Merge branch 'main' into feature/upd_cicd_func
This commit is contained in:
commit
1b6d488825
77
.github/workflows/deploy_to_gcp.yml
vendored
77
.github/workflows/deploy_to_gcp.yml
vendored
@ -8,39 +8,62 @@ on:
|
|||||||
- deploy-dev
|
- deploy-dev
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
gcp-deploy:
|
gcp-deploy:
|
||||||
name: Deploy to GCP
|
name: Deploy to GCP
|
||||||
runs-on: gcloud-tf
|
runs-on: gcloud-tf
|
||||||
|
env:
|
||||||
|
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
|
||||||
|
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
|
||||||
|
REPO_NAME: ${{ github.repository }}
|
||||||
|
HASH_SUFFIX: ${{ github.sha }}
|
||||||
|
JOB_NAME: ${{ vars.JOB_NAME }}
|
||||||
|
BRANCH_NAME: ${{ github.ref_name }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
# checkout:
|
- name: Check Deploy Tools
|
||||||
# name: Checkout code
|
run: |
|
||||||
# runs-on: ubuntu-latest
|
ls -la
|
||||||
# steps:
|
echo "Checking gcloud and terraform versions..."
|
||||||
# - name: Checkout code
|
gcloud --version
|
||||||
# uses: actions/checkout@v3
|
terraform --version
|
||||||
|
|
||||||
|
- name: Check Gcloud auth
|
||||||
|
run: |
|
||||||
|
echo "HOME: ${HOME}"
|
||||||
|
printf '%s' "$GCP_SA_KEY" > $HOME/sa.json
|
||||||
|
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
|
||||||
|
|
||||||
# gcp-deploy:
|
gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
|
||||||
# name: Deploy to GCP
|
gcloud config set project "$GCP_PROJECT_ID"
|
||||||
# runs-on: gcloud-tf
|
|
||||||
# steps:
|
|
||||||
# - name: Check Deploy Tools
|
|
||||||
# run: |
|
|
||||||
# gcloud --version
|
|
||||||
# terraform --version
|
|
||||||
# ls -la
|
|
||||||
|
|
||||||
|
echo "Check gcloud"
|
||||||
|
gcloud config list
|
||||||
|
gcloud --version
|
||||||
|
|
||||||
# - name: Set up Cloud SDK
|
- name: Exec Terraform init shell
|
||||||
# uses: google-github-actions/setup-gcloud@v1
|
run: |
|
||||||
# with:
|
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
|
||||||
# project_id: ${{ secrets.GCP_PROJECT_ID }}
|
./scripts/deploy/init_terraform.sh
|
||||||
# service_account_key: ${{ secrets.GCP_SA_KEY }}
|
|
||||||
# export_default_credentials: true
|
- name: Exec Container Image Push to Artifact Registry
|
||||||
|
run: |
|
||||||
|
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
|
||||||
|
./scripts/deploy/build_image_to_gar.sh
|
||||||
|
|
||||||
|
- name: Exec Terraform plan shell
|
||||||
|
run: |
|
||||||
|
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
|
||||||
|
./scripts/deploy/plan_terraform.sh
|
||||||
|
|
||||||
|
- name: Exec Terraform apply shell
|
||||||
|
run: |
|
||||||
|
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
|
||||||
|
./scripts/deploy/apply_terraform.sh
|
||||||
|
|
||||||
|
- name: Clean up Gcloud auth file
|
||||||
|
run: |
|
||||||
|
rm -f $HOME/sa.json
|
||||||
|
echo "Cleaned up Gcloud auth file."
|
||||||
|
|
||||||
# - name: Run deployment script
|
|
||||||
# run: |
|
|
||||||
# chmod +x ./deploy.sh
|
|
||||||
# ./deploy.sh
|
|
||||||
|
|||||||
26
scripts/deploy/applay_terraform.sh
Executable file
26
scripts/deploy/applay_terraform.sh
Executable file
@ -0,0 +1,26 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Safe mode(when error,kill script)
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
|
||||||
|
TF_DIR=${TF_DIR:-terraform}
|
||||||
|
ENV=${ENV:-dev}
|
||||||
|
|
||||||
|
cd "$TF_DIR"
|
||||||
|
|
||||||
|
# --- デプロイ条件 ---
|
||||||
|
if [[ "${BRANCH_NAME:-}" =~ ^.*deploy$ ]]; then
|
||||||
|
echo "Start terraform apply (ENV=${ENV}, DIR=${TF_DIR}) ..."
|
||||||
|
else
|
||||||
|
echo "Skip terraform apply (branch=${BRANCH_NAME:-})"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# --- plan 結果があるか確認 ---
|
||||||
|
if [[ ! -f tfplan ]]; then
|
||||||
|
echo "ERROR: tfplan not found in $(pwd). Run plan step first." >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
terraform apply -auto-approve tfplan
|
||||||
29
scripts/deploy/build_image_to_gar.sh
Executable file
29
scripts/deploy/build_image_to_gar.sh
Executable file
@ -0,0 +1,29 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Google Container RegistryへDockerイメージをビルドしてプッシュするスクリプト
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# 環境変数の設定
|
||||||
|
REGION=${REGION:-asia-northeast1}
|
||||||
|
ENV=${ENV:-dev}
|
||||||
|
JOB_NAME=${JOB_NAME}
|
||||||
|
AR_REPO_NAME="cicd-repo-${ENV}"
|
||||||
|
HASH_SUFFIX=${HASH_SUFFIX}
|
||||||
|
|
||||||
|
|
||||||
|
# IMAGE_URIの設定
|
||||||
|
# ローカル実行時は epoch 秒で自動採番。
|
||||||
|
IMAGE_URI="${REGION}-docker.pkg.dev/${GCP_PROJECT_ID}/${AR_REPO_NAME}/run-job-${JOB_NAME}-image:${HASH_SUFFIX}"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
echo "REGION : ${REGION}"
|
||||||
|
echo "ENV : ${ENV}"
|
||||||
|
echo "JOB_NAME : ${JOB_NAME}"
|
||||||
|
echo "HASH_SUFFIX : ${HASH_SUFFIX}"
|
||||||
|
echo "IMAGE_URI : ${IMAGE_URI}"
|
||||||
|
|
||||||
|
# Artifact Registry への認証設定
|
||||||
|
gcloud auth configure-docker "${REGION}-docker.pkg.dev"
|
||||||
|
|
||||||
|
# GARへDockerイメージをビルドしてプッシュ
|
||||||
|
gcloud builds submit --tag "${IMAGE_URI}" .
|
||||||
6
scripts/deploy/init_terraform.sh
Normal file → Executable file
6
scripts/deploy/init_terraform.sh
Normal file → Executable file
@ -6,13 +6,15 @@ set -euo pipefail
|
|||||||
TF_DIR=${TF_DIR:-terraform}
|
TF_DIR=${TF_DIR:-terraform}
|
||||||
|
|
||||||
# GCS S3などで保存する
|
# GCS S3などで保存する
|
||||||
TF_STATE_BUCKET=${TF_STATE_BUCKET:-cicd-tfstate-bucket}
|
TF_STATE_BUCKET=${TF_STATE_BUCKET:-cicd-tfstate-bucket-20250906}
|
||||||
ENV=${ENV:-dev}
|
ENV=${ENV:-dev}
|
||||||
REPO_NAME=${REPO_NAME:-unknown}
|
REPO_NAME=${REPO_NAME:-unknown}
|
||||||
|
|
||||||
cd "$TF_DIR"
|
cd "$TF_DIR"
|
||||||
|
echo "$REPO_NAME"
|
||||||
|
|
||||||
# --- terraform init 実行 ---
|
|
||||||
|
# # --- terraform init 実行 ---
|
||||||
terraform init \
|
terraform init \
|
||||||
-backend-config="bucket=${TF_STATE_BUCKET}" \
|
-backend-config="bucket=${TF_STATE_BUCKET}" \
|
||||||
-backend-config="prefix=${REPO_NAME}/${ENV}" \
|
-backend-config="prefix=${REPO_NAME}/${ENV}" \
|
||||||
|
|||||||
23
scripts/deploy/plan_terraform.sh
Executable file
23
scripts/deploy/plan_terraform.sh
Executable file
@ -0,0 +1,23 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Safe mode(when error,kill script)
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
|
||||||
|
TF_DIR=${TF_DIR:-terraform}
|
||||||
|
ENV=${ENV:-dev}
|
||||||
|
HASH_SUFFIX=${HASH_SUFFIX}
|
||||||
|
|
||||||
|
cd "$TF_DIR"
|
||||||
|
|
||||||
|
if [ -f "${ENV}.tfvars" ]; then
|
||||||
|
terraform plan \
|
||||||
|
-out=tfplan \
|
||||||
|
-var-file="${ENV}.tfvars" \
|
||||||
|
-var="hash_suffix=${HASH_SUFFIX}"
|
||||||
|
|
||||||
|
else
|
||||||
|
# error raise
|
||||||
|
echo "ERROR: ${ENV}.tfvars not found in $(pwd)" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
12
terraform/dev.tfvars
Normal file
12
terraform/dev.tfvars
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
project_id = "gcp-devel-project"
|
||||||
|
region = "asia-northeast1"
|
||||||
|
env_name = "dev"
|
||||||
|
|
||||||
|
job_name = "base"
|
||||||
|
# コンテナイメージ(CI/CDから渡される想定)
|
||||||
|
|
||||||
|
cpu_limit = "1"
|
||||||
|
memory_limit = "512Mi"
|
||||||
|
timeout = "1800s"
|
||||||
|
|
||||||
|
|
||||||
@ -1,3 +1,7 @@
|
|||||||
|
terraform {
|
||||||
|
backend "gcs" {}
|
||||||
|
}
|
||||||
|
|
||||||
# Google Providerの設定
|
# Google Providerの設定
|
||||||
provider "google" {
|
provider "google" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user