Skip to content

Commit

Permalink
Add update_strategy for envvars and secrets
Browse files Browse the repository at this point in the history 
The default behavior remains to merge (--update), but setting the update_strategy to "overwrite" will set all values.
  • Loading branch information
@sethvargo
sethvargo committed May 17, 2024
1 parent 08b62e2 commit 32a6378
Show file tree
Hide file tree
Showing 9 changed files with 402 additions and 340 deletions.
356 changes: 178 additions & 178 deletions .github/workflows/integration.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ jobs:
include:
- name: 'image'
image: 'gcr.io/cloudrun/hello'
- name: 'source'
source: 'example-app'
# - name: 'source'
# source: 'example-app'

name: 'from_${{ matrix.name }}'

Expand Down Expand Up @@ -150,179 +150,179 @@ jobs:
}
REVISION_COUNT: 2

metadata:
if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
runs-on: 'ubuntu-latest'

steps:
- uses: 'actions/checkout@v4'

- name: 'Compute service name'
run: |-
echo "SERVICE_NAME=${GITHUB_JOB}-metadata-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}" >> ${GITHUB_ENV}
- name: 'Set service name in metadata YAML'
run: |-
sed -i "s/run-full-yaml/${{ env.SERVICE_NAME }}/" ./tests/fixtures/service.yaml
- uses: 'actions/setup-node@v4'
with:
node-version: '20.x'

- run: 'npm ci && npm run build'

- uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'

- id: 'deploy-cloudrun'
name: 'Deploy'
uses: './'
with:
metadata: './tests/fixtures/service.yaml'

- name: 'Run initial deploy tests'
run: 'npm run e2e-tests'
env:
PROJECT_ID: '${{ vars.PROJECT_ID }}'
SERVICE: '${{ env.SERVICE_NAME }}'
PARAMS: |-
{
"cpu": "2",
"memory": "1Gi",
"containerConcurrency": "20"
}
ANNOTATIONS: |-
{
"run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
}
LABELS: |-
{
"test_label": "test_value"
}
- id: 'deploy-cloudrun-again'
name: 'Deploy again'
uses: './'
with:
image: 'gcr.io/cloudrun/hello'
service: '${{ env.SERVICE_NAME }}'

- name: 'Run re-deploy tests'
run: 'npm run e2e-tests' # Check that config isn't overwritten
env:
PROJECT_ID: '${{ vars.PROJECT_ID }}'
SERVICE: '${{ env.SERVICE_NAME }}'
PARAMS: |-
{
"cpu": "2",
"memory": "1Gi",
"containerConcurrency": "20"
}
ANNOTATIONS: |-
{
"run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
}
REVISION_COUNT: 2

jobs:
if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
runs-on: 'ubuntu-latest'

steps:
- uses: 'actions/checkout@v4'

- name: 'Compute job name'
run: |-
echo "JOB_NAME=${GITHUB_JOB}-job-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}" >> ${GITHUB_ENV}
- uses: 'actions/setup-node@v4'
with:
node-version: '20.x'

- run: 'npm ci && npm run build'

- uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'

- id: 'deploy-cloudrun'
name: 'Deploy'
uses: './'
with:
image: 'gcr.io/cloudrun/hello'
job: '${{ env.JOB_NAME }}'
env_vars: |-
FOO=bar
ZIP=zap\,with|separators\,and&stuff
env_vars_file: './tests/fixtures/env_vars.txt'
secrets: |-
MY_SECRET=${{ vars.SECRET_NAME }}:latest
MY_SECOND_SECRET=${{ vars.SECRET_NAME }}:1
labels: |-
label1=value1
label2=value2
skip_default_labels: true
flags: '--cpu=2'

- name: 'Run initial deploy tests'
run: 'npm run e2e-tests'
env:
PROJECT_ID: ${{ vars.PROJECT_ID }}
JOB: '${{ env.JOB_NAME }}'
ENV: |-
{
"FOO": "bar",
"ZIP": "zap,with|separators,and&stuff",
"TEXT_FOO": "bar",
"TEXT_ZIP": "zap,with|separators,and&stuff"
}
SECRET_ENV: |-
{
"MY_SECRET": "${{ vars.SECRET_NAME }}:latest",
"MY_SECOND_SECRET": "${{ vars.SECRET_NAME }}:1"
}
LABELS: |-
{
"label1": "value1",
"label2": "value2"
}
- id: 'deploy-cloudrun-again'
name: 'Deploy again'
uses: './'
with:
image: 'gcr.io/cloudrun/hello'
job: '${{ env.JOB_NAME }}'
env_vars: |-
ABC=123
DEF=456
secrets: /api/secrets/my-secret=${{ vars.SECRET_NAME }}:latest

- name: 'Run re-deploy tests'
run: 'npm run e2e-tests'
env:
PROJECT_ID: ${{ vars.PROJECT_ID }}
JOB: '${{ env.JOB_NAME }}'
ENV: |-
{
"FOO": "bar",
"ZIP": "zap,with|separators,and&stuff",
"TEXT_FOO": "bar",
"TEXT_ZIP": "zap,with|separators,and&stuff",
"ABC": "123",
"DEF": "456"
}
SECRET_VOLUMES: |-
{
"/api/secrets/my-secret": "${{ vars.SECRET_NAME }}:latest"
}
LABELS: |-
{
"label1": "value1",
"label2": "value2",
"commit-sha": "${{ github.sha }}",
"managed-by": "github-actions"
}
# metadata:
# if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
# runs-on: 'ubuntu-latest'

# steps:
# - uses: 'actions/checkout@v4'

# - name: 'Compute service name'
# run: |-
# echo "SERVICE_NAME=${GITHUB_JOB}-metadata-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}" >> ${GITHUB_ENV}

# - name: 'Set service name in metadata YAML'
# run: |-
# sed -i "s/run-full-yaml/${{ env.SERVICE_NAME }}/" ./tests/fixtures/service.yaml

# - uses: 'actions/setup-node@v4'
# with:
# node-version: '20.x'

# - run: 'npm ci && npm run build'

# - uses: 'google-github-actions/auth@v2'
# with:
# workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
# service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'

# - id: 'deploy-cloudrun'
# name: 'Deploy'
# uses: './'
# with:
# metadata: './tests/fixtures/service.yaml'

# - name: 'Run initial deploy tests'
# run: 'npm run e2e-tests'
# env:
# PROJECT_ID: '${{ vars.PROJECT_ID }}'
# SERVICE: '${{ env.SERVICE_NAME }}'
# PARAMS: |-
# {
# "cpu": "2",
# "memory": "1Gi",
# "containerConcurrency": "20"
# }
# ANNOTATIONS: |-
# {
# "run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
# }
# LABELS: |-
# {
# "test_label": "test_value"
# }

# - id: 'deploy-cloudrun-again'
# name: 'Deploy again'
# uses: './'
# with:
# image: 'gcr.io/cloudrun/hello'
# service: '${{ env.SERVICE_NAME }}'

# - name: 'Run re-deploy tests'
# run: 'npm run e2e-tests' # Check that config isn't overwritten
# env:
# PROJECT_ID: '${{ vars.PROJECT_ID }}'
# SERVICE: '${{ env.SERVICE_NAME }}'
# PARAMS: |-
# {
# "cpu": "2",
# "memory": "1Gi",
# "containerConcurrency": "20"
# }
# ANNOTATIONS: |-
# {
# "run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
# }
# REVISION_COUNT: 2

# jobs:
# if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
# runs-on: 'ubuntu-latest'

# steps:
# - uses: 'actions/checkout@v4'

# - name: 'Compute job name'
# run: |-
# echo "JOB_NAME=${GITHUB_JOB}-job-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}" >> ${GITHUB_ENV}

# - uses: 'actions/setup-node@v4'
# with:
# node-version: '20.x'

# - run: 'npm ci && npm run build'

# - uses: 'google-github-actions/auth@v2'
# with:
# workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
# service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'

# - id: 'deploy-cloudrun'
# name: 'Deploy'
# uses: './'
# with:
# image: 'gcr.io/cloudrun/hello'
# job: '${{ env.JOB_NAME }}'
# env_vars: |-
# FOO=bar
# ZIP=zap\,with|separators\,and&stuff
# env_vars_file: './tests/fixtures/env_vars.txt'
# secrets: |-
# MY_SECRET=${{ vars.SECRET_NAME }}:latest
# MY_SECOND_SECRET=${{ vars.SECRET_NAME }}:1
# labels: |-
# label1=value1
# label2=value2
# skip_default_labels: true
# flags: '--cpu=2'

# - name: 'Run initial deploy tests'
# run: 'npm run e2e-tests'
# env:
# PROJECT_ID: ${{ vars.PROJECT_ID }}
# JOB: '${{ env.JOB_NAME }}'
# ENV: |-
# {
# "FOO": "bar",
# "ZIP": "zap,with|separators,and&stuff",
# "TEXT_FOO": "bar",
# "TEXT_ZIP": "zap,with|separators,and&stuff"
# }
# SECRET_ENV: |-
# {
# "MY_SECRET": "${{ vars.SECRET_NAME }}:latest",
# "MY_SECOND_SECRET": "${{ vars.SECRET_NAME }}:1"
# }
# LABELS: |-
# {
# "label1": "value1",
# "label2": "value2"
# }

# - id: 'deploy-cloudrun-again'
# name: 'Deploy again'
# uses: './'
# with:
# image: 'gcr.io/cloudrun/hello'
# job: '${{ env.JOB_NAME }}'
# env_vars: |-
# ABC=123
# DEF=456
# secrets: /api/secrets/my-secret=${{ vars.SECRET_NAME }}:latest

# - name: 'Run re-deploy tests'
# run: 'npm run e2e-tests'
# env:
# PROJECT_ID: ${{ vars.PROJECT_ID }}
# JOB: '${{ env.JOB_NAME }}'
# ENV: |-
# {
# "FOO": "bar",
# "ZIP": "zap,with|separators,and&stuff",
# "TEXT_FOO": "bar",
# "TEXT_ZIP": "zap,with|separators,and&stuff",
# "ABC": "123",
# "DEF": "456"
# }
# SECRET_VOLUMES: |-
# {
# "/api/secrets/my-secret": "${{ vars.SECRET_NAME }}:latest"
# }
# LABELS: |-
# {
# "label1": "value1",
# "label2": "value2",
# "commit-sha": "${{ github.sha }}",
# "managed-by": "github-actions"
# }
Loading

0 comments on commit 32a6378

Please sign in to comment.