mirror of
https://github.com/roleypoly/roleypoly.git
synced 2025-04-24 19:39:11 +00:00
add GAR docker push for google cloud stuff
This commit is contained in:
parent
e028b64ff8
commit
7ad719895d
5 changed files with 144 additions and 3 deletions
14
.github/workflows/build.yml
vendored
14
.github/workflows/build.yml
vendored
|
|
@ -75,8 +75,9 @@ jobs:
|
|||
id: docker_meta
|
||||
uses: crazy-max/ghaction-docker-meta@v1
|
||||
with:
|
||||
images: ghcr.io/roleypoly/${{matrix.dockerfile}}
|
||||
tag-sha: true
|
||||
images: |
|
||||
ghcr.io/roleypoly/${{matrix.dockerfile}}
|
||||
us-docker.pkg.dev/roleypoly-${{matrix.dockerfile}}
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
|
|
@ -84,13 +85,20 @@ jobs:
|
|||
with:
|
||||
install: true
|
||||
|
||||
- name: Login to GitHub Packages Docker Registry
|
||||
- name: Login to GHCR
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: roleypoly
|
||||
password: ${{ secrets.GHCR_PAT }}
|
||||
|
||||
- name: Login to GAR
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: us-docker.pkg.dev
|
||||
username: _json_key
|
||||
password: ${{ secrets.GAR_JSON_KEY }}
|
||||
|
||||
- name: Build and push
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
|
|
|
|||
|
|
@ -6,6 +6,11 @@ terraform {
|
|||
source = "hashicorp/google"
|
||||
}
|
||||
|
||||
google-beta = {
|
||||
version = ">=3.49.0"
|
||||
source = "hashicorp/google"
|
||||
}
|
||||
|
||||
cloudflare = {
|
||||
version = ">=2.14.0"
|
||||
source = "cloudflare/cloudflare"
|
||||
|
|
@ -49,4 +54,23 @@ provider "cloudflare" {
|
|||
account_id = var.cloudflare_account_id
|
||||
}
|
||||
|
||||
variable "gcp_project" {
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "gcp_region" {
|
||||
type = string
|
||||
default = "us-east4"
|
||||
}
|
||||
|
||||
provider "google" {
|
||||
project = var.gcp_project
|
||||
region = var.gcp_region
|
||||
}
|
||||
|
||||
provider "google-beta" {
|
||||
project = var.gcp_project
|
||||
region = var.gcp_region
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -13,6 +13,12 @@ variable "ui_regions" {
|
|||
description = "Cloud Run regions to deploy UI to"
|
||||
}
|
||||
|
||||
variable "ui_tag" {
|
||||
type = string
|
||||
description = "Specific tag to deploy"
|
||||
default = "main"
|
||||
}
|
||||
|
||||
variable "bot_client_id" {
|
||||
type = string
|
||||
description = "Bot Client ID"
|
||||
|
|
|
|||
58
terraform/webapp.tf
Normal file
58
terraform/webapp.tf
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
resource "cloudflare_record" "web" {
|
||||
zone_id = var.cloudflare_zone_id
|
||||
name = "web-${var.environment_tag}"
|
||||
type = "A"
|
||||
value = google_compute_address.web_lb.address
|
||||
proxied = true
|
||||
}
|
||||
|
||||
resource "google_cloud_run_service" "web" {
|
||||
for_each = toset(var.ui_regions)
|
||||
|
||||
name = "roleypoly-web-${var.environment_tag}-${each.key}"
|
||||
location = each.key
|
||||
|
||||
template {
|
||||
spec {
|
||||
containers {
|
||||
image = "ghcr.io/roleypoly/ui:${var.ui_tag}"
|
||||
|
||||
env {
|
||||
name = "API_PUBLIC_URI"
|
||||
value = var.api_public_uri
|
||||
}
|
||||
|
||||
env {
|
||||
name = "UI_PUBLIC_URI"
|
||||
value = var.ui_public_uri
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
traffic {
|
||||
percent = 100
|
||||
latest_revision = true
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
data "google_iam_policy" "noauth" {
|
||||
binding {
|
||||
role = "roles/run.invoker"
|
||||
members = [
|
||||
"allUsers",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_cloud_run_service_iam_policy" "noauth" {
|
||||
for_each = toset(var.ui_regions)
|
||||
|
||||
location = google_cloud_run_service.web[each.key].location
|
||||
project = google_cloud_run_service.web[each.key].project
|
||||
service = google_cloud_run_service.web[each.key].name
|
||||
|
||||
policy_data = data.google_iam_policy.noauth.policy_data
|
||||
}
|
||||
45
terraform/weblb.tf
Normal file
45
terraform/weblb.tf
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
resource "google_compute_address" "web_lb" {
|
||||
name = "lb-ip-web-${var.environment_tag}"
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "web_lb" {
|
||||
name = "lb-rbes-web-${var.environment_tag}"
|
||||
|
||||
dynamic "backend" {
|
||||
for_each = toset(var.ui_regions)
|
||||
content {
|
||||
group = google_compute_region_network_endpoint_group.web_lb[backend.value].id
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_url_map" "web_lb" {
|
||||
name = "lb-um-web-${var.environment_tag}"
|
||||
|
||||
default_service = google_compute_backend_service.web_lb.id
|
||||
}
|
||||
|
||||
resource "google_compute_target_http_proxy" "web_lb" {
|
||||
name = "lb-http-web-${var.environment_tag}"
|
||||
url_map = google_compute_url_map.web_lb.id
|
||||
}
|
||||
|
||||
resource "google_compute_forwarding_rule" "web_lb" {
|
||||
provider = google-beta
|
||||
|
||||
name = "lb-fr-web-${var.environment_tag}"
|
||||
target = google_compute_target_http_proxy.web_lb.id
|
||||
ports = ["80"]
|
||||
}
|
||||
|
||||
resource "google_compute_region_network_endpoint_group" "web_lb" {
|
||||
provider = google-beta
|
||||
for_each = toset(var.ui_regions)
|
||||
|
||||
name = "lb-fr-neg-${each.key}-${var.environment_tag}"
|
||||
region = google_cloud_run_service.web[each.key].location
|
||||
network_endpoint_type = "SERVERLESS"
|
||||
cloud_run {
|
||||
service = google_cloud_run_service.web[each.key].name
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue