Jump to Content
DevOps & SRE

Connecting GitHub Actions and Google Cloud Deploy

May 9, 2023
Henry Bell

Solutions Architect, Google Cloud

S. Bogdan

Product Manager

Google Cloud customers depend on Google Cloud Deploy to deliver their software to production. Taking advantage of a fully managed deployment service means you don’t need to burn cycles scaling and maintaining a self-hosted platform, and the controls and constraints built into Cloud Deploy help with making your pipelines reliable, safe, and trusted.

Typically, Cloud Deploy delivery pipelines are used to progress a release through multiple target environments for testing on the progression to live, which means that releases to production can become more frequent and less stressful. As well as this, Cloud Deploy provides delivery metrics out of the box, which helps enable you to measure and improve your software delivery success over time.

Google Cloud customers may also use GitHub, not only for source control but also more generally as a hub for software development. Alongside core source control, GitHub Actions is used to compile code, build artifacts, and automate many other aspects of software delivery. Because of this, for some time now Google Cloud has maintained a library of GitHub Actions that customers can integrate to automate their workflows.

From speaking with customers, we recently identified a pattern of desire for integration with tooling more specifically focused on software deployment. Based on these observations and by request, we’re happy to announce that we’ve added a new integration for connecting GitHub Actions and Google Cloud Deploy, allowing you to make the most of GitHub Actions for continuous integration (CI)  and Cloud Deploy for continuous delivery (CD).

As with our other GitHub Actions, create-cloud-deploy-release is simple to integrate with your build pipelines and lets you securely connect to Google Cloud.

A typical GitHub Actions workflow with handover to Cloud Deploy might have the following stages, to be run once an application component has passed unit and/or any other isolated component testing:

  1. Artifact build stage: use language-specific tooling (gradle, sbt, npm, etc.) to build an application artifact

  2. Packaging stage: bundle the application artifact with any other required components/dependencies

  3. Containerization stage: create a container image containing the application package

  4. Release creation stage: use the Cloud Deploy GitHub Action to create a release of the built container image

  5. Rollout stages, 1..n: progress the release through a series of GKECloud Run, or Anthos target environments

Once the release is created, the flow of control passes to Cloud Deploy, which will first perform a rollout to the initial target environment – commonly “dev” or “test” – for further testing and validation, before successively deploying the release to each of the delivery pipeline target environments on the progression to production.

Let's look at an example workflow in more detail. The full workflow described in the upcoming paragraphs is in the Google Cloud GitHub Actions example workflows repository for you to pick up and use in your own projects.

First, we will use the checkout and auth actions to check out the repository and authenticate to Google Cloud. Note that Workload Identity Federation with OAuth is used to avoid exporting powerful credentials outside Google Cloud itself:

Loading...

Next, we’ll use another Google GitHub Action, gcloud-setup, to install and configure the Google Cloud SDK, and configure Docker to use Google Cloud Artifact Registry to store the built images:

Loading...

The next step is to build the application, create a container image, and push it to Google Cloud Artifact Registry:

Loading...

As part of the example workflow a sample delivery pipeline is created, but for real-world use we recommend managing your pipelines and targets outside your application build pipeline, either declaratively in YAML or using an infrastructure-as-code tool such as Terraform with the Google Cloud Provider, which supports Cloud Deploy.

Finally, construct a name and create a release with create-cloud-deploy-release:

Loading...

As shown in the example above, Cloud Deploy releases can be created by simply referencing a container image in a registry, making it a simple snap-in tool for continuous delivery.

The release can now be progressed through the target environments, taking advantage of dedicated deployment-focused features such as parallel deployments (preview), rollout approvals, and deployment verification.

https://storage.googleapis.com/gweb-cloudblog-publish/images/GitHub_Actions.max-700x700.jpg

Combining the ease-of-use of GitHub Actions with the purpose-built Cloud Deploy for continuous delivery helps you to get the best of both worlds and to deliver reliably to production. You can find the Cloud Deploy GitHub Action with documentation here, and a complete standalone example here. Tutorials for various Cloud Deploy features are here. Don’t delay, deploy today!

Posted in