-expiration 60m --zone us-central1-a monarch-v3-dev-manager -- sudo docker service update monarch-v3_nginx --with-registry-auth --update-order=start-first --force --image us-central1-docker.pkg.dev/monarch-initiative/monarch-api/monarch-ui:${{ github.sha }} |