Merge pull request #8 from sofvanh/updateArgumentScores #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Backend | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'backend/**' | |
| - 'frontend/src/shared/**' | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Generate version | |
| id: version | |
| run: | | |
| echo "version=dev-${GITHUB_SHA::7}" >> $GITHUB_OUTPUT | |
| - name: Copy shared code | |
| run: | | |
| mkdir -p backend/src/.shared | |
| cp -r frontend/src/shared/* backend/src/.shared/ | |
| - name: Google Auth | |
| id: auth | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
| service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Check for required Google Cloud secrets | |
| run: | | |
| required_secrets=("OPENAI_API_KEY" "DB_USER" "DB_HOST" "DB_NAME" "DB_PASSWORD" "GOOGLE_CLIENT_ID") | |
| missing_secrets=() | |
| for secret in "${required_secrets[@]}"; do | |
| if ! gcloud secrets versions access latest --secret="$secret" >/dev/null 2>&1; then | |
| missing_secrets+=("$secret") | |
| fi | |
| done | |
| if [ ${#missing_secrets[@]} -ne 0 ]; then | |
| echo "Error: The following required Google Cloud secrets are missing:" | |
| for secret in "${missing_secrets[@]}"; do | |
| echo "- $secret" | |
| done | |
| exit 1 | |
| fi | |
| echo "All required Google Cloud secrets are present. Proceeding with deployment..." | |
| - name: Build and Push Image | |
| id: build | |
| run: | | |
| cd backend | |
| BUILD_ID=$(gcloud builds submit --tag gcr.io/mindmeld-backend/mindmeld:${{ steps.version.outputs.version }} --format='get(id)' --async) | |
| echo "build_id=$BUILD_ID" >> $GITHUB_OUTPUT | |
| echo "Waiting for build to complete..." | |
| while true; do | |
| STATUS=$(gcloud builds describe $BUILD_ID --format='get(status)') | |
| if [ "$STATUS" = "SUCCESS" ]; then | |
| echo "Build completed successfully!" | |
| break | |
| elif [ "$STATUS" = "FAILURE" ] || [ "$STATUS" = "TIMEOUT" ] || [ "$STATUS" = "CANCELLED" ]; then | |
| echo "Build failed with status: $STATUS" | |
| exit 1 | |
| fi | |
| echo "Build status: $STATUS" | |
| sleep 30 | |
| done | |
| - name: Deploy to Cloud Run | |
| if: success() | |
| run: | | |
| gcloud run deploy mindmeld \ | |
| --image gcr.io/mindmeld-backend/mindmeld:${{ steps.version.outputs.version }} \ | |
| --add-cloudsql-instances ${{ secrets.CLOUD_SQL_CONNECTION_NAME }} \ | |
| --set-secrets=OPENAI_API_KEY=OPENAI_API_KEY:latest,DB_USER=DB_USER:latest,DB_HOST=DB_HOST:latest,DB_NAME=DB_NAME:latest,DB_PASSWORD=DB_PASSWORD:latest,GOOGLE_CLIENT_ID=GOOGLE_CLIENT_ID:latest \ | |
| --platform managed \ | |
| --region europe-west1 \ | |
| --allow-unauthenticated |