From d37d942a9331e38abe7a3f16ff0085cde165cc48 Mon Sep 17 00:00:00 2001 From: Pyronewbic Date: Sun, 10 May 2026 20:30:24 +0530 Subject: [PATCH] ci: auto-deploy on merge to main via Workload Identity Federation --- .github/workflows/deploy.yml | 39 ++++++++++++++++++++++++++++++++++++ .github/workflows/test.yml | 2 -- 2 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..f3723e3 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,39 @@ +name: Deploy +on: + push: + branches: [main] + +permissions: + contents: read + id-token: write + +env: + PROJECT_ID: casecomp-495718 + REGION: asia-south1 + SERVICE: cardscrapebot + IMAGE: gcr.io/casecomp-495718/cardscrapebot + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: google-github-actions/auth@v2 + with: + workload_identity_provider: projects/129850122606/locations/global/workloadIdentityPools/github-pool/providers/github-provider + service_account: casecomp-deploy@casecomp-495718.iam.gserviceaccount.com + + - uses: google-github-actions/setup-gcloud@v2 + + - name: Build and push + run: gcloud builds submit --tag ${{ env.IMAGE }} --project ${{ env.PROJECT_ID }} + + - name: Deploy to Cloud Run + run: | + gcloud run deploy ${{ env.SERVICE }} \ + --image ${{ env.IMAGE }} \ + --region ${{ env.REGION }} \ + --project ${{ env.PROJECT_ID }} \ + --port 3000 \ + --allow-unauthenticated diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0b38d87..a0b3547 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,7 +1,5 @@ name: Tests on: - push: - branches: [main, dev] pull_request: branches: [main]