CI/CD on GCP with Cloud Build and Cloud Deploy
Introduction
Continuous Integration and Continuous Deployment (CI/CD) are fundamental practices in the DevOps lifecycle, enabling teams to deliver software more frequently and reliably. Google Cloud Platform (GCP) offers robust tools like Cloud Build and Cloud Deploy to automate the software delivery process, ensuring that code changes are built, tested, and deployed efficiently across various environments.
By utilizing Cloud Build, developers can create automated workflows that compile code, run tests, and produce artifacts, while Cloud Deploy manages the deployment of these artifacts to different environments with various rollout strategies and approval processes. Understanding these tools is vital for DevOps/SREs, as they streamline operations, reduce manual errors, and accelerate time-to-market. Key scenarios include deploying microservices, managing multi-environment setups, and employing canary releases or blue-green deployments.
Prerequisites
Before diving into the setup of CI/CD pipelines using Cloud Build and Cloud Deploy, ensure you have the following:
- Google Cloud Account: A valid GCP subscription.
- Google Cloud SDK: Install the Cloud SDK to interact with GCP from your command line.
- Permissions: Ensure you have the necessary IAM roles, such as
Cloud Build EditorandCloud Deploy Admin. - Source Code Repository: Your application code should be hosted on a version control system like GitHub or Cloud Source Repositories.
- Docker: If you are building containerized applications, ensure Docker is installed on your local machine.
Core Concepts
- Cloud Build: A fully managed build service that executes builds on GCP. It uses a configuration file (
cloudbuild.yaml) to define the build steps. - Cloud Deploy: A service that automates the deployment of artifacts to various environments. It supports multiple rollout strategies, including canary and blue-green deployments.
- Triggers: Automated processes that initiate builds when code changes are pushed to a repository.
- Artifacts: Outputs of the build process, such as Docker images or JAR files, stored in Google Container Registry or Artifact Registry.
- Rollout Strategies: Methods to gradually release new versions of applications, allowing for safer deployments.
Limitations
- Cloud Build has quota limits on builds per day depending on your GCP plan.
- Cloud Deploy may incur additional costs based on deployment frequency and artifact storage.
Syntax/Configuration
Cloud Build Configuration (cloudbuild.yaml)
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/$PROJECT_ID/my-app', '.']
images:
- 'gcr.io/$PROJECT_ID/my-app'
Trigger Configuration
To create a trigger for automatic builds, you can use the gcloud CLI:
gcloud beta builds triggers create github \
--name="my-trigger" \
--repo-name="my-repo" \
--repo-owner="my-github-user" \
--branch-pattern="^main$" \
--build-config="cloudbuild.yaml"
Cloud Deploy Configuration (deploy.yaml)
apiVersion: deploy.gcp.io/v1
kind: Rollout
metadata:
name: my-app-rollout
spec:
service:
name: my-app
artifact:
image: gcr.io/$PROJECT_ID/my-app
rolloutStrategy:
type: canary
Practical Examples
Example 1: Basic Cloud Build with Docker
This example builds a Docker image from a Dockerfile.
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/$PROJECT_ID/my-app', '.']
images:
- 'gcr.io/$PROJECT_ID/my-app'
Example 2: Running Tests in Cloud Build
Add a test step before the build step.
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['run', 'gcr.io/$PROJECT_ID/my-app', 'npm', 'test']
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/$PROJECT_ID/my-app', '.']
Example 3: Trigger on Pull Request
Create a trigger that builds the application when a pull request is created.
gcloud beta builds triggers create github \
--name="pr-trigger" \
--repo-name="my-repo" \
--repo-owner="my-github-user" \
--pull-request-pattern="^.*$" \
--build-config="cloudbuild.yaml"
Example 4: Deploying with Cloud Deploy
Deploy the built application using the defined rollout strategy.
gcloud deploy apply \
--file=deploy.yaml \
--region=us-central1
Example 5: Manual Approval Process in Cloud Deploy
You can configure manual approval steps in the deployment process.
spec:
rolloutStrategy:
type: canary
canary:
steps:
- name: manual-approval
Example 6: Multi-Environment Deployment
Deploy to multiple environments (dev, staging, production).
spec:
environments:
- name: dev
rollout:
image: gcr.io/$PROJECT_ID/my-app:dev
- name: staging
rollout:
image: gcr.io/$PROJECT_ID/my-app:staging
- name: production
rollout:
image: gcr.io/$PROJECT_ID/my-app:prod
Example 7: Environment Variables in Cloud Build
Set environment variables during the build process.
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/$PROJECT_ID/my-app', '.']
env:
- MY_ENV_VAR=value
Example 8: Using Secrets in Cloud Build
Access secrets stored in Secret Manager during the build.
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['run', 'gcr.io/$PROJECT_ID/my-app', '--env', 'MY_SECRET=${_MY_SECRET}']
Real-World Scenarios
Scenario 1: Microservices Deployment
Utilize Cloud Build and Cloud Deploy to manage the CI/CD pipeline for a microservices architecture. Each service can have its own build configuration and deployment strategy, allowing for independent updates.
Scenario 2: Automated Testing and Deployment
Set up automated testing in Cloud Build to ensure quality before deploying to production. Integrate unit tests, integration tests, and end-to-end tests to catch bugs early.
Scenario 3: Canary Releases
Implement canary releases with Cloud Deploy to gradually roll out new features. Monitor performance and rollback if issues are detected.
Best Practices
- Use Version Control: Always store your
cloudbuild.yamland deployment configurations in a version-controlled repository. - Automate Everything: Leverage triggers and automated deployments to reduce manual intervention.
- Monitor Deployments: Utilize GCP monitoring tools to track performance and errors during deployment.
- Implement Rollback Strategies: Always have a plan to revert to a previous version if a deployment fails.
- Secure Secrets: Use Secret Manager to store sensitive information and access them securely during builds.
Common Errors
Error:
BUILD_FAILED: This indicates that one of the build steps failed. Check the build logs for specific error messages.- Cause: Often due to syntax errors in
cloudbuild.yamlor failing tests. - Fix: Review and correct the errors in the YAML file or the application code.
- Cause: Often due to syntax errors in
Error:
Permission Denied: You don't have the required permissions to execute a build or deployment.- Cause: Insufficient IAM roles assigned.
- Fix: Ensure you have the correct roles (e.g.,
Cloud Build Editor,Cloud Deploy Admin).
Error:
No matching image found: The specified Docker image cannot be found.- Cause: The image was not built or pushed correctly.
- Fix: Verify the build steps and confirm the image is in the correct registry.
Error:
Timeout: The build or deployment took too long and exceeded the timeout limit.- Cause: Long-running steps or insufficient resources.
- Fix: Optimize your build steps or increase the timeout limit.
Related Services/Tools
| Service/Tool | Description | Use Case |
|---|---|---|
| Jenkins | Open-source automation server for CI/CD | Custom workflows with plugins |
| GitHub Actions | CI/CD tool integrated with GitHub | GitHub repositories |
| CircleCI | Continuous integration and delivery platform | Fast builds and deployments |
| Travis CI | CI service for building and testing on GitHub | Open-source projects |
Automation Script
Here's a sample bash script to automate the setup of Cloud Build and Cloud Deploy:
#!/bin/bash
# Variables
PROJECT_ID="your-gcp-project-id"
REPO_NAME="your-repo-name"
REPO_OWNER="your-github-user"
# Enable APIs
gcloud services enable cloudbuild.googleapis.com
gcloud services enable deploy.googleapis.com
# Create Cloud Build trigger
gcloud beta builds triggers create github \
--name="my-trigger" \
--repo-name="$REPO_NAME" \
--repo-owner="$REPO_OWNER" \
--branch-pattern="^main$" \
--build-config="cloudbuild.yaml"
# Deploy using Cloud Deploy
gcloud deploy apply \
--file=deploy.yaml \
--region=us-central1
echo "CI/CD pipeline setup complete!"
Conclusion
Incorporating CI/CD practices using Google Cloud Build and Cloud Deploy can significantly enhance your software delivery process. By automating builds, tests, and deployments, teams can achieve faster release cycles and improved application quality.
To further enhance your skills, explore the official documentation and consider setting up real-world projects on GCP.
Next Steps
- Explore the Cloud Build Documentation
- Dive into Cloud Deploy Documentation
- Experiment with GCP labs and tutorials to solidify your understanding.
References
By following this tutorial, you can leverage the power of GCP to create a robust CI/CD pipeline that meets the needs of your development workflows. 🚀