ai-workspace-services/accounts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
accounts/deploy/README.md

2.6 KiB
Raw Permalink Blame History

Deployment Configuration Guide

This directory contains the deployment configurations and procedures for the Accounts Service (accounts.svc.plus) on Google Cloud Run.

Environments

1. Production Environment

2. Preview Environment

Deployment Procedures

Build and Deploy Preview (from main)

# 1. Switch to main branch
git checkout main

# 2. Build image via Cloud Build
gcloud builds submit --tag asia-northeast1-docker.pkg.dev/xzerolab-480008/cloud-run-source-deploy/accounts.svc.plus/preview-accounts-svc-plus:latest --project xzerolab-480008

# 3. Apply Cloud Run configuration
gcloud run services replace deploy/gcp/cloud-run/preview-service.yaml --project xzerolab-480008 --region asia-northeast1

# 4. Ensure public access
gcloud run services add-iam-policy-binding preview-accounts-svc-plus --project xzerolab-480008 --region asia-northeast1 --member="allUsers" --role="roles/run.invoker"

Build and Deploy Production (from release/v0.1)

# 1. Switch to release branch
git checkout release/v0.1

# 2. Build image via Cloud Build
gcloud builds submit --tag asia-northeast1-docker.pkg.dev/xzerolab-480008/cloud-run-source-deploy/accounts.svc.plus/accounts-svc-plus:v0.1 --project xzerolab-480008

# 3. Apply Cloud Run configuration
# Note: Ensure the image path in service.yaml matches the versioned tag
gcloud run services replace deploy/gcp/cloud-run/prod-service.yaml --project xzerolab-480008 --region asia-northeast1

Infrastructure Components

  • Stunnel Sidecar: Used for secure connection to the PostgreSQL database. Configuration is stored in Secret Manager as stunnel-config.
  • Secrets:
    • postgres-password: Database access.
    • internal-service-token: RPC/Internal communication.
    • stunnel-config: Sidecar tunnel settings.
    • smtp-username / smtp-password: Email delivery.