【GCP】Bitbucket Pipeline CICD 至 GKE / Container Registry
- 创建一个新的service account 并且给与以下的
- Cloud Run
- AdminKubernetes Engine
- AdminKubernetes Engine Cluster Admin
- Service Account User
- Storage Admin
2. 下载service account的json key, 以便pipeline能够使用权限登入到GCP的container registry
3. 使用这bitbucket pipelines yml 文件
[GCP_Project_ID] = GCP Project ID
[GCP_Registry_URL] = asia.gcr.io/GCP Project ID/ImageName
image: atlassian/default-image:2
options:
docker: true
size: 2x
pipelines:
branches:
test:
- step:
name: Build & Push
deployment: Test
image: google/cloud-sdk:latest
script:
# Build image
- export IMAGE_NAME=asia.gcr.io/[GCP_Project_ID]:test
- docker build -t $IMAGE_NAME -f dockerfile .
# Gcloud auth and check
- gcloud auth activate-service-account [GCP_ServiceAccount_Email] --key-file=deployment/gcloud.json
- gcloud config list
# config image registry with gcloud helper
- gcloud auth configure-docker -q
# push image to gcr
- docker push $IMAGE_NAME
# delete untagged images
- gcloud container images list-tags [GCP_Registry_URL] --filter='-tags:*' --format='get(digest)' --limit=unlimited | xargs -I {arg} gcloud container images delete "[GCP_Registry_URL]@{arg}" --quiet
# Login to k8s cluster and deploy
- export GCLOUD_CLUSTER="你的GKE Cluster名"
- export GCLOUD_ZONE="asia-southeast1-c"
- export GCLOUD_PROJECT="你的GCP Project ID"
- gcloud container clusters get-credentials $GCLOUD_CLUSTER --zone=$GCLOUD_ZONE --project $GCLOUD_PROJECT
- gcloud auth configure-docker --quiet
- kubectl rollout restart deployment/[你的K8s Deployment Name] -n [你的namespace]
services:
- docker
caches:
- docker
definitions:
services:
docker:
memory: 40964. GCP_Project_ID 可以在以下的图片内获取
参考文章: https://puuga.medium.com/dev-story-deploy-to-gcp-cloud-run-with-bitbucket-pipelines-4fef8f2ece27
Facebook评论