How to deploy Cloud Run services with GitHub Actions

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to serverless Expeditions Luca thank you Martin thanks for inviting me of course so Martin I've heard up the Grapevine that you're looking to explore CI CD for serverless products in Google Cloud yep uh to note though Luca all of my code will eventually live in GitHub so I need something that integrates well with GitHub and our other services and the less code I have to write the better got it I could definitely relate sounds like a great use case for Google GitHub actions [Music] you mentioned GitHub actions Luca how do they work sure thing Martin let me show you a quick example so here is a simple Cloud function Martin it leverages GitHub actions to automate unit tests and redeployments to gcp I'll make a small change deploy to the main branch and let's see what happens okay Luca just going to add a quick comment to our serverless function here and after saving let's deploy this change since all of my CI CD steps live in GitHub actions I could watch each of them hopefully complete here very automated Luca I like it Google interactions are pretty powerful right yeah uh but what about Cloud build in Google Cloud I've heard that we could just do the same thing like you did here in Google Cloud instead of in GitHub oh yeah there's so many ways you can accomplish CI CD this is just one pattern let me ask you one question you said you have a few different services do you mean across multiple Cloud platforms exactly uh there are cross multiple Cloud platforms on Google Cloud we have a cloud run service and we also have a few services on other clouds I see as it relates to Google cloud is there a reason you are looking into a CI CD offering and not doing CD through the native Cloud build integration yes we use the cloud build integration with Source repos hosted in Google Cloud currently however we want to implement both CI and CD to orchestrate this across all our services and not just those in Google Cloud gotcha that makes sense I'd say if you're focused primarily on the cloud run service then letting Google Cloud Drive continuous delivery as we mentioned here would be an awesome option something else I'm curious about Martin are you using a single monorepo for all of your services yep we are and that will all soon be up on GitHub perfect given that everything is Consolidated into GitHub you have Services across a few different clouds and there are CI steps to take before deployment GitHub actions would be a great fit sounds good how do I get started Luca sure thing Martin let's jump into your monorepo on GitHub and we can walk through a workflow with GitHub actions all right uh here is my source repo and in this subdirectory I have a simple node.js service that I would like to redeploy to cloudron whenever new code is committed and this service parses the sentiment of messages from a pub sub push subscription uh but anyway how do I deploy my cloudron servers here from GitHub great question and we have a few options for you if you already have gcloud deploy scripts you are using today Google GitHub actions team has pre-built actions that authenticate to Google cloud and set up gcloud for you then you can take your existing deploy script and run it as a workflow step sounds convenient but some of our team is not as familiar with the gcloud command line tool as I am are there other options where you don't have to use that definitely we have an even simpler solution package actions for a variety of services that Google Cloud provides like Cloud run gke and Cloud functions all you have to do is create a step point it to this action input the necessary parameters and our action will do all the heavy lifting for you that is just what we're looking for okay how can I get started with those packaged actions in GitHub that you mentioned I see an actions tab here is that a good place to start yep clicking on that tab will take you to the actions Marketplace here you can find a plethora of starter workflow templates to bootstrap your CI CD we have a few starter workflows readily available let's search for cloud run that's awesome and these GitHub actions look at they are managed by the Google Cloud team yeah they're all official Google Cloud Integrations for the GitHub actions Marketplace definitely recommend to always check the source of the actions that you're using in this specific case the repo shows the organization has been verified as being from Google great okay it looks like there is a deploy from Source or deploy from Docker eventually we'll want to manage our own Docker file but for now I'll select the deploy from Source option yep okay great now let me click on that wow it looks like a lot was generated for me yeah the starter templates are great quick to get started plus they will generate all of the directory and relevant workload steps for you I see uh you mentioned workflow steps okay uh can you walk me through the developer workflow here sure thing at a high level GitHub actions is a way to do cicd on GitHub you don't write a bunch of code it starts with a yaml file inside that yaml file you will define activities that should occur based on events that can happen for example think about a common repo event like when you push to a branch you would have a series of steps that should happen running unit tests linting and then a deployment got it and all that that you mentioned that is CI CD right exactly in GitHub terms that series of steps Define a workflow to execute the yaml file is where you configure that workflow and GitHub then automates that gotcha this is very neat okay I see that the starter template tells me how to set up permissions and accounts in my world Cloud project to make this work yes we want to make it as easy as possible for people to get started with our actions excellent so look I already have a service account with a required IAM permissions and the relevant apis are enabled as well but I'm not familiar with the workload identity Federation step here what is that and is it even required no it's not necessarily workload identity Federation is more secure and it works better with some org policies but it requires a bit more setup we can get you started with a simple service account key today let's talk about workload identity Federation in a future episode all right Luke that sounds good uh I'll grab the service account key here then perfect I have my service account key now where can I securely store this in GitHub so if you navigate to the repo settings page and click on actions we can securely store your credentials there all right I see thank you Luca uh I'll just name this S A creds for short great so looking into the yaml file here it looks like there are a few environment variables I need uh what are these are these the ones that I set with argument Flags if I run gcloud run deploy exactly these environment variables are going to be passed to the deploy Cloud run action as inputs we can hard code them in the action step as well but it's nice to have them exported as environment variables at the top of the file for readability oh okay let me fill in those all right Thanks Martin let's also comment out the workload identity Federation auth step and use the service account off step instead great uh now how does GitHub actions reference the secret that we saved earlier so any variables or Secrets referenced in the workflow file GitHub extends a variable Syntax for let's look at a few examples got it that's easy to pick up uh let me make that change I say creds all right anything else before deploying here look out the last step we will need to do is update the source input of the action to the relative path of our node.js service ah right uh let me update that deploy all right so I have one question for you here Luca uh when this workflow is triggered where are these operations being run on Whose server yep either it runs on a virtual machine that GitHub spins up for you or one that you self-host ah there's a self-hosting option too that is great ah looks like my cloud run service was deployed awesome let's quickly test it out in the cloud console all right I'm going to publish a brief message to the pub sub topic uh let's see if the service can accurately assess the message sentiment uh Luca what do you think about pineapple on pizza hmm in all honesty Martin actually a big fan oh uh I might have other opinions about pineapple and pizza but it looks like a service run a good sentiment overall this is great it's pretty awesome right yes and the fact that it can have this as a build step without having to manage deploy scripts or have it run after my continuous integration it's very convenient this fits all my requirements of being integrated with GitHub other Cloud providers in Google cloud and most important of all low code definitely agree we want to make it as easy as possible for developers on GitHub to integrate CI CD for gcp products great thank you everyone for tuning in if you like this video please subscribe below and leave a comment and don't forget to tune in for the future video we will authenticate our Google GitHub action workflow more securely with workflow identity Federation bye for now [Music] thank you

Info

Channel: Google Cloud Tech

Views: 20,374

Rating: undefined out of 5

Keywords: Google Cloud, Google Cloud Platform, Google developer, serverless developer, cloud functions, cloud run, cloud run service, gcloud run deploy, GitHub, GitHub Actions, Cloud Build, Google Kubernetes Engine, GitHub Actions Marketplace, deploy on Google Cloud, GitHub for Google Cloud, YAML file, GKE, CI/CD, Martin Omander

Id: DMCi7WWTtX0

Channel Id: undefined

Length: 10min 57sec (657 seconds)

Published: Thu Oct 27 2022