In a previous blog post I went over the basics of what it takes to create a configuration for Cloud Build. This post will expand on it by creating a functional CI/CD pipeline for a java project using Cloud Build. Note that I am claiming the pipeline will be functional but far from optimal, a follow up post at some point will go over potential optimizations to the pipeline.
Continuous Integration
The objective of Continuous integration is to ensure that developers regularly merge quality code into a common place. The quality is ascertained using automation, which is where a tool like Cloud Build comes in during the CI process.Consider a flow where developers work on feature branches and when ready send a pull request to the main branch
Now to ensure quality, checks should be run on the developers feature branch before it is allowed to be merged into the "main" branch. This means two things:
1. Running quality checks on the developers feature branch
2. Merges to main branch should not be permitted until checks are run.
Running quality checks on a feature branch
This is where integration of Cloud Build with the repo comes into place. I am using this repository - https://github.com/bijukunjummen/hello-cloud-build, to demonstrate this integration with Cloud Build. If you have access to a Google Cloud environment, a new integration of Cloud build build with a repository looks something like this:Once this integration is in place, a Cloud Build "trigger" should be created to act on a new pull request to the repository:
Here is where the Cloud Build configuration comes into play, it specifies what needs to happen when a Pull Request is made to the repository. This is a Java based project with gradle as the build tool, I want to run tests and other checks, which is normally done through a gradle task called "check", a build configuration which does this is simple:
steps: - name: openjdk:11 id: test entrypoint: "./gradlew" args: [ "check" ]
Onto the next objective - Merges to the main branch should not be allowed until the checks are clean
Merges to main branch only with a clean build
This is done on the repository side on github, through settings that look like this -
With these two considerations, checking the feature branch before merges are allowed, and allowing merges to "main" branch after checks should ensure that quality code should get into the "main" branch.
Onto the Continuous Deployment side of the house.
Continuous Deployment
So now presumably a clean code has made its way to the main branch and we want to deploy it to an environment.
In Cloud Build this translates to a "trigger", that acts on commits to specific branches and looks like this for me:
and again the steps expressed as a Cloud Build configuration, has steps to re-run the checks and deploy the code to Cloud Run
steps: - name: openjdk:11 id: test entrypoint: "/bin/bash" args: - '-c' - |- ./gradlew check - name: openjdk:11 id: build-image entrypoint: "/bin/bash" args: - '-c' - |- ./gradlew jib --image=gcr.io/$PROJECT_ID/hello-cloud-build:$SHORT_SHA - name: 'gcr.io/cloud-builders/gcloud' id: deploy args: [ 'run', 'deploy', "--image=gcr.io/$PROJECT_ID/hello-cloud-build:$SHORT_SHA", '--platform=managed', '--project=$PROJECT_ID', '--region=us-central1', '--allow-unauthenticated', '--memory=256Mi', '--set-env-vars=SPRING_PROFILES_ACTIVE=gcp', 'hello-cloud-build' ]
Wrapup
With this tooling in place, a developer flow looks like this. A PR triggers checks and shows up like this on the github side:
and once checks are complete, allows the branch to be merged in:
After merge the code gets cleanly deployed.