Friday, June 21, 2024
No menu items!
HomeCloud ComputingConnecting GitHub Actions and Google Cloud Deploy

Connecting GitHub Actions and Google Cloud Deploy

Google Cloud customers depend on Google Cloud Deploy to deliver their software to production. Taking advantage of a fully managed deployment service means you don’t need to burn cycles scaling and maintaining a self-hosted platform, and the controls and constraints built into Cloud Deploy help with making your pipelines reliable, safe, and trusted.

Typically, Cloud Deploy delivery pipelines are used to progress a release through multiple target environments for testing on the progression to live, which means that releases to production can become more frequent and less stressful. As well as this, Cloud Deploy provides delivery metrics out of the box, which helps enable you to measure and improve your software delivery success over time.

Google Cloud customers may also use GitHub, not only for source control but also more generally as a hub for software development. Alongside core source control, GitHub Actions is used to compile code, build artifacts, and automate many other aspects of software delivery. Because of this, for some time now Google Cloud has maintained a library of GitHub Actions that customers can integrate to automate their workflows.

From speaking with customers, we recently identified a pattern of desire for integration with tooling more specifically focused on software deployment. Based on these observations and by request, we’re happy to announce that we’ve added a new integration for connecting GitHub Actions and Google Cloud Deploy, allowing you to make the most of GitHub Actions for continuous integration (CI)  and Cloud Deploy for continuous delivery (CD).

As with our other GitHub Actions, create-cloud-deploy-release is simple to integrate with your build pipelines and lets you securely connect to Google Cloud.

A typical GitHub Actions workflow with handover to Cloud Deploy might have the following stages, to be run once an application component has passed unit and/or any other isolated component testing:

Artifact build stage: use language-specific tooling (gradle, sbt, npm, etc.) to build an application artifact

Packaging stage: bundle the application artifact with any other required components/dependencies

Containerization stage: create a container image containing the application package

Release creation stage: use the Cloud Deploy GitHub Action to create a release of the built container image

Rollout stages, 1..n: progress the release through a series of GKECloud Run, or Anthos target environments

Once the release is created, the flow of control passes to Cloud Deploy, which will first perform a rollout to the initial target environment – commonly “dev” or “test” – for further testing and validation, before successively deploying the release to each of the delivery pipeline target environments on the progression to production.

Let’s look at an example workflow in more detail. The full workflow described in the upcoming paragraphs is in the Google Cloud GitHub Actions example workflows repository for you to pick up and use in your own projects.

First, we will use the checkout and auth actions to check out the repository and authenticate to Google Cloud. Note that Workload Identity Federationwith OAuth is used to avoid exporting powerful credentials outside Google Cloud itself:

code_block[StructValue([(u’code’, u”steps:rn – name: ‘Checkout’rn uses: ‘actions/checkout@v3’rnrnrn – name: ‘Google auth’rn id: ‘auth’rn uses: ‘google-github-actions/auth@v1’rn with:rn workload_identity_provider: ‘${{ secrets.WIF_PROVIDER }}’rn service_account: ‘${{ secrets.WIF_SERVICE_ACCOUNT }}'”), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eb38de94950>)])]

Next, we’ll use another Google GitHub Action, gcloud-setup, to install and configure the Google Cloud SDK, and configure Docker to use Google Cloud Artifact Registry to store the built images:

code_block[StructValue([(u’code’, u”- name: ‘Set up Cloud SDK’rn uses: ‘google-github-actions/setup-gcloud@v1’rn with:rn project_id: ‘${{ env.PROJECT_ID }}’rnrnrn – name: ‘Docker auth’rn run: |-rn gcloud auth configure-docker ${{ env.GAR_LOCATION }}”), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eb38de94e90>)])]

The next step is to build the application, create a container image, and push it to Google Cloud Artifact Registry:

code_block[StructValue([(u’code’, u’- name: ‘Build and push container’rn run: |-rn docker build -t “${{ env.GAR_LOCATION }}${{ env.PROJECT_ID }}/${{ env.APP }}/${{ env.APP }}:${{ github.sha }}” ./apprn docker push “${{ env.GAR_LOCATION }}${{ env.PROJECT_ID }}/${{ env.APP }}/${{ env.APP }}:${{ github.sha }}”‘), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eb38de94dd0>)])]

As part of the example workflow a sample delivery pipeline is created, but for real-world use we recommend managing your pipelines and targets outside your application build pipeline, either declaratively in YAML or using an infrastructure-as-code tool such a Terraform with the Google Cloud Provider, which supports Cloud Deploy.

Finally, construct a name and create a release with create-cloud-deploy-release:

code_block[StructValue([(u’code’, u’- name: ‘Create release name’rn run: |-rn echo “RELEASE_NAME=${{ env.APP }}-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}” >> ${GITHUB_ENV}rnrnrn – name: ‘Create Cloud Deploy release’rn uses: ‘google-github-actions/create-cloud-deploy-release@v0’rn with:rn delivery_pipeline: ‘${{ env.APP }}’rn name: ‘${{ env.RELEASE_NAME }}’rn region: ‘${{ env.REGION }}’rn description: ‘${{ env.GITHUB_COMMIT_MSG }}’rn skaffold_file: ‘config/skaffold.yaml’rn images: ‘app=${{ env.GAR_LOCATION }}${{ env.PROJECT_ID }}/${{ env.APP }}/${{ env.APP }}:${{ github.sha }}”), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eb38de94910>)])]

As shown in the example above, Cloud Deploy releases can be created by simply referencing a container image in a registry, making it a simple snap-in tool for continuous delivery.

The release can now be progressed through the target environments, taking advantage of dedicated deployment-focused features such as parallel deployments (preview), rollout approvals, and deployment verification.

Combining the ease-of-use of GitHub Actions with the purpose-built Cloud Deploy for continuous delivery helps you to get the best of both worlds and to deliver reliably to production. You can find the Cloud Deploy GitHub Action with documentation here, and a complete standalone example here. Tutorials for various Cloud Deploy features are here. Don’t delay, deploy today!

Related Article

Distributing software everywhere, all at once – a look at Cloud Deploy multi-target

Cloud Deploy now supports multiple target deployments, allowing updates to run at the same time; faster and easier.

Read Article

Cloud BlogRead More



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments