PoC Automation of Cloud Deploy w/ Cloud Functions
Automatically promote rollout to next stage in a serialPipeline.
- Prepare a new service account for this function.
- Add
roles/clouddeploy.releaser
permission at project level. - Add
roles/iam.serviceAccountUser
permission at Cloud Deploy execution service account. - Deploy Cloud Function with entrypoint
AutoPromote
and subscribe toclouddeploy-operations
topic.
gcloud functions deploy cloud-deploy-auto-promote \
--gen2 \
--runtime=go119 \
--project=[PROJECT ID] \
--region=[REGION] \
--source=. \
--entry-point=AutoPromote \
--trigger-topic=clouddeploy-operations \
--service-account=[Service Account] \
--serve-all-traffic-latest-revision \
--timeout=540 \
--memory=128Mi
Currently allowing or disallowing pipelines is not yet implimented. If you need, adding approval is highly recommended.
Post message to Slack channel when release is created.
Post rollout status to Slack thread of its release.
- SLACK_TOKEN
- SLACK_CHANNEL
- SLACK_BOT_STATE_BUCKET
Notification messages can be customized by adding annotations to release.
name | usage | value |
---|---|---|
deployer-slack-id | optional: mention in release post | Slack UserID |
cc-slack-group-ids | optional: mention group in release post | Comma separated Slack GroupID |
TBD
TBD
gcloud functions deploy...
Post approval status to Slack thread of its release.
- SLACK_TOKEN
- SLACK_CHANNEL
- SLACK_BOT_STATE_BUCKET
- TBD
TBD
TBD
gcloud functions deploy...
Notify approval status changes to slack.
- Prepare a new service account for this function.
- Add Slack token to Cloud Secret Manager and allow the service account
roles/secretmanager.secretAccessor
role. Secrets can be accesible both via Cloud Run Integration and berglas. - Deploy Cloud Function with entrypoint
NotifyApprovalRequestSlackSimple
and subscribe toclouddeploy-approvals
topic.
gcloud functions deploy cloud-deploy-approvals-notify \
--gen2 \
--runtime=go119 \
--project=[PROJECT ID] \
--region=[REGION] \
--source=. \
--entry-point=NotifyApprovalRequestSlackSimple \
--trigger-topic=clouddeploy-approvals \
--service-account=[Service Account] \
--serve-all-traffic-latest-revision \
--timeout=540 \
--memory=128Mi \
--set-env-vars="SLACK_APPROVAL_CHANNEL=[CHANNEL ID]" \
--set-secrets='SLACK_TOKEN=projects/[PROJECT ID]/secrets/[SECRET ID]/versions/latest'