Fix: CI/CD Pipeline

Author: GS-GOAT

.github/workflows/main.yml

@@ -4,49 +4,42 @@ name: PromptMan CI/CD to Google Cloud Run
 on:
   push:
     branches:
-      - main # Trigger deployment on pushes to the main branch
+      - main # Deploy when merging/pushing to main
 
 env:
-  # GCP Settings from GitHub Secrets
+  # GCP Settings from Secrets
   GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
   GCP_REGION: ${{ secrets.GCP_REGION }}
-  ARTIFACT_REGISTRY_REPO: ${{ secrets.ARTIFACT_REGISTRY_REPO }} # e.g., asia-south1-docker.pkg.dev/your-project-id/promptman-repo
-  
-  # Image and Service Naming Conventions
+  ARTIFACT_REGISTRY_REPO: ${{ secrets.ARTIFACT_REGISTRY_REPO }} 
+  # Image and Service Names
   BACKEND_IMAGE_NAME: promptman-backend
   FRONTEND_IMAGE_NAME: promptman-frontend
   BACKEND_SERVICE_NAME: promptman-backend
   FRONTEND_SERVICE_NAME: promptman-frontend
-  
-  # VPC Connector Name (ensure this exists in your GCP project and region)
-  VPC_CONNECTOR_NAME: promptman-connector
-  
-  # Use the commit SHA for unique Docker image tags for better traceability
+  VPC_CONNECTOR_NAME: promptman-connector 
+  # Use commit SHA for unique image tags
   IMAGE_TAG: ${{ github.sha }} 
 
 jobs:
-  # =======================================================
-  # 1. Build & Push Docker Images using Google Cloud Build
-  # =======================================================
   build_and_push_images:
     name: Build & Push Images
     runs-on: ubuntu-latest
-    # This job runs only on pushes to the main branch
     if: github.event_name == 'push' && github.ref == 'refs/heads/main' 
 
     permissions:
-      contents: 'read'      # Required to checkout the repository code
-      id-token: 'write'   # Required for Workload Identity Federation
+      contents: 'read'      
+      id-token: 'write'   
 
-    outputs: # Define outputs to pass image URIs to deployment jobs
-      backend_image_uri: ${{ steps.build_backend.outputs.image_uri }}
-      frontend_image_uri: ${{ steps.build_frontend.outputs.image_uri }}
+    outputs:
+      # Output the target image URIs based on the submit steps
+      backend_image_uri: ${{ steps.submit_backend_build.outputs.image_uri }}
+      frontend_image_uri: ${{ steps.submit_frontend_build.outputs.image_uri }}
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Authenticate to Google Cloud (via Workload Identity Federation)
+      - name: Authenticate to Google Cloud
         id: auth
         uses: google-github-actions/auth@v2
         with:
@@ -56,56 +49,141 @@ jobs:
       - name: Set up Google Cloud SDK
         uses: google-github-actions/setup-gcloud@v2
 
-      # Configure Docker helper to authenticate with Artifact Registry (uses gcloud credentials)
       - name: Configure Docker for Artifact Registry
         run: gcloud auth configure-docker ${{ env.GCP_REGION }}-docker.pkg.dev --quiet
 
-      - name: Build and Push Backend Docker Image (using Cloud Build)
-        id: build_backend
+      - name: Submit Backend Build and Get ID
+        id: submit_backend_build
         run: |
           IMAGE_URI="${{ env.ARTIFACT_REGISTRY_REPO }}/${{ env.BACKEND_IMAGE_NAME }}:${{ env.IMAGE_TAG }}"
-          echo "Building Backend Image to: $IMAGE_URI"
-          gcloud builds submit ./backend \
+          echo "Submitting Backend Build for Image: $IMAGE_URI"
+          
+          BUILD_ID_RAW=$(gcloud builds submit ./backend \
             --tag "$IMAGE_URI" \
             --project=${{ env.GCP_PROJECT_ID }} \
-            --quiet # Suppress verbose output from gcloud
-          echo "image_uri=$IMAGE_URI" >> $GITHUB_OUTPUT # Set output for subsequent jobs
+            --quiet \
+            --format='value(id)')
+            
+          if [ -n "$BUILD_ID_RAW" ]; then
+            BUILD_ID=$(echo "$BUILD_ID_RAW" | tr -d '\r\n' | xargs) 
+          else
+            BUILD_ID=""
+          fi
+          
+          if [ -z "$BUILD_ID" ]; then
+            echo "::warning::Could not get BUILD_ID directly from 'gcloud builds submit' output (Backend). Output was: [$BUILD_ID_RAW]. Attempting fallback."
+            BUILD_ID_FALLBACK=$(gcloud builds list --project=${{ env.GCP_PROJECT_ID }} --filter="sourceProvenance.resolvedRepoSource.commitSha='${{ github.sha }}' AND buildTriggerId=''" --sort-by=~createTime --format='value(id)' --limit=1)
+            if [ -z "$BUILD_ID_FALLBACK" ]; then
+               echo "::error::Could not determine BUILD_ID even via fallback list command (Backend)."
+               exit 1
+            else
+               BUILD_ID=$(echo "$BUILD_ID_FALLBACK" | xargs)
+               echo "Using BUILD_ID from fallback (Backend): $BUILD_ID"
+            fi
+          fi
+
+          if [ -z "$BUILD_ID" ]; then
+            echo "::error::Failed to obtain a valid BUILD_ID for Backend."
+            exit 1
+          fi
 
-      - name: Build and Push Frontend Docker Image (using Cloud Build and frontend/cloudbuild.yaml)
-        id: build_frontend
+          echo "Cleaned Cloud Build ID (Backend): $BUILD_ID" 
+          echo "build_id=$BUILD_ID" >> $GITHUB_OUTPUT
+          echo "image_uri=$IMAGE_URI" >> $GITHUB_OUTPUT
+
+      - name: Wait for Backend Build and Verify
+        id: wait_backend_build 
+        run: |
+          BUILD_ID="${{ steps.submit_backend_build.outputs.build_id }}"
+          echo "Waiting for Backend Build ID: $BUILD_ID to complete..."
+          gcloud builds log --stream "$BUILD_ID" --project=${{ env.GCP_PROJECT_ID }} || echo "Log streaming potentially failed for Backend, checking status..."
+          
+          FINAL_STATUS=$(gcloud builds describe "$BUILD_ID" --project=${{ env.GCP_PROJECT_ID }} --format='value(status)')
+          echo "Backend Build final status: $FINAL_STATUS"
+          if [[ "$FINAL_STATUS" != "SUCCESS" && "$FINAL_STATUS" != "WORKING" ]]; then 
+            echo "::error::Backend build $BUILD_ID failed or has unexpected status $FINAL_STATUS"
+            exit 1
+          elif [ "$FINAL_STATUS" == "WORKING" ]; then
+             echo "::warning::Backend Build $BUILD_ID still in WORKING state after log stream finished. Proceeding cautiously."
+          else
+             echo "Backend build $BUILD_ID succeeded."
+          fi
+
+      - name: Submit Frontend Build and Get ID
+        id: submit_frontend_build
         run: |
           IMAGE_URI="${{ env.ARTIFACT_REGISTRY_REPO }}/${{ env.FRONTEND_IMAGE_NAME }}:${{ env.IMAGE_TAG }}"
-          echo "Building Frontend Image to: $IMAGE_URI"
-          # Pass substitutions required by frontend/cloudbuild.yaml:
-          # _REACT_APP_GA_MEASUREMENT_ID comes from GitHub Secrets
-          # _IMAGE_TAG_NAME is constructed here
-          gcloud builds submit ./frontend \
+          echo "Submitting Frontend Build for Image: $IMAGE_URI"
+
+          BUILD_ID_RAW=$(gcloud builds submit ./frontend \
             --config=frontend/cloudbuild.yaml \
             --substitutions=_REACT_APP_GA_MEASUREMENT_ID="${{ secrets.PROD_REACT_APP_GA_MEASUREMENT_ID }}",_IMAGE_TAG_NAME="$IMAGE_URI" \
             --project=${{ env.GCP_PROJECT_ID }} \
-            --quiet
-          echo "image_uri=$IMAGE_URI" >> $GITHUB_OUTPUT # Set output for subsequent jobs
+            --quiet \
+            --format='value(id)')
+            
+          if [ -n "$BUILD_ID_RAW" ]; then
+            BUILD_ID=$(echo "$BUILD_ID_RAW" | tr -d '\r\n' | xargs)
+          else
+            BUILD_ID=""
+          fi
+
+          if [ -z "$BUILD_ID" ]; then
+            echo "::warning::Could not get BUILD_ID directly from 'gcloud builds submit' output (Frontend). Output was: [$BUILD_ID_RAW]. Attempting fallback."
+            BUILD_ID_FALLBACK=$(gcloud builds list --project=${{ env.GCP_PROJECT_ID }} --filter="sourceProvenance.resolvedRepoSource.commitSha='${{ github.sha }}' AND substitutions._IMAGE_TAG_NAME='$IMAGE_URI' AND buildTriggerId=''" --sort-by=~createTime --format='value(id)' --limit=1)
+            if [ -z "$BUILD_ID_FALLBACK" ]; then
+               echo "::error::Could not determine BUILD_ID even via fallback list command (Frontend)."
+               exit 1
+            else
+               BUILD_ID=$(echo "$BUILD_ID_FALLBACK" | xargs)
+               echo "Using BUILD_ID from fallback (Frontend): $BUILD_ID"
+            fi
+          fi
+
+          if [ -z "$BUILD_ID" ]; then
+            echo "::error::Failed to obtain a valid BUILD_ID for Frontend."
+            exit 1
+          fi
+
+          echo "Cleaned Cloud Build ID (Frontend): $BUILD_ID" 
+          echo "build_id=$BUILD_ID" >> $GITHUB_OUTPUT
+          echo "image_uri=$IMAGE_URI" >> $GITHUB_OUTPUT
+
+      - name: Wait for Frontend Build and Verify
+        id: wait_frontend_build
+        run: |
+          BUILD_ID="${{ steps.submit_frontend_build.outputs.build_id }}"
+          echo "Waiting for Frontend Build ID: $BUILD_ID to complete..."
+          gcloud builds log --stream "$BUILD_ID" --project=${{ env.GCP_PROJECT_ID }} || echo "Log streaming potentially failed for Frontend, checking status..."
+
+          FINAL_STATUS=$(gcloud builds describe "$BUILD_ID" --project=${{ env.GCP_PROJECT_ID }} --format='value(status)')
+          echo "Frontend Build final status: $FINAL_STATUS"
+          if [[ "$FINAL_STATUS" != "SUCCESS" && "$FINAL_STATUS" != "WORKING" ]]; then
+            echo "::error::Frontend build $BUILD_ID failed or has unexpected status $FINAL_STATUS"
+            exit 1
+          elif [ "$FINAL_STATUS" == "WORKING" ]; then
+             echo "::warning::Build $BUILD_ID still in WORKING state after log stream finished. Proceeding cautiously."
+          else
+            echo "Frontend build $BUILD_ID succeeded."
+          fi
 
-  # ==========================================
-  # 2. Deploy Backend Service to Cloud Run
-  # ==========================================
   deploy_backend:
     name: Deploy Backend Service
     runs-on: ubuntu-latest
-    needs: build_and_push_images # Depends on images being successfully built and pushed
+    needs: build_and_push_images 
     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
 
     permissions:
       contents: 'read'
       id-token: 'write'
 
-    outputs: # Output the deployed backend URL and host for the frontend deployment
+    outputs:
        backend_url: ${{ steps.deploy_backend_service.outputs.url }}
        backend_host: ${{ steps.deploy_backend_service.outputs.host }}
 
     steps:
       - name: Checkout code 
-        uses: actions/checkout@v4 # Though not strictly needed for deploy-from-image, good for consistency
+        uses: actions/checkout@v4
 
       - name: Authenticate to Google Cloud
         id: auth
@@ -118,11 +196,16 @@ jobs:
         uses: google-github-actions/setup-gcloud@v2
 
       - name: Deploy Backend to Cloud Run
-        id: deploy_backend_service # Step ID for referencing outputs
+        id: deploy_backend_service 
         run: |
-          echo "Deploying Backend Image: ${{ needs.build_and_push_images.outputs.backend_image_uri }}"
+          IMAGE_URI="${{ needs.build_and_push_images.outputs.backend_image_uri }}" # Correctly references output
+          echo "Deploying Backend Image: $IMAGE_URI"
+          if [ -z "$IMAGE_URI" ]; then
+             echo "::error::Backend Image URI is empty. Build might have failed to output."
+             exit 1
+          fi
           gcloud run deploy ${{ env.BACKEND_SERVICE_NAME }} \
-            --image "${{ needs.build_and_push_images.outputs.backend_image_uri }}" \
+            --image "$IMAGE_URI" \
             --platform managed \
             --region ${{ env.GCP_REGION }} \
             --port 8000 \
@@ -136,22 +219,17 @@ jobs:
             --project=${{ env.GCP_PROJECT_ID }} \
             --quiet
             
-          # Get the URL of the deployed service to pass to the frontend deployment
           SERVICE_URL=$(gcloud run services describe ${{ env.BACKEND_SERVICE_NAME }} --platform managed --region ${{ env.GCP_REGION }} --format='value(status.url)' --project=${{ env.GCP_PROJECT_ID }})
-          SERVICE_HOST=$(echo $SERVICE_URL | sed -e 's|^[^/]*//||' -e 's|/.*$||') # Extracts hostname
+          SERVICE_HOST=$(echo $SERVICE_URL | sed -e 's|^[^/]*//||' -e 's|/.*$||') 
           echo "Backend Service URL: $SERVICE_URL"
           echo "Backend Service Host: $SERVICE_HOST"
-          # Set outputs for the next job
           echo "url=$SERVICE_URL" >> $GITHUB_OUTPUT
           echo "host=$SERVICE_HOST" >> $GITHUB_OUTPUT
 
-  # ==========================================
-  # 3. Deploy Frontend Service to Cloud Run
-  # ==========================================
   deploy_frontend:
     name: Deploy Frontend Service
     runs-on: ubuntu-latest
-    needs: deploy_backend # Depends on backend deployment to get its URL
+    needs: [build_and_push_images, deploy_backend] # Depends on both image build and backend deployment
     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
 
     permissions:
@@ -176,17 +254,22 @@ jobs:
         run: |
           BACKEND_URL="${{ needs.deploy_backend.outputs.backend_url }}"
           BACKEND_HOST="${{ needs.deploy_backend.outputs.backend_host }}"
+          IMAGE_URI="${{ needs.build_and_push_images.outputs.frontend_image_uri }}" # Correctly references output
           
           if [ -z "$BACKEND_URL" ] || [ -z "$BACKEND_HOST" ]; then
             echo "::error::Backend URL or Host not received from previous job. Check deploy_backend job outputs."
             exit 1
           fi
+          if [ -z "$IMAGE_URI" ]; then
+             echo "::error::Frontend Image URI is empty. Build might have failed to output."
+             exit 1
+          fi
           
-          echo "Deploying Frontend Image: ${{ needs.build_and_push_images.outputs.frontend_image_uri }}"
+          echo "Deploying Frontend Image: $IMAGE_URI"
           echo "Configuring Nginx with Backend URL: $BACKEND_URL and Host: $BACKEND_HOST"
           
           gcloud run deploy ${{ env.FRONTEND_SERVICE_NAME }} \
-            --image "${{ needs.build_and_push_images.outputs.frontend_image_uri }}" \
+            --image "$IMAGE_URI" \
             --platform managed \
             --region ${{ env.GCP_REGION }} \
             --port 80 \