728x90
안녕하세요! 이번 랩은 소프트웨어 공급망 보안에 관한 내용입니다.
환경 변수 세팅하기
export PROJECT=$(gcloud config get-value project)필요한 서비스 활성화 하기
gcloud services enable run.googleapis.com
artifact registry 만들기
gcloud artifacts repositories create helloworld-repo --location=us-central1 --repository-format=docker --project=$PROJECT샘플 애플리케이션 만들기
mkdir helloworld
cd helloworld
package.json
{
"name": "helloworld",
"description": "Simple hello world sample in Node",
"version": "1.0.0",
"private": true,
"main": "index.js",
"scripts": {
"start": "node index.js"
},
"engines": {
"node": ">=12.0.0"
},
"author": "Google LLC",
"license": "Apache-2.0",
"dependencies": {
"express": "^4.17.1"
}
}index.js
{
"name": "helloworld",
"description": "Simple hello world sample in Node",
"version": "1.0.0",
"private": true,
"main": "index.js",
"scripts": {
"start": "node index.js"
},
"engines": {
"node": ">=12.0.0"
},
"author": "Google LLC",
"license": "Apache-2.0",
"dependencies": {
"express": "^4.17.1"
}
}
cd ~/helloworldgcloud builds submit --pack image=us-central1-docker.pkg.dev/$PROJECT/helloworld-repo/helloworld
skaffold 환경 구성 준비하기
mkdir ~/deploy-cloudrun
cd ~/deploy-cloudrunskaffold.yaml
apiVersion: skaffold/v3alpha1
kind: Config
metadata:
name: deploy-run-quickstart
profiles:
- name: dev
manifests:
rawYaml:
- run-dev.yaml
- name: prod
manifests:
rawYaml:
- run-prod.yaml
deploy:
cloudrun: {}
clouddeploy.yaml
apiVersion: deploy.cloud.google.com/v1
kind: DeliveryPipeline
metadata:
name: my-run-demo-app-1
description: main application pipeline
serialPipeline:
stages:
- targetId: run-dev
profiles: [dev]
- targetId: run-prod
profiles: [prod]
---
apiVersion: deploy.cloud.google.com/v1
kind: Target
metadata:
name: run-dev
description: Cloud Run development service
run:
location: projects/$PROJECT_ID/locations/us-central1
---
apiVersion: deploy.cloud.google.com/v1
kind: Target
metadata:
name: run-prod
description: Cloud Run production service
run:
location: projects/$PROJECT_ID/locations/us-central1gcloud deploy apply --file clouddeploy.yaml --region=us-central1
run-dev.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: helloworld-dev
spec:
template:
spec:
containers:
- image: my-app-imagerun-prod.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: helloworld-prod
spec:
template:
spec:
containers:
- image: my-app-image
릴리즈 생성하고, 컨테이너 배포하기
gcloud deploy releases create run-release-001 --project=$PROJECT --region=us-central1
--delivery-pipeline=my-run-demo-app-1 --images=my-app-image="us-central1-docker.pkg.dev/$PROJECT/helloworld-repo/helloworld"
Cloud run 서비스에 비인가된 액세스 활성화 하기
gcloud run services add-iam-policy-binding helloworld-dev \
--member="allUsers" \
--role="roles/run.invoker"
gcloud run services add-iam-policy-binding helloworld-prod \
--member="allUsers" \
--role="roles/run.invoker"
감사합니다.
728x90
반응형
'IT > GCP' 카테고리의 다른 글
| Bigquery 실행 결과를 GCS로 자동 업데이트 (3) | 2023.09.09 |
|---|---|
| GCP 키 탈취시 조치 사항 (0) | 2022.12.17 |
| [Cloud Hero 1-4] Running a Node.js Container on GKE (0) | 2022.11.22 |
| [Cloud Hero 2-4] Kubernetes Engine으로 배포 관리 (0) | 2022.11.22 |
| [Cloud Hero 2-2] Google Kubernetes Engine의 NGINX 인그레스 컨트롤러 (0) | 2022.11.22 |
