fix(gcloud): migrate to artifact registry (#24) (#25)

vincejv · Oct 24, 2022 · 161670d · 161670d
1 parent b2f5842
commit 161670d
Show file tree

Hide file tree

Showing 2 changed files with 96 additions and 20 deletions.
diff --git a/.github/workflows/release-dev.yml b/.github/workflows/release-dev.yml
@@ -6,7 +6,7 @@ on:
 
 env:
   PROJECT_ID: fpi-sms-api
-  REGISTRY: asia.gcr.io
+  REGISTRY: asia-east1-docker.pkg.dev
   GHUB_REPO_NAME: fpi-sms-api
   SERVICE: fpi-sms-api-dev
   REGION: asia-east1
@@ -68,6 +68,9 @@ jobs:
     name: Deploy to Cloud Run
     runs-on: ubuntu-latest
     needs: code_quality_checks
+    outputs:
+      artifact_version: ${{ steps.gen_ver.outputs.artifact_version }}
+      service_image_path: ${{ steps.image_version.outputs.service_image_path }}
     permissions:
       contents: read
       packages: write
@@ -89,6 +92,16 @@ jobs:
           java-version: 17
           cache: maven
 
+      - name: Prepare artifact version
+        id: gen_ver
+        run: |
+          echo "artifact_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT
+
+      - name: Prepare Docker image tag
+        id: image_version
+        run: |
+          echo "service_image_path=${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ steps.gen_ver.outputs.artifact_version }}" >> $GITHUB_OUTPUT
+
       - name: Generate native image
         run: mvn -B package -Pnative -Dquarkus.native.container-build=true -Dquarkus.native.builder-image=${{ env.NATIVE_IMAGE_BUILDER }}
 
@@ -100,37 +113,46 @@ jobs:
           workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
           service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'
 
-      - name: Login to Google Container Registry
+      - name: Login to Google Docker Registry
         uses: docker/#-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: 'oauth2accesstoken'
           password: ${{ steps.gcp-auth.outputs.access_token }}
 
+      - name: Check Docker repository
+        id: repository_check
+        continue-on-error: true  # will throw an error if repository does not exist
+        run: |
+          gcloud artifacts repositories describe ${{ env.GHUB_REPO_NAME }} --location ${{ env.REGION }}
+
+      - name: Create Docker repository
+        if: ${{ steps.repository_check.outcome == 'failure' }}  # only create if previous step does not exist
+        run: |
+          gcloud artifacts repositories create ${{ env.GHUB_REPO_NAME }} --repository-format=docker --location ${{ env.REGION }}
+
       - name: Extract metadata (tags, labels) for Docker
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+          images: ${{ steps.image_version.outputs.service_image_path }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@v3
         with:
           context: .
           push: true
-          tags: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}   # ${{ steps.meta.outputs.tags }} - (For public repositories like docker hub)
+          tags: | # ${{ steps.meta.outputs.tags }} - (For public repositories like docker hub)
+            ${{ steps.image_version.outputs.service_image_path }}
           labels: ${{ steps.meta.outputs.labels }}
-          build-args: |
-            GITHUB_USERNAME=${{ github.actor }}
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
 
-      - name: Deploy to Cloud Run
+      - name: Deploy to cloud Run
         id: deploy
         uses: google-github-actions/deploy-cloudrun@v0
         with:
           service: ${{ env.SERVICE }}
           region: ${{ env.REGION }}
-          image: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+          image: ${{ steps.image_version.outputs.service_image_path }}
           project_id: ${{ env.PROJECT_ID }}
           flags: --cpu ${{ env.SERVICE_CPU }} --memory ${{ env.SERVICE_MEMORY }}
           env_vars: |
@@ -186,4 +208,43 @@ jobs:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
           MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
-        run: mvn -B deploy -Prelease-for-oss
+        run: mvn -B deploy -Prelease-for-oss
+
+  pr_update:
+    name: Pull request update
+    if: always()
+    needs: [ pre_job, deploy_to_cloud ]
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write # allows job to decorate PRs with analysis results
+    steps:
+      - name: Update PR (Skip message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip == 'true' }}
+        with:
+          message: |
+            ⚪ Skipped CI/CD as deployment was done in a previous job
+
+      - name: Update PR (Success message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy_to_cloud.outputs.artifact_version != '' }}
+        with:
+          message: |
+            ✅ Deployed to DEV environment: `${{ needs.deploy_to_cloud.outputs.artifact_version }}`
+
+            #### Add to your POM
+            ```xml
+            <dependency>
+              <groupId>com.abavilla</groupId>
+              <artifactId>${{ env.GHUB_REPO_NAME }}-lib</artifactId>
+              <version>${{ needs.deploy_to_cloud.outputs.artifact_version }}</version>
+            </dependency>
+            ```
+
+      - name: Update PR (Failure message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy_to_cloud.outputs.artifact_version == '' }}
+        with:
+          message: |
+            ❌ CI Build & Deployment failed, please check the [logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details
diff --git a/.github/workflows/release-main.yml b/.github/workflows/release-main.yml
@@ -8,7 +8,7 @@ on:
 env:
   DEVELOPMENT_SYNC_BRANCH: development
   PROJECT_ID: fpi-sms-api
-  REGISTRY: asia.gcr.io
+  REGISTRY: asia-east1-docker.pkg.dev
   GHUB_REPO_NAME: fpi-sms-api
   SERVICE: fpi-sms-api-v1
   REGION: asia-east1
@@ -43,6 +43,7 @@ jobs:
     outputs:
       new_tag: ${{ steps.tag_version.outputs.new_tag }}
       changelog: ${{ steps.tag_version.outputs.changelog }}
+      service_image_path: ${{ steps.image_version.outputs.service_image_path }}
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -53,6 +54,11 @@ jobs:
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Prepare Docker image tag
+        id: image_version
+        run: |
+          echo "service_image_path=${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ steps.tag_version.outputs.new_tag }}" >> $GITHUB_OUTPUT
+
   rebase_dev:
     name: Sync development branch
     runs-on: ubuntu-latest
@@ -116,7 +122,7 @@ jobs:
   deploy_to_cloud:
     name: Deploy to Cloud Run
     runs-on: ubuntu-latest
-    needs: code_quality_checks
+    needs: [ code_quality_checks, versioning ]
     permissions:
       contents: read
       packages: write
@@ -149,37 +155,46 @@ jobs:
           workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
           service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'
 
-      - name: Login to Google Container Registry
+      - name: Login to Google Docker Registry
         uses: docker/#-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: 'oauth2accesstoken'
           password: ${{ steps.gcp-auth.outputs.access_token }}
 
+      - name: Check Docker repository
+        id: repository_check
+        continue-on-error: true  # will throw an error if repository does not exist
+        run: |
+          gcloud artifacts repositories describe ${{ env.GHUB_REPO_NAME }} --location ${{ env.REGION }}
+
+      - name: Create Docker repository
+        if: ${{ steps.repository_check.outcome == 'failure' }}  # only create if previous step does not exist
+        run: |
+          gcloud artifacts repositories create ${{ env.GHUB_REPO_NAME }} --repository-format=docker --location ${{ env.REGION }}
+
       - name: Extract metadata (tags, labels) for Docker
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+          images: ${{ needs.versioning.outputs.service_image_path }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@v3
         with:
           context: .
           push: true
-          tags: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}   # ${{ steps.meta.outputs.tags }} - (For public repositories like docker hub)
+          tags: |  # ${{ steps.meta.outputs.tags }} - (For public repositories like docker hub) 
+            ${{ needs.versioning.outputs.service_image_path }}
           labels: ${{ steps.meta.outputs.labels }}
-          build-args: |
-            GITHUB_USERNAME=${{ github.actor }}
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
 
-      - name: Deploy to Cloud Run
+      - name: Deploy to cloud run
         id: deploy
         uses: google-github-actions/deploy-cloudrun@v0
         with:
           service: ${{ env.SERVICE }}
           region: ${{ env.REGION }}
-          image: ${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}:${{ github.sha }}
+          image: ${{ needs.versioning.outputs.service_image_path }}
           project_id: ${{ env.PROJECT_ID }}
           flags: --cpu ${{ env.SERVICE_CPU }} --memory ${{ env.SERVICE_MEMORY }}
           env_vars: |