Home > Backend Development > Python Tutorial > How to Create a Cloud Build to Allow Docker to Download Python Packages from Artifact Registry

How to Create a Cloud Build to Allow Docker to Download Python Packages from Artifact Registry

Mary-Kate Olsen
Release: 2024-12-09 08:46:07
Original
381 people have browsed it

How to Create a Cloud Build to Allow Docker to Download Python Packages from Artifact Registry

Google Cloud's Artifact Registry is a powerful tool for managing your application's dependencies. This guide demonstrates how to create a Cloud Build pipeline to enable Docker to access Python packages stored in Artifact Registry. By following these steps, you can securely manage dependencies and streamline deployments.


Prerequisites

  1. Google Cloud Project: Ensure you have a GCP project set up.
  2. Artifact Registry: A Python repository should already be configured in the Artifact Registry.
  3. Cloud Build: Enable the Cloud Build API for your project.
  4. Authentication: Configure service account permissions to access the Artifact Registry.

Steps to Configure Cloud Build

1. Generate an Artifact Registry Token

Use gcloud auth to generate an access token that will allow the Docker build process to authenticate with the Artifact Registry. Here's how you can do this:

steps:
  # Generate Artifact Registry token
  - name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
    entrypoint: bash
    args:
      - '-c'
      - |
        art=$(gcloud auth print-access-token)
        echo "$art" > /workspace/artifact_registry_token
        echo "$art"
Copy after login

2. Use the Token in Docker Build

Once the token is generated, it can be passed to the docker build process as a build argument. Here's how:

  - name: gcr.io/cloud-builders/docker
    id: Build
    env:
      - 'btf=/workspace/artifact_registry_token'
    entrypoint: bash
    args:
      - '-c'
      - |
        docker build \
          --build-arg ARTIFACT_REGISTRY_TOKEN=$(cat $btf) \
          --build-arg PROJECT_ID=$PROJECT_ID \
          -t test-image:latest \
          -f Dockerfile .
Copy after login

3. Create the Dockerfile

The Dockerfile is configured to use the token to download Python packages from Artifact Registry:

# syntax=docker/dockerfile:1

FROM python:3.11-slim

ARG ARTIFACT_REGISTRY_TOKEN
ARG PROJECT_ID

# Keeps Python from buffering stdout and stderr
ENV PYTHONUNBUFFERED=1

WORKDIR /app

RUN pip install --no-cache-dir -r requirements.txt

COPY . .

# Install dependencies using the token
RUN pip install \
    --index-url https://pypi.org/simple \
    --extra-index-url https://oauth2accesstoken:${ARTIFACT_REGISTRY_TOKEN}@us-central1-python.pkg.dev/${PROJECT_ID}/python-packages/simple/ \
    "your-package-name==your-package-version"

# Expose the application port
EXPOSE 8080

# Command to run the application
CMD ["uvicorn", "main:app", "--port=8080", "--host=0.0.0.0"]
Copy after login

4. Add Build Config Options

Finally, define other configurations such as machine type, logging, and substitutions:

options:
  machineType: E2_HIGHCPU_8
  substitutionOption: ALLOW_LOOSE
  logging: CLOUD_LOGGING_ONLY
substitutions:
  _PACKAGE: your-package-name==your-package-version
  _REPOSITORY: python-packages
  _LOCATION: us-central1
  _PROJECT_ID: your-project-id
Copy after login

Tags and Metadata

To organize your builds better, include meaningful tags:

tags:
  - gcp-cloud-build
  - artifact-registry
  - docker-python-packages
Copy after login

Summary

This setup ensures that your Docker builds in Cloud Build can securely pull Python dependencies from your Artifact Registry using an access token. Adjust the provided configuration to your project-specific details, such as package names, repository URLs, and deployment targets.

Implementing this pipeline will improve security and make dependency management seamless for your projects.

The above is the detailed content of How to Create a Cloud Build to Allow Docker to Download Python Packages from Artifact Registry. For more information, please follow other related articles on the PHP Chinese website!

source:dev.to
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template