kopia lustrzana https://github.com/cloudflare/wildebeest
MOW-85: add deploy
rodzic
25be15b2a0
commit
aca25165d8
|
@ -0,0 +1,67 @@
|
|||
name: Deploy
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
repository_dispatch:
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: hashicorp/setup-terraform@v2
|
||||
|
||||
- name: Setup node.js
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: 18
|
||||
|
||||
- name: Create D1 database
|
||||
uses: cloudflare/wrangler-action@2.0.0
|
||||
with:
|
||||
command: d1 create wildebeest-${{ github.actor }}
|
||||
apiToken: ${{ secrets.CF_API_TOKEN }}
|
||||
continue-on-error: true
|
||||
env:
|
||||
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
||||
- name: retrieve D1 database
|
||||
uses: cloudflare/wrangler-action@2.0.0
|
||||
with:
|
||||
command: d1 list | grep wildebeest-${{ github.actor }} | awk '{print "d1_id="$2}' >> $GITHUB_ENV
|
||||
apiToken: ${{ secrets.CF_API_TOKEN }}
|
||||
env:
|
||||
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
||||
- name: migrate D1 database
|
||||
uses: cloudflare/wrangler-action@2.0.0
|
||||
with:
|
||||
command: d1 migrations apply wildebeest-${{ github.actor }}
|
||||
apiToken: ${{ secrets.CF_API_TOKEN }}
|
||||
env:
|
||||
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
||||
- name: Init
|
||||
run: terraform init
|
||||
working-directory: ./tf
|
||||
|
||||
- name: Configure
|
||||
run: terraform plan && terraform apply -auto-approve
|
||||
working-directory: ./tf
|
||||
env:
|
||||
TF_VAR_cloudflare_account_id: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
TF_VAR_cloudflare_api_token: ${{ secrets.CF_API_TOKEN }}
|
||||
TF_VAR_gh_username: ${{ github.actor }}
|
||||
TF_VAR_d1_id: ${{ env.d1_id }}
|
||||
|
||||
- name: Publish
|
||||
uses: cloudflare/wrangler-action@2.0.0
|
||||
with:
|
||||
apiToken: ${{ secrets.CF_API_TOKEN }}
|
||||
preCommands: |
|
||||
echo "*** pre commands ***"
|
||||
yarn
|
||||
echo "******"
|
||||
command: pages publish --project-name=wildebeest-${{ github.actor }} .
|
||||
env:
|
||||
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
|
@ -0,0 +1,83 @@
|
|||
variable "cloudflare_account_id" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "cloudflare_api_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "gh_username" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "d1_id" {
|
||||
type = string
|
||||
}
|
||||
|
||||
terraform {
|
||||
required_providers {
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
version = "3.31.0"
|
||||
}
|
||||
|
||||
random = {
|
||||
source = "hashicorp/random"
|
||||
version = "3.4.3"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "cloudflare" {
|
||||
api_token = var.cloudflare_api_token
|
||||
}
|
||||
|
||||
resource "cloudflare_workers_kv_namespace" "wildebeest_cache" {
|
||||
account_id = var.cloudflare_account_id
|
||||
title = "wildebeest-cache"
|
||||
}
|
||||
|
||||
resource "random_string" "user_key" {
|
||||
length = 256
|
||||
special = false
|
||||
}
|
||||
|
||||
resource "cloudflare_pages_project" "wildebeest_pages_project" {
|
||||
account_id = var.cloudflare_account_id
|
||||
name = "wildebeest-${var.gh_username}"
|
||||
production_branch = "main"
|
||||
build_config {
|
||||
build_command = "yarn build"
|
||||
destination_dir = "frontend/dist"
|
||||
}
|
||||
deployment_configs {
|
||||
production {
|
||||
environment_variables = {
|
||||
/* API key with Cloudflare Images perms */
|
||||
CF_ACCOUNT_ID = ""
|
||||
CF_API_TOKEN = ""
|
||||
|
||||
USER_KEY = random_string.user_key.result
|
||||
}
|
||||
kv_namespaces = {
|
||||
KV_CACHE = cloudflare_workers_kv_namespace.wildebeest_cache.id
|
||||
}
|
||||
d1_databases = {
|
||||
D1_BINDING = var.d1_id
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "cloudflare_access_application" "wildebeest_access" {
|
||||
account_id = var.cloudflare_account_id
|
||||
name = "wildebeest-${var.gh_username}"
|
||||
domain = "${cloudflare_pages_project.wildebeest_pages_project.subdomain}/oauth/authorize"
|
||||
type = "self_hosted"
|
||||
session_duration = "168h"
|
||||
auto_redirect_to_identity = false
|
||||
}
|
||||
|
||||
output "access_aud" {
|
||||
value = cloudflare_access_application.wildebeest_access.aud
|
||||
}
|
Ładowanie…
Reference in New Issue