-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudbuild.yaml
130 lines (107 loc) · 3.84 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
substitutions:
_SERVICE_NAME: emissary
_REGION: terraform_managed
_BUILD_FOLDER: .
_ARTIFACT_REGISTRY_REPO_URL: terraform_managed
_PROJECT_ID: terraform_managed
tags: ['${_PROJECT_ID}', '${_SERVICE_NAME}']
options:
logging: GCS_ONLY
logsBucket: gs://multivac-deploy-logging-bucket
steps:
- name: '${_ARTIFACT_REGISTRY_REPO_URL}/sunholo-llmops/firebase:${BRANCH_NAME}'
waitFor: ['-']
id: 'deploy-firebase-rules'
entrypoint: bash
args:
- '-c'
- |
firebase &&
firebase -P ${_PROJECT_ID} --json deploy --only firestore:rules,firestore:indexes,storage --force
# Get Firebase config from Secret Manager and parse it
- name: 'gcr.io/cloud-builders/gcloud'
id: 'get-firebase-config'
waitFor: ['-']
entrypoint: 'bash'
args:
- './get-firebase-config.sh'
env:
- '_PROJECT_ID=$_PROJECT_ID'
# Build the UI container with Firebase config
- name: 'gcr.io/cloud-builders/docker'
id: build-ui
entrypoint: 'bash'
waitFor: ['get-firebase-config']
args:
- '-c'
- |
ARGS=$$(cat /workspace/docker_args)
docker build $$ARGS -t ${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/ui:${BRANCH_NAME} .
waitFor: ['get-firebase-config']
- name: 'gcr.io/cloud-builders/docker'
entrypoint: 'bash'
id: backend-dockerfile
dir: ${_BUILD_FOLDER}/backend
waitFor: ['-']
args:
- '-c'
- |
cat <<EOF >Dockerfile_cloudrun
FROM python:3.10-slim
WORKDIR /app
COPY . .
EXPOSE 1956
RUN pip install --upgrade -r requirements.txt && pip list && python --version
ENV _CONFIG_FOLDER=/gcs_config
ENV VAC_CONFIG_FOLDER=/gcs_config/config
ENV GOOGLE_CLOUD_LOGGING=1
ENV FIREBASE_BUCKET=multivac-internal-${BRANCH_NAME}.firebasestorage.app
CMD exec gunicorn --bind :1956 --workers 4 --timeout 0 app:app
EOF
cat Dockerfile_cloudrun
- name: 'gcr.io/cloud-builders/docker'
id: build-backend
waitFor: ['backend-dockerfile']
dir: ${_BUILD_FOLDER}/backend
args: ['build', '-t', '${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/backend:${BRANCH_NAME}', '-f', 'Dockerfile_cloudrun', '.', '--network=cloudbuild']
- name: 'gcr.io/cloud-builders/docker'
id: push-backend
waitFor: ['build-backend']
dir: ${_BUILD_FOLDER}/backend
args: ['push', '${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/backend:${BRANCH_NAME}']
# Push the container image to Container Registry
- name: 'gcr.io/cloud-builders/docker'
id: push-ui
waitFor: ['build-ui']
args: ['push', '${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/ui:${BRANCH_NAME}']
# Deploy container image to Cloud Run
- name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: gcloud
waitFor: ['push-ui', 'push-backend']
args:
- 'run'
- 'deploy'
- '${_SERVICE_NAME}'
- '--region=${_REGION}'
- '--project=${_PROJECT_ID}'
- '--platform=managed'
- '--allow-unauthenticated'
- '--max-instances=3'
- '--session-affinity'
- '--add-volume'
- 'name=gcs_config,type=cloud-storage,bucket=${_CONFIG_BUCKET},readonly=true'
- '--container=main'
- '--image=${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/ui:${BRANCH_NAME}'
- '--port=8080'
- '--memory=2Gi'
- '--cpu=1'
- '--container=sidecar'
- '--image=${_ARTIFACT_REGISTRY_REPO_URL}/${_SERVICE_NAME}/backend:${BRANCH_NAME}'
- '--add-volume-mount'
- 'volume=gcs_config,mount-path=/gcs_config'
- '--memory=2Gi'
- '--cpu=1'
- '--set-env-vars=LANGFUSE_HOST=https://langfuse.sunholo.com'
- '--update-secrets=LANGFUSE_SECRET_KEY=LANGFUSE_SECRET_KEY_EMISSARY:latest'
- '--update-secrets=LANGFUSE_PUBLIC_KEY=LANGFUSE_PUBLIC_KEY_EMISSARY:latest'
- '--update-secrets=GOOGLE_API_KEY=GOOGLE_API_KEY:latest'