Templates
Here you can find examples of all files you might need during the deployment process.
Dockerfile
Section titled “Dockerfile”FROM golang:1.25 AS baseWORKDIR /optRUN mkdir -p -m 700 /root/.sshCOPY known_hosts /root/.ssh/known_hostsRUN git config --global url."git@github.com:".insteadOf "https://github.com/"COPY go.mod .COPY go.sum .ARG GOPRIVATE=github.com/VolumentalARG PROJECT_ROOT=github.com/Volumental/jason/backendARG GO111MODULE=onARG CGO_ENABLED=0RUN --mount=type=ssh go mod downloadCOPY . .RUN go test ./...RUN go build -o jason_backend github.com/Volumental/jason/cmd/rest
FROM alpine:3.18 AS deploy_apiRUN apk add --no-cache ca-certificatesWORKDIR /optCOPY --from=base /opt/jason_backend /opt/jason_backendENTRYPOINT [ "./jason_backend" ]FROM python:3.11
COPY . .FROM node:20
COPY . .Cloudbuild.yaml
Section titled “Cloudbuild.yaml”steps:- id: 'fetch github secret' name: '${_LINK_IMAGE}:${_LATEST}' args: ["-project", "volumental-infra", "-secret", "github-robot-id-rsa", "-out", "id_rsa,known_hosts"]
- id: 'build vaka' name: 'gcr.io/cloud-builders/docker' env: - 'BRANCH_OR_TAG=${BRANCH_NAME}${TAG_NAME}' - 'DOCKER_BUILDKIT=1' - 'DOCKER_CLI_EXPERIMENTAL=enabled' entrypoint: 'bash' args: - '-c' - | eval $(ssh-agent); chmod 0600 id_rsa; ssh-add id_rsa \ && docker buildx build \ --ssh default \ --tag ${_VAKA_IMAGE_REPO}:${SHORT_SHA} \ --tag ${_VAKA_IMAGE_REPO}:${BRANCH_OR_TAG//[^a-zA-Z0-9.-]/_} \ --cache-from=${_VAKA_IMAGE_REPO}:${BRANCH_OR_TAG//[^a-zA-Z0-9.-]/_} \ --cache-from=${_VAKA_IMAGE_REPO}:master \ --cache-to=type=inline,mode=max \ . waitFor: ['fetch github secret']
- id: 'push vaka' name: 'gcr.io/cloud-builders/docker' entrypoint: '/bin/bash' env: - 'DOCKER_BUILDKIT=1' - 'BRANCH_OR_TAG=${BRANCH_NAME}${TAG_NAME}' args: - -c - | docker push ${_VAKA_IMAGE_REPO}:${SHORT_SHA} \ && docker push ${_VAKA_IMAGE_REPO}:${BRANCH_OR_TAG//[^a-zA-Z0-9.-]/_} waitFor: ['pytest', 'run bandit for vaka', 'mypy', 'pylint', 'black']
options: machineType: E2_HIGHCPU_32 logging: CLOUD_LOGGING_ONLYtimeout: 1200s
substitutions: _LATEST: latest _VAKA_IMAGE_REPO: "europe-north1-docker.pkg.dev/volumental-infra/images/vaka" _FF_IMAGE_REPO: "europe-north1-docker.pkg.dev/volumental-infra/images/vaka-fleet_feet" _LINK_IMAGE: europe-north1-docker.pkg.dev/volumental-infra/images/link---steps: - id: "configure git" secretEnv: ["SSH_KEY"] name: "gcr.io/cloud-builders/git" entrypoint: "bash" args: - "-c" - | echo "$$SSH_KEY" >> /workspace/id_rsa chmod 400 /workspace/id_rsa git config --global --add url."git@github.com:".insteadOf "https://github.com/"
- id: 'setup vob' name: 'gcr.io/cloud-builders/gsutil' entrypoint: "bash" args: - -c - | gsutil cp -r gs://volumental-staging-artifacts/vob/${_VOB_VERSION}/vob_linux /workspace/vob curl -L https://github.com/google/go-containerregistry/releases/download/v0.9.0/go-containerregistry_Linux_x86_64.tar.gz | tar xvz -C /bin chmod +x /workspace/vob waitFor: ['configure git']
- id: 'build and push jason api image' name: 'gcr.io/cloud-builders/docker' entrypoint: '/bin/sh' args: - -c - | /workspace/vob -tags ${SHORT_SHA},b:${BRANCH_NAME} -branch -fbp -conf backend/vob.yaml waitFor: ['setup vob']
options: machineType: E2_HIGHCPU_8 logging: CLOUD_LOGGING_ONLY logStreamingOption: STREAM_OFF automapSubstitutions: true
substitutions: _VOB_VERSION: v1.0.0
availableSecrets: secretManager: - versionName: projects/volumental-infra/secrets/github-robot-id-rsa/versions/latest env: "SSH_KEY"