| # trust google cloud load balancer ips | |
| # https://cloud.google.com/load-balancing/docs/https#x-forwarded-for_header | |
| config.action_dispatch.trusted_proxies = %w(130.211.0.0/22 35.191.0.0/16).map { |proxy| IPAddr.new(proxy) } |
| <% | |
| branch = `git rev-parse --abbrev-ref HEAD`.strip rescue ENV.fetch("RAILS_DATABASE_SUFFIX", "master") | |
| branch = branch.underscore.gsub(/[\.\/\-]/, '_') | |
| %> | |
| default: &default | |
| adapter: postgresql | |
| encoding: unicode | |
| pool: <%= ENV.fetch("RAILS_MAX_THREADS", 5) %> | |
| host: <%= ENV.fetch("RAILS_DATABASE_HOST", "127.0.0.1") %> |
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "net/http" | |
| "net/http/httputil" | |
| "os" | |
| "golang.org/x/crypto/acme/autocert" |
| sudo setcap CAP_NET_BIND_SERVICE=+eip /path/to/binary |
| # config/initializers/resque.rb | |
| module Resque | |
| class Worker | |
| # Monkey patch linux_worker_pids because the original function tries to shell out. | |
| # Since we run distroless in production, there is no shell. | |
| # https://github.com/resque/resque/blob/7f6b88404dd18698f6f4023e18fdc1ae8318e5e5/lib/resque/worker.rb#L839 | |
| def linux_worker_pids | |
| [Process.pid] | |
| end | |
| end |
The general idea is to have Github Actions test, build and deploy a Rails app to Google Cloud Compute Engine.
| docker system prune -a | |
| docker rm $(docker ps -a -f status=exited -q) | |
| https://www.digitalocean.com/community/tutorials/how-to-remove-docker-images-containers-and-volumes |
| METADATA=http://metadata.google.internal/computeMetadata/v1 | |
| SVC_ACCT=$METADATA/instance/service-accounts/default | |
| ACCESS_TOKEN=$(curl -H 'Metadata-Flavor: Google' $SVC_ACCT/token | cut -d'"' -f 4) |
| gcloud config configurations list | |
| gcloud config configurations activate MY_OLD_CONFIG | |
| gcloud_switch xxx |