ブランチネームを追加する

.github/workflows/deploy_to_gcp.yml

@@ -8,39 +8,62 @@ on:
       - deploy-dev
 
 jobs:
-  gcp-deploy:
+  gcp-deploy:  
     name: Deploy to GCP
     runs-on: gcloud-tf
+    env:
+      GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
+      GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
+      REPO_NAME: ${{ github.repository }}
+      HASH_SUFFIX: ${{ github.sha }}
+      JOB_NAME: ${{ vars.JOB_NAME }}
+      BRANCH_NAME: ${{ github.ref_name }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3        
 
-  # checkout:
-  #   name: Checkout code
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v3
+      - name: Check Deploy Tools       
+        run: |
+          ls -la
+          echo "Checking gcloud and terraform versions..."
+          gcloud --version
+          terraform --version
+          
+      - name: Check Gcloud auth
+        run: |
+          echo "HOME: ${HOME}"
+          printf '%s' "$GCP_SA_KEY" > $HOME/sa.json
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
 
-  # gcp-deploy:
-  #   name: Deploy to GCP
-  #   runs-on: gcloud-tf
-  #   steps:
-  #     - name: Check Deploy Tools       
-  #       run: |
-  #         gcloud --version
-  #         terraform --version
-  #         ls -la
+          gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
+          gcloud config set project "$GCP_PROJECT_ID"
 
+          echo "Check gcloud"
+          gcloud config list
+          gcloud --version
 
-      # - name: Set up Cloud SDK
-      #   uses: google-github-actions/setup-gcloud@v1
-      #   with:
-      #     project_id: ${{ secrets.GCP_PROJECT_ID }}
-      #     service_account_key: ${{ secrets.GCP_SA_KEY }}
-      #     export_default_credentials: true
+      - name: Exec Terraform init shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/init_terraform.sh
+
+      - name: Exec Container Image Push to Artifact Registry
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/build_image_to_gar.sh
+
+      - name: Exec Terraform plan shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/plan_terraform.sh
+
+      - name: Exec Terraform apply shell
+        run: |
+          export GOOGLE_APPLICATION_CREDENTIALS="$HOME/sa.json"
+          ./scripts/deploy/apply_terraform.sh
+      
+      - name: Clean up Gcloud auth file
+        run: |
+          rm -f $HOME/sa.json 
+          echo "Cleaned up Gcloud auth file."
 
-      # - name: Run deployment script
-      #   run: |
-      #     chmod +x ./deploy.sh
-      #     ./deploy.sh

scripts/deploy/applay_terraform.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Safe mode(when error,kill script)
+set -euo pipefail
+
+# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
+TF_DIR=${TF_DIR:-terraform}
+ENV=${ENV:-dev}
+
+cd "$TF_DIR"
+
+# --- デプロイ条件 ---
+if [[ "${BRANCH_NAME:-}" =~ ^.*deploy$ ]]; then
+    echo "Start terraform apply (ENV=${ENV}, DIR=${TF_DIR}) ..."
+else
+    echo "Skip terraform apply (branch=${BRANCH_NAME:-})"
+    exit 0
+fi
+
+# --- plan 結果があるか確認 ---
+if [[ ! -f tfplan ]]; then
+    echo "ERROR: tfplan not found in $(pwd). Run plan step first." >&2
+    exit 1
+fi
+
+terraform apply -auto-approve tfplan

scripts/deploy/build_image_to_gar.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# Google Container RegistryへDockerイメージをビルドしてプッシュするスクリプト
+set -euo pipefail
+
+# 環境変数の設定
+REGION=${REGION:-asia-northeast1}
+ENV=${ENV:-dev}
+JOB_NAME=${JOB_NAME}
+AR_REPO_NAME="cicd-repo-${ENV}"
+HASH_SUFFIX=${HASH_SUFFIX}
+
+
+# IMAGE_URIの設定
+# ローカル実行時は epoch 秒で自動採番。
+IMAGE_URI="${REGION}-docker.pkg.dev/${GCP_PROJECT_ID}/${AR_REPO_NAME}/run-job-${JOB_NAME}-image:${HASH_SUFFIX}"
+
+
+
+echo "REGION         : ${REGION}"
+echo "ENV            : ${ENV}"
+echo "JOB_NAME       : ${JOB_NAME}"
+echo "HASH_SUFFIX    : ${HASH_SUFFIX}"
+echo "IMAGE_URI      : ${IMAGE_URI}"
+
+# Artifact Registry への認証設定
+gcloud auth configure-docker "${REGION}-docker.pkg.dev"
+
+# GARへDockerイメージをビルドしてプッシュ
+gcloud builds submit --tag "${IMAGE_URI}" .

scripts/deploy/init_terraform.sh

@@ -6,13 +6,15 @@ set -euo pipefail
 TF_DIR=${TF_DIR:-terraform}
 
 # GCS S3などで保存する
-TF_STATE_BUCKET=${TF_STATE_BUCKET:-cicd-tfstate-bucket}
+TF_STATE_BUCKET=${TF_STATE_BUCKET:-cicd-tfstate-bucket-20250906}
 ENV=${ENV:-dev}
 REPO_NAME=${REPO_NAME:-unknown}
 
 cd "$TF_DIR"
+echo "$REPO_NAME"
 
-# --- terraform init 実行 ---
+
+# # --- terraform init 実行 ---
 terraform init \
     -backend-config="bucket=${TF_STATE_BUCKET}" \
     -backend-config="prefix=${REPO_NAME}/${ENV}" \

scripts/deploy/plan_terraform.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+# Safe mode(when error,kill script)
+set -euo pipefail
+
+# 変数の設定({HOME}/hash.txt からハッシュ値を取得)
+TF_DIR=${TF_DIR:-terraform}
+ENV=${ENV:-dev}
+HASH_SUFFIX=${HASH_SUFFIX}
+
+cd "$TF_DIR"
+
+if [ -f "${ENV}.tfvars" ]; then
+    terraform plan \
+    -out=tfplan \
+    -var-file="${ENV}.tfvars" \
+    -var="hash_suffix=${HASH_SUFFIX}"
+
+else
+    # error raise
+    echo "ERROR: ${ENV}.tfvars not found in $(pwd)" >&2
+    exit 1
+fi

terraform/dev.tfvars

@@ -0,0 +1,12 @@
+project_id      = "gcp-devel-project"
+region          = "asia-northeast1"
+env_name        = "dev"
+
+job_name        = "base"
+# コンテナイメージ（CI/CDから渡される想定）
+
+cpu_limit       = "1"
+memory_limit    = "512Mi"
+timeout         = "1800s"
+
+

terraform/provider.tf

@@ -1,3 +1,7 @@
+terraform {
+  backend "gcs" {}
+}
+
 # Google Providerの設定
 provider "google" {
   project     = var.project_id