[Feat]: add gcp ci/cd (#36)

.github/workflows/app-gcp-CI.yml

@@ -0,0 +1,71 @@
+name: CI
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths: 'api/**'
+
+jobs:
+  CI:
+    name: CI
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./api/
+
+    strategy:
+      matrix:
+        node-version: [18.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+          cache-dependency-path: api/package-lock.json
+
+      - name: install dependency
+        run: npm ci
+
+      - name: build api-bundled
+        run: npm run build api-bundled
+
+      - name: run test
+        run: npm test
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Google Auth
+        id: auth
+        uses: 'google-github-actions/auth@v0'
+        with:
+          token_format: 'access_token'
+          workload_identity_provider: '${{ secrets.WIF_PROVIDER }}' # e.g. - projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider
+          service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}' # e.g. - [email protected]
+
+      # Authenticate Docker to Google Cloud Artifact Registry
+      - name: Docker Auth
+        id: docker-auth
+        uses: 'docker/login-action@v1'
+        with:
+          username: 'oauth2accesstoken'
+          password: '${{ steps.auth.outputs.access_token }}'
+          registry: '${{ secrets.GAR_LOCATION }}-docker.pkg.dev'
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:api'
+          push: true
+          tags: '${{ secrets.DOCKER_IMAGE_TAG }}'
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/app-gcp-deploy.yml

@@ -0,0 +1,57 @@
+name: deploy
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [master]
+    paths: 'api/**'
+
+env:
+  REGION: ${{ secrets.REGION }}
+  SERVICE: ${{ secrets.CLOUD_RUN_SERVICE}}
+
+jobs:
+  deploy:
+    name: gcp-deploy
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    runs-on: ubuntu-latest
+    environment: gcp-deploy
+    defaults:
+      run:
+        working-directory: ./api/
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Google Auth
+        id: auth
+        uses: 'google-github-actions/auth@v1'
+        with:
+          workload_identity_provider: '${{ secrets.WIF_PROVIDER }}' # e.g. - projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider
+          service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}' # e.g. - [email protected]
+
+      - name: Deploy to Cloud Run
+        id: deploy
+        uses: google-github-actions/deploy-cloudrun@v1
+        with:
+          service: ${{ env.SERVICE }}
+          region: ${{ env.REGION }}
+          env_vars: |
+            DATABASE_URI=${{ secrets.DATABASE_URI }}
+            JWT_SECRET=${{ secrets.JWT_SECRET }}
+            JWT_EXPIRES_IN=${{ secrets.JWT_EXPIRES_IN }}
+            JWT_REFRESH_EXPIRES_IN=${{ secrets.JWT_REFRESH_EXPIRES_IN }}
+            AWS_REGION=${{ secrets.AWS_REGION }}
+            AWS_S3_IMAGE_MAIN_BUCKET=${{ secrets.AWS_S3_IMAGE_MAIN_BUCKET }}
+          image: ${{ secrets.DOCKER_IMAGE_TAG }}
+
+      # If required, use the Cloud Run url output in later steps
+      - name: Show Output
+        run: echo ${{ steps.deploy.outputs.url }}