cloudbuild.yaml
steps:
- name: "gcr.io/cloud-builders/yarn"
id: "install"
args: ["install"]
- name: "gcr.io/cloud-builders/gcloud"
id: "decrypt firestore"
args:
- kms
- decrypt
- --ciphertext-file=firestore.json.enc
- --plaintext-file=firestore.json
- --location=global
- --keyring=deploy
- --key=firestore
- name: "gcr.io/cloud-builders/gcloud"
id: "decrypt .env"
args:
- kms
- decrypt
- --ciphertext-file=.env.enc
- --plaintext-file=.env
- --location=global
- --keyring=deploy
- --key=env
- name: "gcr.io/cloud-builders/gcloud"
id: "decrypt github"
args:
- kms
- decrypt
- --ciphertext-file=github.pem.enc
- --plaintext-file=github.pem
- --location=global
- --keyring=deploy
- --key=github
- name: "gcr.io/cloud-builders/yarn"
waitFor: ["decrypt firestore", "decrypt .env", "decrypt github"]
id: "test"
args: ["test"]
- name: "gcr.io/cloud-builders/gcloud"
waitFor: ["decrypt firestore", "decrypt .env", "decrypt github"]
entrypoint: "bash"
args:
- "-c"
- |
if [[ "$BRANCH_NAME" == "master" ]]; then gcloud functions deploy scanPackages --runtime nodejs8 --memory=1024M --timeout=90s --trigger-http; else exit 0; fi