GCP-CloudRun

Deploying to Google Cloud Run with Terraform

gcp-microservices-iac

Getting started

To make it easy for you to get started with GitLab, here’s a list of recommended next steps.

Already a pro? Just edit this README.md and make it your own. Want to make it easy? Use the template at the bottom!

Add your files

• Create or upload files
• Add files using the command line or push an existing Git repository with the following command:

cd existing_repo
git remote add origin https://gitlab.com/574n13y/gcp-microservices-iac.git
git branch -M main
git push -uf origin main

Integrate with your tools

• Set up project integrations

Collaborate with your team

• Invite team members and collaborators
• Create a new merge request
• Automatically close issues from merge requests
• Enable merge request approvals
• Set auto-merge

Test and Deploy

Use the built-in continuous integration in GitLab.

• Get started with GitLab CI/CD
• Analyze your code for known vulnerabilities with Static Application Security Testing (SAST)
• Deploy to Kubernetes, Amazon EC2, or Amazon ECS using Auto Deploy
• Use pull-based deployments for improved Kubernetes management
• Set up protected environments

---

Project status

### Prerequisites To follow this tutorial you will need:

• Terraform CLI. I recommend using the latest version, currently v0.14. Instructions to download and install Terraform can be found here.
• Google Cloud SDK. The most recent version should also work well for this tutorial. Installation instructions here.
• A Google Cloud account. If you don’t have one, create it here.

Initial setup

• Start by authenticating the SDK to Google Cloud:

• Create a new project where your Cloud Run service will be deployed. Replace PROJECT_ID and PROJECT_NAME with the desired values:

• Creating your first service

  terraform {
    required_version = ">= 0.14"
  
    required_providers {
     # Cloud Run support was added on 3.3.0
        google = ">= 3.3"
      }
    }
  
    provider "google" {
     # Replace `PROJECT_ID` with your project
     project = "vivesh-405513"
    }
  
    resource "google_project_service" "run_api" {
     service = "run.googleapis.com"
  
      disable_on_destroy = true
     }
  
     resource "google_cloud_run_service" "run_service" {
      name = "app"
      location = "us-central1"
  
      template {
        spec {
       containers {
          image = "gcr.io/google-samples/hello-app:1.0"
            }
          }
        }
  
        traffic {
       percent         = 100
       latest_revision = true
       }
  
         # Waits for the Cloud Run API to be enabled
        depends_on = [google_project_service.run_api]
         }
  
          resource "google_cloud_run_service_iam_member" "run_all_users" {
          service  = google_cloud_run_service.run_service.name
          location = google_cloud_run_service.run_service.location
          role     = "roles/run.invoker"
          member   = "allUsers"
          }
  
              resource "google_storage_bucket" "auto-expire" {
             name          = "stanley_bucket_iac"
             location      = "US"
            force_destroy = true
  
             public_access_prevention = "enforced"
            }
  
         output "service_url" {
         value = google_cloud_run_service.run_service.status[0].url
          }
       
  

• Let’s stop for a while and check what the code above is doing:

      name: the name of your service. It will be displayed in the public URL.
      location: the region where your service will run. See all the options here.
      image: The Docker image that will be used to create the container. Cloud Run has direct support for images from the Container Registry and Artifact Registry.
      traffic: controls the traffic for this revision. The percent property indicates how much traffic will be redirected to this revision. latest_revision specifies that this traffic configuration needs to be used for the latest revision.
      depends_on: waits for a resource to be ready, in this case, the Cloud Run API.
       
  

• Invoking the service –> By default, Cloud Run services are private and secured by IAM. To access them, you would need valid credentials with at least the Cloud Run Invoker permission set.

• Deploying the infrastructure terraform init

  terraform plan

  terrafrom apply

  

  

• Updating the service image = "gcr.io/google-samples/hello-app:2.0"

• Run terraform apply to deploy the changes:

  

  

• Cleaning up

• To delete all resources created with Terraform, run the following command and confirm the prompt:

  

  

• This will disable the Cloud Run API, delete the Cloud Run service and its permissions.

• The project was created using the gcloud CLI tool, so you will need to delete it manually. For that, you can run:

Gitlab Validate

This site is open source. Improve this page.