0
0
GcpHow-ToBeginner · 4 min read

How to Deploy Cloud Run Using GitHub Actions

To deploy Cloud Run using GitHub Actions, create a workflow file that authenticates with Google Cloud, builds your container image, and deploys it to Cloud Run using the gcloud CLI. This automates deployment on code changes, making your process fast and reliable.
📐

Syntax

The GitHub Actions workflow for deploying to Cloud Run typically includes these steps:

  • Checkout code: Get your source code from the repository.
  • Authenticate: Use a service account key to log in to Google Cloud.
  • Build container: Build your app into a container image using gcloud builds submit or Docker.
  • Deploy: Deploy the container image to Cloud Run with gcloud run deploy.
yaml
name: Deploy to Cloud Run

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Authenticate to Google Cloud
        uses: google-github-actions/auth@v1
        with:
          credentials_json: ${{ secrets.GCP_SA_KEY }}

      - name: Set up Cloud SDK
        uses: google-github-actions/setup-gcloud@v1
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}

      - name: Build and deploy to Cloud Run
        run: |
          gcloud builds submit --tag gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app
          gcloud run deploy my-app --image gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app --region us-central1 --platform managed --quiet
💻

Example

This example workflow deploys a Cloud Run service named my-app whenever code is pushed to the main branch. It uses a Google Cloud service account stored as a secret for authentication.

yaml
name: Deploy to Cloud Run

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Authenticate to Google Cloud
        uses: google-github-actions/auth@v1
        with:
          credentials_json: ${{ secrets.GCP_SA_KEY }}

      - name: Set up Cloud SDK
        uses: google-github-actions/setup-gcloud@v1
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}

      - name: Build and deploy to Cloud Run
        run: |
          gcloud builds submit --tag gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app
          gcloud run deploy my-app --image gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app --region us-central1 --platform managed --quiet
Output
Starting Step #1 Step #1: Already have image (gcr.io/cloud-builders/gcloud), skipping build Creating Cloud Build job... Deploying service [my-app]... Service [my-app] revision [my-app-00001-abc] has been deployed and is serving 100 percent of traffic. Service URL: https://my-app-xyz.a.run.app
⚠️

Common Pitfalls

  • Missing or incorrect service account key: Ensure your service account has the Cloud Run Admin and Storage Admin roles and the key is stored correctly in GitHub secrets.
  • Wrong project ID or region: Double-check your project_id and region values match your Google Cloud setup.
  • Not setting up authentication step: Skipping authentication causes deployment failures.
  • Forgetting to enable Cloud Run API: Make sure Cloud Run API is enabled in your Google Cloud project.
yaml
### Wrong way: Missing authentication step

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: |
          gcloud builds submit --tag gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app
          gcloud run deploy my-app --image gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app --region us-central1 --platform managed --quiet

### Right way: Include authentication

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: google-github-actions/auth@v1
        with:
          credentials_json: ${{ secrets.GCP_SA_KEY }}
      - uses: google-github-actions/setup-gcloud@v1
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}
      - run: |
          gcloud builds submit --tag gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app
          gcloud run deploy my-app --image gcr.io/${{ secrets.GCP_PROJECT_ID }}/my-app --region us-central1 --platform managed --quiet
📊

Quick Reference

  • Store your Google Cloud service account key JSON in GitHub secrets as GCP_SA_KEY.
  • Set your Google Cloud project ID in GitHub secrets as GCP_PROJECT_ID.
  • Use google-github-actions/auth@v1 and google-github-actions/setup-gcloud@v1 actions for authentication and SDK setup.
  • Build your container with gcloud builds submit and deploy with gcloud run deploy.
  • Specify region and platform explicitly in deployment command.

Key Takeaways

Use a Google Cloud service account with proper roles and store its key securely in GitHub secrets.
Authenticate to Google Cloud in your GitHub Actions workflow before building and deploying.
Build your container image and deploy it to Cloud Run using the gcloud CLI commands.
Always specify your project ID, region, and platform explicitly in the deployment step.
Enable Cloud Run API in your Google Cloud project to avoid deployment errors.

Related by keyword

Cloud Functions vs Cloud Run: Key Differences and When to Use EachCloud FunctionsHow to Connect Cloud Run to Cloud SQL on GCPCloud SQLCloud Build vs GitHub Actions: Key Differences and When to Use EachCI/CDHow to Deploy a Cloud Function on Google Cloud PlatformCloud FunctionsHow to Deploy Using Cloud Build on Google Cloud PlatformCI/CD

Up next

What is HTTP Trigger Cloud Function in GCP: Simple ExplanationWhat is a Pub/Sub Trigger Cloud Function in GCP?App Engine Standard vs Flexible: Key Differences and When to Use EachApp Engine vs Cloud Run: Key Differences and When to Use Each

More in Cloud Run

Cloud Run vs App Engine: Key Differences and When to Use EachCloud Run vs Cloud Functions: Key Differences and When to Use EachCloud Run vs GKE: Key Differences and When to Use EachHow to Configure Auto Scaling in Cloud Run on GCP