Skip to content

Instantly share code, notes, and snippets.

@andreif
Last active January 6, 2024 21:42
Show Gist options
  • Save andreif/b1c37636d13b294b8de1d2673d748f5d to your computer and use it in GitHub Desktop.
Save andreif/b1c37636d13b294b8de1d2673d748f5d to your computer and use it in GitHub Desktop.
Cloud Build and Cloud Run example

Cloud Build and Cloud Run example

PROJECT=my-project-123456  make setup build-and-deploy
# Note: It expects env var PROJECT to be set before running make commands!
# Example: PROJECT=my-project-123456 make setup
REGION = europe-west1
ZONE = b
REPO = test-repo
APP = test-app
APP_IMG = ${REGION}-docker.pkg.dev/${PROJECT}/${REPO}/${APP}:latest
SERVICE = test-service
### SETUP CLI
GCLOUD_IMG = gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
GCLOUD_CONTAINER = gcloud
GCLOUD_EXEC = docker exec -ti ${GCLOUD_CONTAINER}
GCLOUD = ${GCLOUD_EXEC} gcloud
PLATFORM = $(shell uname -m | grep -q 'arm64' && echo '--platform linux/arm64')
setup: auth config-set config-list
auth: remove-existing-container
docker run -ti ${PLATFORM} -v .:/app -w /app --name ${GCLOUD_CONTAINER} ${GCLOUD_IMG} gcloud auth login --brief
docker start ${GCLOUD_CONTAINER}
remove-existing-container:
@docker rm -f ${GCLOUD_CONTAINER} 2>/dev/null || true
config-set:
test -n "${PROJECT}" || (echo "PROJECT env var not set"; exit 1)
test -n "${REGION}" || (echo "REGION env var not set"; exit 1)
test -n "${ZONE}" || (echo "ZONE env var not set"; exit 1)
${GCLOUD} config set core/project ${PROJECT}
${GCLOUD} config set compute/region ${REGION}
${GCLOUD} config set compute/zone ${REGION}-$(subst ${REGION}-,,${ZONE})
@echo
make config-list
config-list:
${GCLOUD} config list
### BUILD AND DEPLOY
PROJECT_NUMBER = $(shell ${GCLOUD} projects describe ${PROJECT} --format='value(projectNumber)')
SERVICE_ACCOUNT = ${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com
COMPUTE_ACCOUNT = ${PROJECT_NUMBER}-compute@developer.gserviceaccount.com
repo-create:
${GCLOUD} artifacts repositories list --location=${REGION} | grep -q ${REPO} || \
${GCLOUD} artifacts repositories create ${REPO} --project=${PROJECT} --repository-format=docker --location=${REGION}
repo-list:
${GCLOUD} artifacts repositories list
build:
${GCLOUD} builds submit --region=${REGION} --tag ${APP_IMG}
grant-run-admin: # Grant the Cloud Run Admin role to the Cloud Build service account
${GCLOUD} projects add-iam-policy-binding ${PROJECT} \
--member=serviceAccount:${SERVICE_ACCOUNT} --role=roles/run.admin
grant-service: # Grant the IAM Service Account User role to the Cloud Build service account for the Cloud Run runtime service account
${GCLOUD} iam service-accounts add-iam-policy-binding ${COMPUTE_ACCOUNT} \
--member=serviceAccount:${SERVICE_ACCOUNT} --role=roles/iam.serviceAccountUser
deploy:
${GCLOUD} run deploy ${SERVICE} --image ${APP_IMG} --region ${REGION} --platform managed --allow-unauthenticated
build-and-deploy: repo-create build grant-run-admin grant-service deploy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment