From d6bd9fd001669dd8bc62befff77732fc622962c4 Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Tue, 3 Feb 2026 23:49:49 +0530 Subject: [PATCH 1/6] feat: added workflow for cloudrun rollback --- .../workflows/shared-cloudrun-rollback.yml | 75 ++++++++++++++ docs/{30.tfdrift.md => 31.tfdrift.md} | 0 docs/32.cloudrun-rollback.md | 98 +++++++++++++++++++ 3 files changed, 173 insertions(+) create mode 100644 .github/workflows/shared-cloudrun-rollback.yml rename docs/{30.tfdrift.md => 31.tfdrift.md} (100%) create mode 100644 docs/32.cloudrun-rollback.md diff --git a/.github/workflows/shared-cloudrun-rollback.yml b/.github/workflows/shared-cloudrun-rollback.yml new file mode 100644 index 00000000..955d19fb --- /dev/null +++ b/.github/workflows/shared-cloudrun-rollback.yml @@ -0,0 +1,75 @@ +name: Cloud Run Deploy with Auto Rollback + +on: + workflow_call: + inputs: + gcp_registry_host: + required: true + type: string + IMAGE_NAME: + required: true + type: string + IMAGE_TAG: + required: true + type: string + GCP_REPOSITORY: + required: true + type: string + SERVICE_NAME: + required: true + type: string + REGION: + required: true + type: string + + secrets: + GCP_PROJECT_ID: + required: true + GCP_SA_KEY: + required: true + + outputs: + revision: + description: "Previous revision" + value: ${{ jobs.deploy.outputs.revision }} + service_name: + description: "Service name" + value: ${{ inputs.SERVICE_NAME }} + +jobs: + deploy: + runs-on: ubuntu-latest + outputs: + revision: ${{ steps.prev.outputs.revision }} + + steps: + - name: Authenticate to GCP + uses: google-github-actions/auth@v2 + with: + credentials_json: ${{ secrets.GCP_SA_KEY }} + + - name: Setup gcloud + uses: google-github-actions/setup-gcloud@v2 + + - name: Get current revision + id: prev + run: | + REVISION=$(gcloud run services describe ${{ inputs.SERVICE_NAME }} \ + --region ${{ inputs.REGION }} \ + --format="value(status.traffic[0].revisionName)") + echo "Current revision: $REVISION" + + # Set for parent workflow (Environment file) + echo "revision=$REVISION" >> $GITHUB_OUTPUT + + # 2ī¸âƒŖ Deploy new image + - name: Deploy new image + id: deploy + run: | + IMAGE_URI="${{ inputs.gcp_registry_host }}/${{ secrets.GCP_PROJECT_ID }}/${{ inputs.GCP_REPOSITORY }}/${{ inputs.IMAGE_NAME }}:${{ inputs.IMAGE_TAG }}" + echo "🚀 Deploying $IMAGE_URI" + gcloud run deploy ${{ inputs.SERVICE_NAME }} \ + --image "$IMAGE_URI" \ + --region ${{ inputs.REGION }} \ + --platform managed \ + --quiet \ No newline at end of file diff --git a/docs/30.tfdrift.md b/docs/31.tfdrift.md similarity index 100% rename from docs/30.tfdrift.md rename to docs/31.tfdrift.md diff --git a/docs/32.cloudrun-rollback.md b/docs/32.cloudrun-rollback.md new file mode 100644 index 00000000..ac6eb150 --- /dev/null +++ b/docs/32.cloudrun-rollback.md @@ -0,0 +1,98 @@ +## [Cloud Run Deploy with Auto Rollback reusable workflow](https://github.com/clouddrove/github-shared-workflows/blob/master/.github/workflows/shared-cloudrun-rollback.yml) + + + +### Overview + +The Cloud Run Deploy with Auto Rollback workflow: + +* Deploys a new Docker image to a Cloud Run service + +* Captures the currently active revision before deployment + +* Exposes the previous revision as an output for rollback + +* Enables parent workflows to trigger rollback automatically on failure + +This workflow helps ensure safer production deployments and faster recovery in case of issues. + +### Workflow Location +``` +.github/workflows/shared-cloudrun-rollback.yml +``` +#### Example +```yaml + +name: Deploy to Cloud Run + +on: + workflow_dispatch: + +jobs: + deploy-backend: + uses: clouddrove/github-shared-workflows/.github/workflows/shared-cloudrun-rollback.yml@master + with: + gcp_registry_host: # GCP Artifact Registry host + IMAGE_NAME: # Docker image name + IMAGE_TAG: # Image tag to deploy + SERVICE_NAME: # Cloud Run service name + REGION: # GCP region + GCP_REPOSITORY: # Artifact Registry repository + secrets: + GCP_PROJECT_ID: # GCP Project ID + GCP_SA_KEY: # GCP Service Account key (JSON) + + rollback-all: + needs: + - deploy-backend + if: ${{ failure() }} + runs-on: ubuntu-latest + + steps: + - name: Authenticate to GCP + uses: google-github-actions/auth@v2 + with: + credentials_json: # GCP Service Account key (JSON) + + - name: Setup gcloud + uses: google-github-actions/setup-gcloud@v2 + with: + project_id: # GCP Project ID + + - name: Rollback Cloud Run services (if needed) + run: | + echo "🚨 Rollback triggered because a deployment failed" + + REGION= # GCP region + PROJECT= # GCP Project ID + + rollback_if_needed () { + SERVICE_NAME=$1 + PREV_REV=$2 + + if [ -z "$PREV_REV" ]; then + echo "ℹī¸ $SERVICE_NAME was not deployed, skipping rollback" + return + fi + + CURRENT_REV=$(gcloud run services describe "$SERVICE_NAME" \ + --region "$REGION" \ + --project "$PROJECT" \ + --format="value(status.traffic[0].revisionName)") + + if [ "$CURRENT_REV" = "$PREV_REV" ]; then + echo "✅ $SERVICE_NAME rollback not required — traffic already on previous revision ($PREV_REV)" + else + echo "🔄 Rolling back $SERVICE_NAME to revision: $PREV_REV" + gcloud run services update-traffic "$SERVICE_NAME" \ + --to-revisions="$PREV_REV=100" \ + --region "$REGION" \ + --project "$PROJECT" \ + && echo "✅ $SERVICE_NAME rollback successful" \ + || echo "⚠ī¸ $SERVICE_NAME rollback failed — traffic may already be correct" + fi + } + + rollback_if_needed "# Cloud Run service name" "${{ needs.deploy-backend.outputs.revision }}" + +``` \ No newline at end of file From b706578216a99eac0bc0855d18061dc49bf5c49a Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Wed, 4 Feb 2026 00:04:04 +0530 Subject: [PATCH 2/6] fix: fixed lint issue --- .github/workflows/shared-cloudrun-rollback.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/shared-cloudrun-rollback.yml b/.github/workflows/shared-cloudrun-rollback.yml index 955d19fb..8f7d2059 100644 --- a/.github/workflows/shared-cloudrun-rollback.yml +++ b/.github/workflows/shared-cloudrun-rollback.yml @@ -1,3 +1,4 @@ +--- name: Cloud Run Deploy with Auto Rollback on: @@ -72,4 +73,5 @@ jobs: --image "$IMAGE_URI" \ --region ${{ inputs.REGION }} \ --platform managed \ - --quiet \ No newline at end of file + --quiet +... \ No newline at end of file From 820aeadca0c661cbc228a9f2487186b291393ab3 Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Wed, 4 Feb 2026 00:06:24 +0530 Subject: [PATCH 3/6] fix: fixed lint issue --- .github/workflows/shared-cloudrun-rollback.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/shared-cloudrun-rollback.yml b/.github/workflows/shared-cloudrun-rollback.yml index 8f7d2059..2adb9229 100644 --- a/.github/workflows/shared-cloudrun-rollback.yml +++ b/.github/workflows/shared-cloudrun-rollback.yml @@ -74,4 +74,4 @@ jobs: --region ${{ inputs.REGION }} \ --platform managed \ --quiet -... \ No newline at end of file +... From 0eb6a843f54ad6e8212351e5981e29dee41a5764 Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Wed, 4 Feb 2026 00:11:37 +0530 Subject: [PATCH 4/6] fix: fixed lint error --- .github/workflows/shared-cloudrun-rollback.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/shared-cloudrun-rollback.yml b/.github/workflows/shared-cloudrun-rollback.yml index 2adb9229..4029fa8d 100644 --- a/.github/workflows/shared-cloudrun-rollback.yml +++ b/.github/workflows/shared-cloudrun-rollback.yml @@ -59,7 +59,6 @@ jobs: --region ${{ inputs.REGION }} \ --format="value(status.traffic[0].revisionName)") echo "Current revision: $REVISION" - # Set for parent workflow (Environment file) echo "revision=$REVISION" >> $GITHUB_OUTPUT From 2df9ef9b004271aaf90d1577fc23aef36043664e Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Mon, 16 Feb 2026 22:25:43 +0530 Subject: [PATCH 5/6] fix: update workflow and README as per PR review comments --- .../actions/cloudrun-rollback | 66 +++++-------------- ...run-rollback.yml => cloudrun-rollback.yml} | 0 docs/cloudrun-rollback.md | 60 +++++++++++++++++ docs/{31.tfdrift.md => tfdrift.md} | 0 4 files changed, 78 insertions(+), 48 deletions(-) rename docs/32.cloudrun-rollback.md => .github/actions/cloudrun-rollback (56%) rename .github/workflows/{shared-cloudrun-rollback.yml => cloudrun-rollback.yml} (100%) create mode 100644 docs/cloudrun-rollback.md rename docs/{31.tfdrift.md => tfdrift.md} (100%) diff --git a/docs/32.cloudrun-rollback.md b/.github/actions/cloudrun-rollback similarity index 56% rename from docs/32.cloudrun-rollback.md rename to .github/actions/cloudrun-rollback index ac6eb150..4fa2bee0 100644 --- a/docs/32.cloudrun-rollback.md +++ b/.github/actions/cloudrun-rollback @@ -1,48 +1,20 @@ -## [Cloud Run Deploy with Auto Rollback reusable workflow](https://github.com/clouddrove/github-shared-workflows/blob/master/.github/workflows/shared-cloudrun-rollback.yml) - - - -### Overview - -The Cloud Run Deploy with Auto Rollback workflow: - -* Deploys a new Docker image to a Cloud Run service - -* Captures the currently active revision before deployment - -* Exposes the previous revision as an output for rollback - -* Enables parent workflows to trigger rollback automatically on failure - -This workflow helps ensure safer production deployments and faster recovery in case of issues. - -### Workflow Location -``` -.github/workflows/shared-cloudrun-rollback.yml -``` -#### Example -```yaml - -name: Deploy to Cloud Run - -on: - workflow_dispatch: - -jobs: - deploy-backend: - uses: clouddrove/github-shared-workflows/.github/workflows/shared-cloudrun-rollback.yml@master - with: - gcp_registry_host: # GCP Artifact Registry host - IMAGE_NAME: # Docker image name - IMAGE_TAG: # Image tag to deploy - SERVICE_NAME: # Cloud Run service name - REGION: # GCP region - GCP_REPOSITORY: # Artifact Registry repository - secrets: - GCP_PROJECT_ID: # GCP Project ID - GCP_SA_KEY: # GCP Service Account key (JSON) - - rollback-all: +######################################################################################## +# Rollback Workflow (Cloud Run) +#--------------------------------------------------------------------------------------- +# Purpose: +# This job is automatically triggered when the `deploy-backend` job fails. +# It safely rolls back the specified Google Cloud Run service to the +# previously deployed revision by shifting 100% traffic back to it. +# +# Use case: +# - Prevents broken deployments from impacting production +# - Ensures high availability by restoring last known good revision +# +# Trigger condition: +# - Runs only when a dependent job fails (`if: failure()`) +######################################################################################## + +rollback-all: needs: - deploy-backend if: ${{ failure() }} @@ -93,6 +65,4 @@ jobs: fi } - rollback_if_needed "# Cloud Run service name" "${{ needs.deploy-backend.outputs.revision }}" - -``` \ No newline at end of file + rollback_if_needed "# Cloud Run service name" "${{ needs.deploy-backend.outputs.revision }}" \ No newline at end of file diff --git a/.github/workflows/shared-cloudrun-rollback.yml b/.github/workflows/cloudrun-rollback.yml similarity index 100% rename from .github/workflows/shared-cloudrun-rollback.yml rename to .github/workflows/cloudrun-rollback.yml diff --git a/docs/cloudrun-rollback.md b/docs/cloudrun-rollback.md new file mode 100644 index 00000000..366137b2 --- /dev/null +++ b/docs/cloudrun-rollback.md @@ -0,0 +1,60 @@ +## [Cloud Run Deploy with Auto Rollback reusable workflow](https://github.com/clouddrove/github-shared-workflows/blob/master/.github/workflows/shared-cloudrun-rollback.yml) + + + +### Overview + +The Cloud Run Deploy with Auto Rollback reusable workflow is designed to make Cloud Run deployments safer and more reliable. + +It deploys a new Docker image to a Cloud Run service while preserving the currently active revision. +If the deployment fails, parent workflows can automatically roll back traffic to the last stable revision. + +This approach helps reduce production risk and ensures quick recovery from failed deployments. + +### Features + +* Deploys a Docker image to Google Cloud Run + +* Captures the currently active revision before deployment + +* Exposes the previous revision as a workflow output + +* Enables automatic rollback on deployment failure + +* Uses secure GCP authentication via Service Account + +* Designed as a reusable workflow for multiple services + +### Usage + +### Workflow Location +``` +.github/workflows/shared-cloudrun-rollback.yml +``` +#### Example +```yaml +name: Deploy to Cloud Run + +on: + workflow_dispatch: + +jobs: + deploy-backend: + uses: clouddrove/github-shared-workflows/.github/workflows/shared-cloudrun-rollback.yml@master + with: + gcp_registry_host: # GCP Artifact Registry host + IMAGE_NAME: # Docker image name + IMAGE_TAG: # Image tag to deploy + SERVICE_NAME: # Cloud Run service name + REGION: # GCP region + GCP_REPOSITORY: # Artifact Registry repository + secrets: + GCP_PROJECT_ID: # GCP Project ID + GCP_SA_KEY: # GCP Service Account key (JSON) +``` + +#### Reference workflow: +The rollback logic used by this workflow is implemented in +``` +actions/cloudrun-rollback +``` \ No newline at end of file diff --git a/docs/31.tfdrift.md b/docs/tfdrift.md similarity index 100% rename from docs/31.tfdrift.md rename to docs/tfdrift.md From 8bdbcc877367f70799a25ab8c1bb905bd5d9fdc8 Mon Sep 17 00:00:00 2001 From: Kkhandale2024 Date: Tue, 17 Feb 2026 00:31:08 +0530 Subject: [PATCH 6/6] fix: updated readme --- docs/cloudrun-rollback.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/cloudrun-rollback.md b/docs/cloudrun-rollback.md index 366137b2..d704d948 100644 --- a/docs/cloudrun-rollback.md +++ b/docs/cloudrun-rollback.md @@ -29,7 +29,7 @@ This approach helps reduce production risk and ensures quick recovery from faile ### Workflow Location ``` -.github/workflows/shared-cloudrun-rollback.yml +.github/workflows/cloudrun-rollback.yml ``` #### Example ```yaml @@ -40,7 +40,7 @@ on: jobs: deploy-backend: - uses: clouddrove/github-shared-workflows/.github/workflows/shared-cloudrun-rollback.yml@master + uses: clouddrove/github-shared-workflows/.github/workflows/cloudrun-rollback.yml@master with: gcp_registry_host: # GCP Artifact Registry host IMAGE_NAME: # Docker image name