Let's look at how we can set up a continuous delivery pipeline for our Google Cloud Run projects with Gitlab CI/CD
Prerequisites
Google Cloud Run:
Cloud Run is a serverless, managed compute platform that enables you to run stateless containers that are invocable via web requests or Pub/Sub events.
To run a Cloud Run service, you need to:
Gitlab:
GitLab is a web-based DevOps lifecycle tool that provides a Git-repository manager providing wiki, issue-tracking, and continuous integration and deployment pipeline features, using an open-source license, developed by GitLab Inc.
You can create a Gitlab project here: New Gitlab project
Clone sample repo here:
https://gitlab.com/niyi/myhelloworldapp
Step 1a: Enable Service Account
A service account is a special kind of account used by an application to make authorized API calls on the GCP platform.
On your Google Cloud project, navigate through Cloud Build > Settings.
Under Service account permissions, make sure both Cloud Run and Service Accounts are enabled
Step 1b: Create a Google Service Account
We'll create a new service account for your application to use
- On your Google Cloud project, navigate through IAM & Admin > Service Accounts > Click on CREATE SERVICE ACCOUNT
- Give your new service account any name you want and click CREATE
- Add the following roles to your service account by clicking Select Role input under task number 2
- Cloud Build Service Agent
- Service Account User
- Cloud Run Admin
- Project Viewer
- Click Create then click Done to add the account.
- Generate a credential file for this account by navigating to the newly created service account > Keys > Click on Add Key > Create New Key. Select JSON and click CREATE
Step 2: Setup Gitlab CICD variables
In this step, we'll create variables that we'll use in our code. One for the GCP Project ID and another for the Service Account we created earlier
- Navigate to the project repository on Gitlab > Settings > CI/CD
- To add a variable, under the Variables section, click the Expand button and click on Add Variable
We need to add two variables, one names GCP_PROJECT_ID with the value of our GCP Project ID and the other named GCP_SERVICE_ACCOUNT for the content of the JSON we downloaded earlier
Step 3: Setup Application code
We need to configure our code to connect to Gitlab CI/CD. We'll also use Docker to containerize our application so it runs the same across multiple platforms.
- We've added a Dockerfile in our application that will run on PORT 8080, which is Google Cloud Run's default port
- We've also added a .gitlab-ci.yml file which is the file the triggers our CI/CD pipeline on Gitlab *
# File: .gitlab-ci.yml
variables:
SERVICE_NAME: "myHelloWorldApp"
deploy:
stage: deploy
only:
- master # This pipeline stage will run on this branch alone
image: google/cloud-sdk:latest # We'll use Google Cloud SDK for Cloud Run related commands
script:
- echo $GCP_SERVICE_ACCOUNT > gcloud-service-key.json # Save Google cloud contents in a temporary json file
- gcloud auth activate-service-account --key-file gcloud-service-key.json # Activate your service account
- gcloud auth configure-docker # Configure docker environment
- gcloud config set project $GCP_PROJECT_ID #Set the GCP Project ID to the variable name
- gcloud builds submit --tag gcr.io/$GCP_PROJECT_ID/$SERVICE_NAME #Run the gcloud build command to build our image
- gcloud run deploy $SERVICE_NAME --image gcr.io/$GCP_PROJECT_ID/$SERVICE_NAME --region=us-east4 --platform managed --allow-unauthenticated # Run the gcloud run deploy command to deploy our new service
Replace the SERVICE_NAME value with the desired name for your application and save the changes.
At the end of the file, we're running the commands gcloud build and gcloud run deploy to build and deploy our application respectively.
Push your changes to the remote Gitlab repository and watch as your new baby is created.
To monitor the progress of your deployment on Gitlab navigate to CI/CD > Pipelines and click on the latest job.
To see your new application on Cloud Run, navigate to GCP > Cloud Run and search for the name of the service
Congratulations!
Top comments (2)
Thanks for your sharing. But I am facing with error
Do you know what's that problem and how to fix?
I had this same issue, It was caused by the service account not having a permission to write to the logs in the default logs bucket.
The solution that worked for me: stackoverflow.com/a/73800350 (also see github.com/google-github-actions/s...).
I hope this helps.