デプロイCICD用生成

.github/workflows/deploy_to_gcp.yml

@@ -0,0 +1,67 @@
+name: Gitea Deploy to GCP
+
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - deploy-prd
+      - deploy-dev
+
+jobs:
+  gcp-deploy:  
+    name: Deploy to GCP
+    runs-on: gcloud-tf
+    env:
+      GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
+      GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
+      REPO_NAME: ${{ github.repository }}
+      COMPONENT_NAME: ${{ vars.COMPONENT_NAME }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3        
+
+      - name: Check Deploy Tools       
+        run: |
+          ls -la
+          echo "Checking gcloud and terraform versions..."
+          gcloud --version
+          terraform --version
+          
+      - name: Check Gcloud auth
+        run: |
+          echo "HOME: ${HOME}"
+          printf '%s' "$GCP_SA_KEY" > $HOME/sa.json
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+
+          gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
+          gcloud config set project "$GCP_PROJECT_ID"
+
+          echo "Check gcloud"
+          gcloud config list
+          gcloud --version
+
+      - name: Exec Terraform init shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/init_terraform.sh
+
+      - name: Exec Container Image Push to Artifact Registry
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/build_image_to_gar.sh
+
+      - name: Exec Terraform plan shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/plan_terraform.sh
+
+      - name: Exec Terraform apply shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/apply_terraform.sh
+      
+      - name: Clean up Gcloud auth file
+        run: |
+          rm -f $HOME/sa.json 
+          echo "Cleaned up Gcloud auth file."
+

scripts/deploy/applay_terraform.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Safe mode(when error,kill script)
+set -euo pipefail
+
+# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
+TF_DIR=${TF_DIR:-terraform}
+ENV=${ENV:-dev}
+
+cd "$TF_DIR"
+
+# --- デプロイ条件 ---
+if [[ "${BRANCH_NAME:-}" =~ ^.*deploy$ ]]; then
+    echo "Start terraform apply (ENV=${ENV}, DIR=${TF_DIR}) ..."
+else
+    echo "Skip terraform apply (branch=${BRANCH_NAME:-})"
+    exit 0
+fi
+
+# --- plan 結果があるか確認 ---
+if [[ ! -f tfplan ]]; then
+    echo "ERROR: tfplan not found in $(pwd). Run plan step first." >&2
+    exit 1
+fi
+
+terraform apply -auto-approve tfplan

scripts/deploy/init_terraform.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Safe mode(when error,kill script)
+set -euo pipefail
+
+TF_DIR=${TF_DIR:-terraform}
+
+# GCS S3などで保存する
+TF_STATE_BUCKET=${TF_STATE_BUCKET:-cicd-tfstate-bucket-20250906}
+ENV=${ENV:-dev}
+REPO_NAME=${REPO_NAME:-unknown}
+
+cd "$TF_DIR"
+echo "$REPO_NAME"
+
+
+# # --- terraform init 実行 ---
+terraform init \
+    -backend-config="bucket=${TF_STATE_BUCKET}" \
+    -backend-config="prefix=${REPO_NAME}/${ENV}" \
+ 

scripts/deploy/plan_terraform.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Safe mode(when error,kill script)
+set -euo pipefail
+
+# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
+TF_DIR=${TF_DIR:-terraform}
+ENV=${ENV:-dev}
+
+cd "$TF_DIR"
+
+if [ -f "${ENV}.tfvars" ]; then
+    terraform plan \
+    -out=tfplan \
+    -var-file="${ENV}.tfvars"
+
+else
+    # error raise
+    echo "ERROR: ${ENV}.tfvars not found in $(pwd)" >&2
+    exit 1
+fi