diff --git a/.github/workflows/firebase-hosting-merge.yml b/.github/workflows/client-firebase-hosting-merge.yml similarity index 100% rename from .github/workflows/firebase-hosting-merge.yml rename to .github/workflows/client-firebase-hosting-merge.yml diff --git a/.github/workflows/firebase-hosting-pull-request.yml b/.github/workflows/client-firebase-hosting-pull-request.yml similarity index 100% rename from .github/workflows/firebase-hosting-pull-request.yml rename to .github/workflows/client-firebase-hosting-pull-request.yml diff --git a/.github/workflows/gcloud-server-deploy-merge.yml b/.github/workflows/gcloud-server-deploy-merge.yml new file mode 100644 index 0000000..65a8633 --- /dev/null +++ b/.github/workflows/gcloud-server-deploy-merge.yml @@ -0,0 +1,37 @@ +name: Deploy to Cloud Run on merge +on: + push: + branches: + - main + +jobs: + build_and_deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + # Server-specific steps + - name: Authenticate to Google Cloud + uses: google-github-actions/auth@v1 + with: + credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Set up Google Cloud SDK + uses: google-github-actions/setup-gcloud@v1 + + - name: Configure Docker for GCR + run: gcloud auth configure-docker + + - name: Build and push Docker image + working-directory: ./server + run: | + gcloud builds submit --tag gcr.io/webnote-df968/webnote + + - name: Deploy to Cloud Run + run: | + gcloud run deploy webnote \ + --image gcr.io/webnote-df968/webnote \ + --region europe-west3 \ + --allow-unauthenticated \ + --set-env-vars FLASK_SECRET_KEY=${{ secrets.FLASK_SECRET_KEY }} \ + --set-env-vars FLASK_DEBUG=false \ No newline at end of file diff --git a/.github/workflows/gcloud-server-deploy-pull-request.yml b/.github/workflows/gcloud-server-deploy-pull-request.yml new file mode 100644 index 0000000..72e127c --- /dev/null +++ b/.github/workflows/gcloud-server-deploy-pull-request.yml @@ -0,0 +1,31 @@ +name: Deploy to Cloud Run on PR +on: pull_request + +permissions: + checks: write + contents: read + pull-requests: write + +jobs: + build_and_preview: + if: ${{ github.event.pull_request.head.repo.full_name == github.repository }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + # Server-specific steps + - name: Authenticate to Google Cloud + uses: google-github-actions/auth@v1 + with: + credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Set up Google Cloud SDK + uses: google-github-actions/setup-gcloud@v1 + + - name: Configure Docker for GCR + run: gcloud auth configure-docker + + - name: Build Docker image + working-directory: ./server + run: | + gcloud builds submit --tag gcr.io/webnote-df968/webnote:pr-${{ github.event.number }} \ No newline at end of file diff --git a/server/Dockerfile b/server/Dockerfile new file mode 100644 index 0000000..46d6a68 --- /dev/null +++ b/server/Dockerfile @@ -0,0 +1,33 @@ +# Use Python 3.11 slim image +FROM python:3.11-slim + +# Set working directory +WORKDIR /app + +# Install system dependencies +RUN apt-get update && apt-get install -y \ + gcc \ + && rm -rf /var/lib/apt/lists/* + +# Copy requirements first for better caching +COPY requirements.txt . + +# Install Python dependencies +RUN pip install --no-cache-dir -r requirements.txt + +# Copy application code +COPY . . + +# Create non-root user for security +RUN useradd --create-home --shell /bin/bash app && chown -R app:app /app +USER app + +# Expose port (Cloud Run uses PORT env var, defaults to 8080) +EXPOSE 8080 + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD curl -f http://localhost:${PORT:-8080}/socket.io/ || exit 1 + +# Run with Gunicorn (use PORT env var from Cloud Run) +CMD gunicorn --worker-class eventlet -w 1 --bind 0.0.0.0:${PORT:-8080} signaling_server:app \ No newline at end of file diff --git a/server/requirements.txt b/server/requirements.txt new file mode 100644 index 0000000..6c5a122 --- /dev/null +++ b/server/requirements.txt @@ -0,0 +1,7 @@ +Flask==2.3.3 +Flask-SocketIO==5.3.6 +python-dotenv==1.0.0 +gunicorn==21.2.0 +eventlet==0.33.3 +python-engineio==4.7.1 +python-socketio==5.9.0 \ No newline at end of file