PROJECT=my-project-123456 make setup build-and-deploy
Last active
January 6, 2024 21:42
-
-
Save andreif/b1c37636d13b294b8de1d2673d748f5d to your computer and use it in GitHub Desktop.
Cloud Build and Cloud Run example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Note: It expects env var PROJECT to be set before running make commands! | |
# Example: PROJECT=my-project-123456 make setup | |
REGION = europe-west1 | |
ZONE = b | |
REPO = test-repo | |
APP = test-app | |
APP_IMG = ${REGION}-docker.pkg.dev/${PROJECT}/${REPO}/${APP}:latest | |
SERVICE = test-service | |
### SETUP CLI | |
GCLOUD_IMG = gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine | |
GCLOUD_CONTAINER = gcloud | |
GCLOUD_EXEC = docker exec -ti ${GCLOUD_CONTAINER} | |
GCLOUD = ${GCLOUD_EXEC} gcloud | |
PLATFORM = $(shell uname -m | grep -q 'arm64' && echo '--platform linux/arm64') | |
setup: auth config-set config-list | |
auth: remove-existing-container | |
docker run -ti ${PLATFORM} -v .:/app -w /app --name ${GCLOUD_CONTAINER} ${GCLOUD_IMG} gcloud auth login --brief | |
docker start ${GCLOUD_CONTAINER} | |
remove-existing-container: | |
@docker rm -f ${GCLOUD_CONTAINER} 2>/dev/null || true | |
config-set: | |
test -n "${PROJECT}" || (echo "PROJECT env var not set"; exit 1) | |
test -n "${REGION}" || (echo "REGION env var not set"; exit 1) | |
test -n "${ZONE}" || (echo "ZONE env var not set"; exit 1) | |
${GCLOUD} config set core/project ${PROJECT} | |
${GCLOUD} config set compute/region ${REGION} | |
${GCLOUD} config set compute/zone ${REGION}-$(subst ${REGION}-,,${ZONE}) | |
@echo | |
make config-list | |
config-list: | |
${GCLOUD} config list | |
### BUILD AND DEPLOY | |
PROJECT_NUMBER = $(shell ${GCLOUD} projects describe ${PROJECT} --format='value(projectNumber)') | |
SERVICE_ACCOUNT = ${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com | |
COMPUTE_ACCOUNT = ${PROJECT_NUMBER}-compute@developer.gserviceaccount.com | |
repo-create: | |
${GCLOUD} artifacts repositories list --location=${REGION} | grep -q ${REPO} || \ | |
${GCLOUD} artifacts repositories create ${REPO} --project=${PROJECT} --repository-format=docker --location=${REGION} | |
repo-list: | |
${GCLOUD} artifacts repositories list | |
build: | |
${GCLOUD} builds submit --region=${REGION} --tag ${APP_IMG} | |
grant-run-admin: # Grant the Cloud Run Admin role to the Cloud Build service account | |
${GCLOUD} projects add-iam-policy-binding ${PROJECT} \ | |
--member=serviceAccount:${SERVICE_ACCOUNT} --role=roles/run.admin | |
grant-service: # Grant the IAM Service Account User role to the Cloud Build service account for the Cloud Run runtime service account | |
${GCLOUD} iam service-accounts add-iam-policy-binding ${COMPUTE_ACCOUNT} \ | |
--member=serviceAccount:${SERVICE_ACCOUNT} --role=roles/iam.serviceAccountUser | |
deploy: | |
${GCLOUD} run deploy ${SERVICE} --image ${APP_IMG} --region ${REGION} --platform managed --allow-unauthenticated | |
build-and-deploy: repo-create build grant-run-admin grant-service deploy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment