feat: external coin deduct api #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Cloud Run | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*" | |
| env: | |
| PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| SERVICE_NAME: intania-888-backend | |
| REGION: asia-southeast1 | |
| IMAGE_NAME: gcr.io/${{ secrets.GCP_PROJECT_ID }}/intania-888-backend | |
| jobs: | |
| deploy: | |
| name: Build and Deploy | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Google Auth | |
| id: auth | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| - name: Configure Docker to use gcloud | |
| run: gcloud auth configure-docker | |
| - name: Build and tag Docker image | |
| run: | | |
| docker build \ | |
| -t "${{ env.IMAGE_NAME }}:${{ github.sha }}" \ | |
| -t "${{ env.IMAGE_NAME }}:latest" \ | |
| . | |
| - name: Push Docker image to GCR | |
| run: | | |
| docker push ${{ env.IMAGE_NAME }}:${{ github.sha }} | |
| docker push ${{ env.IMAGE_NAME }}:latest | |
| - name: Create env vars file | |
| run: | | |
| cat > env.yaml << EOF | |
| SERVER_NAME: intania-shop-api | |
| SERVER_ENV: production | |
| SERVER_HOST: 0.0.0.0 | |
| SERVER_PORT: "8080" | |
| SERVER_ORIGIN: ${{ secrets.FRONTEND_URL }} | |
| DB_HOST: ${{ secrets.DB_HOST }} | |
| DB_PORT: "${{ secrets.DB_PORT }}" | |
| DB_USER: ${{ secrets.DB_USER }} | |
| DB_PASS: ${{ secrets.DB_PASS }} | |
| DB_NAME: ${{ secrets.DB_NAME }} | |
| DB_SSL_MODE: disable | |
| DB_TIMEZONE: Asia/Bangkok | |
| JWT_ACCESS_TOKEN_SECRET: ${{ secrets.JWT_ACCESS_TOKEN_SECRET }} | |
| JWT_ACCESS_TOKEN_EXPIRATION: "${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION }}" | |
| JWT_REFRESH_TOKEN_EXPIRATION: "${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION }}" | |
| OAUTH_CLIENT_ID: ${{ secrets.OAUTH_CLIENT_ID }} | |
| OAUTH_CLIENT_SECRET: ${{ secrets.OAUTH_CLIENT_SECRET }} | |
| OAUTH_REDIRECT_URI: ${{ secrets.OAUTH_REDIRECT_URI }} | |
| CACHE_HOST: ${{ secrets.CACHE_HOST }} | |
| CACHE_PORT: "${{ secrets.CACHE_PORT }}" | |
| CACHE_PASS: ${{ secrets.CACHE_PASS }} | |
| SWAGGER_USERNAME: ${{ secrets.SWAGGER_USERNAME }} | |
| SWAGGER_PASSWORD: ${{ secrets.SWAGGER_PASSWORD }} | |
| CORS_ALLOW_ORIGINS: ${{ secrets.CORS_ALLOW_ORIGINS }} | |
| EOF | |
| - name: Deploy to Cloud Run | |
| run: | | |
| gcloud run deploy ${{ env.SERVICE_NAME }} \ | |
| --image ${{ env.IMAGE_NAME }}:${{ github.sha }} \ | |
| --platform managed \ | |
| --region ${{ env.REGION }} \ | |
| --allow-unauthenticated \ | |
| --vpc-connector=projects/${{ env.PROJECT_ID }}/locations/${{ env.REGION }}/connectors/intania888-connector \ | |
| --vpc-egress=private-ranges-only \ | |
| --env-vars-file=env.yaml \ | |
| --min-instances=0 \ | |
| --max-instances=10 \ | |
| --memory=512Mi \ | |
| --cpu=1 \ | |
| --timeout=300 | |
| - name: Show deployment URL | |
| run: | | |
| echo "Deployment completed!" | |
| gcloud run services describe ${{ env.SERVICE_NAME }} \ | |
| --platform managed \ | |
| --region ${{ env.REGION }} \ | |
| --format 'value(status.url)' |