Zenn
🎃

Github ActionsでDataformのコンパイルとリリース構成の更新を実行する

2024/03/05に公開
#
dataform
tech

やったこと

  • Dataformのリリースフローの変更
    • 変更後: mainブランチにpushした際に「コンパイル結果の作成」と「リリース構成の更新」を実行するようにした
    • 変更前: リリース構成のスケジュール設定に従い、コード変更の有無に関わらず定時実行でコンパイル結果の作成を行っていた

ワークフローのyaml

  • gcloud cliにdataform関連がないのでcurlでdataform.googleapis.comを叩く
name: Dataform Create Compilation and Update Release Config

on:
  push:
    branches: main

env:
  WORKLOAD_IDENTITY_PROVIDER: "projects/hogehoge/locations/global/workloadIdentityPools/hogehoge-pool/providers/hogehoge-provider"
  SERVICE_ACCOUNT: "hogehoge@hogehoge.iam.gserviceaccount.com"
  PROJECT_ID: "hogehoge"
  REGION: "asia-northeast1"
  REPOSITORY: "hogehoge"
  RELEASE_CONFIG: "hogehoge"

jobs:
  compile-and-deploy:
    runs-on: ubuntu-latest

    permissions:
      contents: "read"
      id-token: "write"

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - id: auth
        uses: google-github-actions/auth@v2
        with:
          token_format: "access_token"
          workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER}}
          service_account: ${{ env.SERVICE_ACCOUNT }}
          project_id: ${{ env.PROJECT_ID }}

      - name: Create Compilation
        id: compilation
        run: |
          echo "name=$(curl -fs -X POST \
            'https://dataform.googleapis.com/v1beta1/projects/${{ env.PROJECT_ID }}/locations/${{ env.REGION }}/repositories/${{ env.REPOSITORY }}/compilationResults' \
            -H "Authorization: Bearer ${{ steps.auth.outputs.access_token }}" \
            -H 'Content-Type: application/json' \
            -d '{
                  "releaseConfig": "projects/${{ env.PROJECT_ID }}/locations/${{ env.REGION }}/repositories/${{ env.REPOSITORY }}/releaseConfigs/${{ env.RELEASE_CONFIG }}"
                }' | jq -c '.name')" >> $GITHUB_OUTPUT

      - name: Update Release Config
        run: |
          curl -fs -X PATCH \
          'https://dataform.googleapis.com/v1beta1/projects/${{ env.PROJECT_ID }}/locations/${{ env.REGION }}/repositories/${{ env.REPOSITORY }}/releaseConfigs/${{ env.RELEASE_CONFIG }}' \
          -H "Authorization: Bearer $(echo ${{ steps.auth.outputs.access_token }})" \
          -H 'Content-Type: application/json' \
          -d '{
                "gitCommitish": "main",
                "codeCompilationConfig": {
                  "vars": {
                      "env": "prod"
                  }
                },
                "timeZone": "Asia/Tokyo",
                "releaseCompilationResult": ${{ steps.compilation.outputs.name }}
              }'

Discussion