ai-coding-with-mongodb-evaluator/cloudbuild.yaml at main · mongodb-developer/ai-coding-with-mongodb-evaluator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# GCP Cloud Build pipeline for the Schema Summary Evaluator.
#
# Builds the container, pushes it to Artifact Registry, deploys to Cloud Run.
#
# Trigger:
#   gcloud builds submit \
#     --config cloudbuild.yaml \
#     --substitutions=_REGION=us-central1,_REPO=workshop,_SERVICE=evaluator
#
# Required substitutions:
#   _REGION   GCP region (e.g. us-central1)
#   _REPO     Artifact Registry repository name
#   _SERVICE  Cloud Run service name
#
# Required secrets in Secret Manager, mounted as env vars on Cloud Run:
#   GROVE_API_KEY            (always; Grove gateway key for Anthropic)
#   CREDLY_TOKEN             (only if issuing real badges)
#   CREDLY_ORG_ID            (same)
#   CREDLY_BADGE_TEMPLATE_ID (same)
#
# This file lives in evaluator/. Run gcloud from this directory, or pass
# `--config evaluator/cloudbuild.yaml` from the repo root.

steps:
  # 1. Build the container image.
  - name: gcr.io/cloud-builders/docker
    id: build
    args:
      - build
      - --tag
      - ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}:$SHORT_SHA
      - --tag
      - ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}:latest
      - --file
      - Dockerfile
      - .

  # 2. Push both tags to Artifact Registry.
  - name: gcr.io/cloud-builders/docker
    id: push
    args:
      - push
      - --all-tags
      - ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}

  # 3. Deploy to Cloud Run. Secrets bound from Secret Manager; CREDLY_DRY_RUN
  #    defaults to 1 so the workshop event must explicitly enable real badges.
  - name: gcr.io/google.com/cloudsdktool/cloud-sdk
    id: deploy
    entrypoint: gcloud
    args:
      - run
      - deploy
      - ${_SERVICE}
      - --image=${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}:$SHORT_SHA
      - --region=${_REGION}
      - --platform=managed
      - --allow-unauthenticated
      - --port=8080
      - --memory=512Mi
      - --cpu=1
      - --concurrency=80
      - --min-instances=0
      - --max-instances=10
      - --timeout=120
      - --set-env-vars=CREDLY_DRY_RUN=1,ANTHROPIC_MODEL=claude-opus-4-7
      - --set-secrets=GROVE_API_KEY=GROVE_API_KEY:latest

images:
  - ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}:$SHORT_SHA
  - ${_REGION}-docker.pkg.dev/$PROJECT_ID/${_REPO}/${_SERVICE}:latest

options:
  logging: CLOUD_LOGGING_ONLY

substitutions:
  _REGION: us-central1
  _REPO: workshop
  _SERVICE: evaluator