Trying and Failing with Gitlab CI with Google Run Cloud




This is my first time trying to CI to Google Cloud from Gitlab, so far has been this journey very painful, but I think I'm closer.

I follow some instructions from:

https://medium.com/google-cloud/deploy-to-cloud-run-using-gitlab-ci-e056685b8eeb

and I change to my needs the .gitlab-ci and the cloudbuild.yaml

After several tryouts, I finally manage to set all the Roles, Permissions and Service Accounts. But no luck building my docker file into the Container Registry or Artifact.

this is my failure log from gitlab log:

Running with gitlab-runner 14.6.0~beta.71.gf035ecbf (f035ecbf)
  on green-3.shared.runners-manager.gitlab.com/default Jhc_Jxvh
Preparing the "docker+machine" executor
Using Docker executor with image google/cloud-sdk:latest ...
Pulling docker image google/cloud-sdk:latest ...
Using docker image sha256:2ec5b4332b2fb4c55f8b70510b82f18f50cbf922f07be59de3e7f93937f3d37f for google/cloud-sdk:latest with digest google/cloud-sdk@sha256:e268d9116c9674023f4f6aff680987f8ee48d70016f7e2f407fe41e4d57b85b1 ...
Preparing environment
Running on runner-jhcjxvh-project-32231297-concurrent-0 via runner-jhcjxvh-shared-1641939667-f7d79e2f...
Getting source from Git repository
$ eval "$CI_PRE_CLONE_SCRIPT"
Fetching changes with git depth set to 50...
Initialized empty Git repository in /builds/ProjectsD/node-projects/.git/
Created fresh repository.
Checking out 1f1e41f0 as dev...
Skipping Git submodules setup
Executing "step_script" stage of the job script
Using docker image sha256:2ec5b4332b2fb4c55f8b70510b82f18f50cbf922f07be59de3e7f93937f3d37f for google/cloud-sdk:latest with digest google/cloud-sdk@sha256:e268d9116c9674023f4f6aff680987f8ee48d70016f7e2f407fe41e4d57b85b1 ...
$ echo $GCP_SERVICE_KEY > gcloud-service-key.json
$ gcloud auth activate-service-account --key-file=gcloud-service-key.json
Activated service account credentials for: [[email protected]]
$ gcloud config set project $GCP_PROJECT_ID
Updated property [core/project].
$ gcloud builds submit . --config=cloudbuild.yaml
Creating temporary tarball archive of 47 file(s) totalling 100.8 MiB before compression.
Some files were not included in the source upload.
Check the gcloud log [/root/.config/gcloud/logs/2022.01.11/22.23.29.855708.log] to see which files and the contents of the
default gcloudignore file used (see `$ gcloud topic gcloudignore` to learn
more).
Uploading tarball of [.] to [gs://pdnodejs_cloudbuild/source/1641939809.925215-a19e660f1d5040f3ac949d2eb5766abb.tgz]
Created [https://cloudbuild.googleapis.com/v1/projects/pdnodejs/locations/global/builds/577417e7-67b9-419e-b61b-f1be8105dd5a].
Logs are available at [https://console.cloud.google.com/cloud-build/builds/577417e7-67b9-419e-b61b-f1be8105dd5a?project=484193191648].
gcloud builds submit only displays logs from Cloud Storage. To view logs from Cloud Logging, run:
gcloud beta builds submit
BUILD FAILURE: Build step failure: build step 1 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
ERROR: (gcloud.builds.submit) build 577417e7-67b9-419e-b61b-f1be8105dd5a completed with status "FAILURE"
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1

.gitlab-ci

# file: .gitlab-ci.yml
stages:
  # - docker-build
  - deploy_dev

# docker-build:
#   stage: docker-build
#   image: docker:latest
#   services: 
#     - docker:dind
#   before_script:
#     - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
#   script:
#     - docker build --pull -t "$CI_REGISTRY_IMAGE" . 
#     - docker push "$CI_REGISTRY_IMAGE"

deploy_dev:
  stage: deploy_dev
  image: google/cloud-sdk:latest
  script:
    - echo $GCP_SERVICE_KEY > gcloud-service-key.json # google cloud service accounts
    - gcloud auth activate-service-account --key-file=gcloud-service-key.json
    - gcloud config set project $GCP_PROJECT_ID
    - gcloud builds submit . --config=cloudbuild.yaml

cloudbuild.yaml

# File: cloudbuild.yaml
steps:
    # build the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'build', '-t', 'gcr.io/$PROJECT_ID/node-projects', '.' ]
    # push the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'push', 'gcr.io/$PROJECT_ID/node-projects']
    # deploy to Cloud Run
  - name: "gcr.io/cloud-builders/gcloud"
    args: ['run', 'deploy', 'erp-ui', '--image', 'gcr.io/$PROJECT_ID/node-projects', '--region', 'us-central4', '--platform', 'managed', '--allow-unauthenticated']
options:
  logging: CLOUD_LOGGING_ONLY

Is there any other configuration I'm missing inside GCP? or is something wrong with my files?

😮‍💨


Solution 1:

UPDATE: I try and Success finally

I start to move around everything from scrath and I now achieve the correct deploy

.gitlab-ci

stages:
  - build
  - push

default:
  image: docker:latest
  services:
    - docker:dind
  before_script:
    - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY

docker-build:
  stage: build
  only:
    refs:
      - main
      - dev
  script:
    - |
      if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
        tag=""
        echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
      else
        tag=":$CI_COMMIT_REF_SLUG"
        echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
      fi
    - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
    - docker push "$CI_REGISTRY_IMAGE${tag}"
  # Run this job in a branch where a Dockerfile exists
  interruptible: true
  environment:
    name: build/$CI_COMMIT_REF_NAME

push:
  stage: push
  only:
    refs:
      - main
      - dev

  script:
    - apk upgrade --update-cache --available
    - apk add openssl
    - apk add curl python3 py-crcmod bash libc6-compat
    - rm -rf /var/cache/apk/*
    - curl https://sdk.cloud.google.com | bash > /dev/null
    - export PATH=$PATH:/root/google-cloud-sdk/bin
    - echo $GCP_SERVICE_KEY > gcloud-service-key-push.json # Google Cloud service accounts
    - gcloud auth activate-service-account --key-file gcloud-service-key-push.json
    - gcloud config set project $GCP_PROJECT_ID
    - gcloud auth configure-docker us-central1-docker.pkg.dev
    - tag=":$CI_COMMIT_REF_SLUG"
    - docker pull "$CI_REGISTRY_IMAGE${tag}"
    - docker tag "$CI_REGISTRY_IMAGE${tag}" us-central1-docker.pkg.dev/$GCP_PROJECT_ID/node-projects/node-js-app${tag}
    - docker push us-central1-docker.pkg.dev/$GCP_PROJECT_ID/node-projects/node-js-app${tag}

  environment:
    name: push/$CI_COMMIT_REF_NAME
  when: on_success

.cloudbuild.yaml

# File: cloudbuild.yaml
steps:
  # build the container image
  - name: 'gcr.io/cloud-builders/docker'
    args:
      [
        'build',
        '-t',
        'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp',
        '.',
      ]
    # push the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: ['push', 'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp']
    # deploy to Cloud Run
  - name: 'gcr.io/cloud-builders/gcloud'
    args:
      [
        'beta',
        'run',
        'deploy',
        'dreamslear',
        '--image',
        'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp',
        '--region',
        'us-central1',
        '--platform',
        'managed',
        '--port',
        '3000',
        '--allow-unauthenticated',
      ]

And that worked!

if someone wants to give an optimised workflow or any advice, that would be great!