MRG: Merge pull request #19 from octue/use-reusable-deployment-workflow

Use reusable deployment workflow

Author: cortadocodes

.github/workflows/cd.yaml

@@ -11,126 +11,16 @@ on:
         default: "false"
 
 jobs:
-  info:
+  deploy:
     if: "!contains(github.event.head_commit.message, 'skipci')"
-    runs-on: ubuntu-latest
-
-    timeout-minutes: 5
-
-    permissions:
-      contents: read
-
-    outputs:
-      branch_tag_kebab: ${{ steps.get-deployment-info.outputs.branch_tag_kebab }}
-      branch_tag_screaming: ${{ steps.get-deployment-info.outputs.branch_tag_screaming}}
-      image_latest_artifact: ${{ steps.get-deployment-info.outputs.image_latest_artifact}}
-      image_latest_tag: ${{ steps.get-deployment-info.outputs.image_latest_tag }}
-      image_version_artifact: ${{ steps.get-deployment-info.outputs.image_version_artifact}}
-      image_version_tag: ${{ steps.get-deployment-info.outputs.image_version_tag }}
-      short_sha: ${{ steps.get-deployment-info.outputs.short_sha }}
-      gcp_project_name: ${{ steps.get-deployment-info.outputs.gcp_project_name}}
-      gcp_project_number: ${{ steps.get-deployment-info.outputs.gcp_project_number}}
-      gcp_region: ${{ steps.get-deployment-info.outputs.gcp_region}}
-      gcp_resource_affix: ${{ steps.get-deployment-info.outputs.gcp_resource_affix}}
-      gcp_service_name: ${{ steps.get-deployment-info.outputs.gcp_service_name}}
-      version: ${{ steps.get-deployment-info.outputs.version }}
-      revision_tag: ${{ steps.get-deployment-info.outputs.revision_tag }}
-      revision_tag_slug: ${{ steps.get-deployment-info.outputs.revision_tag_slug }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install poetry
-        uses: snok/install-poetry@v1
-
-      - name: Get deployment info
-        id: get-deployment-info
-        uses: octue/[email protected]
-        with:
-          gcp_project_name: octue-sdk-python
-          gcp_project_number: 437801218871
-          gcp_region: europe-west1
-          gcp_resource_affix: octue
-          gcp_service_name: example-service-cloud-run
-
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    needs: info
+    uses: octue/workflows/.github/workflows/deploy-cloud-run-service.yml@main
     permissions:
       id-token: write
       contents: read
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Authenticate with GCP Workload Identity
-        id: auth
-        uses: google-github-actions/auth@v2
-        with:
-          # NOTE: If setting create_credentials_file=true, .dockerignore file must include `gha-creds-*.json` to avoid baking these credentials into build
-          create_credentials_file: true
-          workload_identity_provider: projects/${{ needs.info.outputs.gcp_project_number }}/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider
-          service_account: github-actions@${{ needs.info.outputs.gcp_project_name }}.iam.gserviceaccount.com
-
-      - name: Setup gcloud
-        uses: "google-github-actions/setup-gcloud@v2"
-
-      - name: Configure Docker for GCP
-        run: gcloud auth configure-docker ${{ needs.info.outputs.gcp_region }}-docker.pkg.dev
-
-      - name: Setup tmate session [DEBUG]
-        if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true'}}
-        uses: mxschmitt/action-tmate@v3
-
-      - name: Get default Octue Cloud Run Dockerfile
-        run: wget https://raw.githubusercontent.com/octue/octue-sdk-python/main/octue/cloud/deployment/google/cloud_run/Dockerfile
-
-      - name: Build and push container with latest and version tags
-        # Note: We don't push containers with shas because we'd end up with terabytes in storage (an image for every commit)
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          platforms: linux/amd64
-          file: ./Dockerfile
-          push: true
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          tags: |
-            ${{ needs.info.outputs.image_version_artifact}}
-            ${{ needs.info.outputs.image_latest_artifact}}
-
-      - name: Deploy to Cloud Run service
-        id: deploy-service
-        uses: google-github-actions/deploy-cloudrun@v2
-        with:
-          env_vars: |
-            OCTUE_SERVICE_NAMESPACE=${{ needs.info.outputs.gcp_resource_affix }}
-            OCTUE_SERVICE_NAME=${{ needs.info.outputs.gcp_service_name }}
-            OCTUE_SERVICE_REVISION_TAG=${{ needs.info.outputs.revision_tag }}
-            COMPUTE_PROVIDER=GOOGLE_CLOUD_RUN
-          service: ${{ needs.info.outputs.gcp_resource_affix }}-${{ needs.info.outputs.gcp_service_name }}
-          image: ${{ needs.info.outputs.image_version_artifact }}
-          region: ${{ needs.info.outputs.gcp_region }}
-          tag: v${{ needs.info.outputs.revision_tag_slug }}
-          flags: "--allow-unauthenticated"
-
-      - name: Show deployed service URL
-        run: echo "${{ steps.deploy-service.outputs.url }}"
-
-      - name: Create service revision push subscription
-        uses: octue/[email protected]
-        with:
-          project_name: ${{ needs.info.outputs.gcp_project_name }}
-          service_namespace: ${{ needs.info.outputs.gcp_resource_affix }}
-          service_name: ${{ needs.info.outputs.gcp_service_name }}
-          service_revision_tag: ${{ needs.info.outputs.revision_tag }}
-          push_endpoint: ${{ steps.deploy-service.outputs.url }}
+    with:
+      gcp_project_name: octue-sdk-python
+      gcp_project_number: 437801218871
+      gcp_region: europe-west1
+      gcp_resource_affix: octue
+      gcp_service_name: example-service-cloud-run
+      cloud_run_flags: "--ingress=all --allow-unauthenticated"

.github/workflows/release.yml

@@ -13,7 +13,7 @@ jobs:
     if: "github.event.pull_request.merged == true && !contains(github.event.pull_request.head.message, 'skipci')"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install Poetry
         uses: snok/[email protected]

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "example-service-cloud-run"
-version = "0.4.0"
+version = "0.4.1"
 description = "An example Octue service for deploying to Google Cloud Run."
 authors = ["Marcus Lugg <[email protected]>"]
 license = "MIT"