Bare-bones, Dockerized Flask app running on a Container-Optimized OS Google Compute Engine instance. Infrastructure provisioning and deployment using GitHub Actions.
- Create a virtual environment:
$ python3 -m venv .venv
- Activate the virtual environment:
$ source .venv/bin/activate
- Install requirements:
$ pip install -r requirements.txt
$ docker build -t dockerized-flask-on-gce:local .
$ docker run -p 6969:6969 dockerized-flask-on-gce:local
- Manually create a project on Google Cloud Platform and make a note of the project ID (not the project number)
- Enable the following APIs for the project:
- Google Compute Engine (GCE)—VM upon which the container will run
- Identity and Access Management (IAM) API—this enables use of newly created service account
- Artifact Registry API—private repository for Docker images
- Cloud Resource Manager API—interacting with containers
- Create a service account with owner access to project
- Create service account key and download
- Manually create a storage bucket to act as the Terraform backend—this must be globally unique and must match the value
provided in
infra/main.tf
The following Secrets need to be set:
GCP_PROJECT_ID
GCP_SERVICE_ACCOUNT_KEY
GCP_SERVICE_ACCOUNT_KEY_FLATTENED
(see below)
Terraform expects a flattened version of the service account key. See these instructions for how to do this.
Commit and push! Successful CI/CD pipelines will result in a new image, tagged with the commit SHA, being built and deployed each time, with old images being pruned from the VM.