top of page
Writer's pictureAlex Deng

Deploying FeatureHub on GCP Cloud Run with Pulumi (Part 1)

Updated: Dec 13, 2021



Intro


This will be the first of a 3 part series to get FeatureHub running on GCP Cloud Run using Infrastructure as Code.


Our tool of choice is Pulumi for Infrastructure as code because it is cross team collaborative and epitomises DevOps Culture.


In part 1 of the series, we will be setting up Pulumi with a Cloud Storage infrastructure backend and encryption using GCP KMS. We start with the following steps in https://www.pulumi.com/docs/get-started/gcp/create-project/ but with proper security.


Prerequisites


Make sure you have all of the Pulumi dependencies installed. https://www.pulumi.com/docs/get-started/gcp/begin/


You will also need to setup a KMS keyring and a key using this guide: https://cloud.google.com/kms/docs/creating-keys


You will also need to create a Cloud Storage bucket following this guide https://cloud.google.com/storage/docs/creating-buckets


Steps

1. Run the following command:

gcloud config set project <YOUR_GCP_PROJECT_ID> (replace <YOUR_GCP_PROJECT_ID> with your project ID)
gcloud auth application-default login

this may fail depending on your OS and you will need to run:


gcloud auth login --no-launch-browser

Then paste URL it gives you into a browser and then copy paste code to terminal.


2. Now we will create the new Pulumi project as per https://www.pulumi.com/docs/get-started/gcp/create-project/

mkdir quickstart && cd quickstart
pulumi new gcp-typescript

The caveat here is you need the pass in the URI to your KMS key:


quickstart pulumi new gcp-typescript --secrets-provider="gcpkms://projects/<YOUR_GCP_PROJECT_ID>/locations/global/keyRings/<KEY_RING_NAME>/cryptoKeys/<KEY_NAME>"
This command will walk you through creating a new Pulumi project.

Enter a value or leave blank to accept the (default), and press <ENTER>.
Press ^C at any time to quit.

project name: (quickstart)
project description: (A minimal Google Cloud TypeScript Pulumi program)
Created project 'quickstart'

stack name: (dev)
Created stack 'dev'

gcp:project: The Google Cloud project to deploy into: <YOUR_GCP_PROJECT_ID>
Saved config

3. Then you need to login and point to the Cloud Storage bucket where your backend (state) will go.


pulumi login gs://<YOUR_BUCKET_NAME>

After this you can continue following https://www.pulumi.com/docs/get-started/gcp/review-project/ with the content for your index.ts (to create an example bucket) and then run


pulumi up

If you followed these steps you should see that your Cloud Storage bucket now has the contents of your infrastructure backend.




140 views0 comments

Comments


bottom of page