Cloud Native Automation with Google Cloud Build

By : Anthony Bushong, Kent Hua

Cloud Native Automation with Google Cloud Build

By: Anthony Bushong, Kent Hua

Overview of this book

When adopting cloud infrastructure, you are often looking to modernize the automation of workflows such as continuous integration and software delivery. Minimizing operational overhead via fully managed solutions such as Cloud Build can be tough. Moreover, learning Cloud Build’s API and build schema, scalability, security, and integrating Cloud Build with other external systems can be challenging. This book helps you to overcome these challenges by cementing a Google Cloud Build foundation. The book starts with an introduction to Google Cloud Build and explains how it brings value via automation. You will then configure the architecture and environment in which builds run while learning how to execute these builds. Next, you will focus on writing and configuring fully featured builds and executing them securely. You will also review Cloud Build's functionality with practical applications and set up a secure delivery pipeline for GKE. Moving ahead, you will learn how to manage safe roll outs of cloud infrastructure with Terraform. Later, you will build a workflow from local source to production in Cloud Run. Finally, you will integrate Cloud Build with external systems while leveraging Cloud Deploy to manage roll outs. By the end of this book, you’ll be able to automate workflows securely by leveraging the principles of Google Cloud Build.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Share Your Thoughts

Part 1: The Fundamentals

Free Chapter

Chapter 1: Introducing Google Cloud Build

Technical requirements

The value of automation

Before there was the cloud

Reducing toil with managed services

Cloud-native automation with Google Cloud Build

Summary

Chapter 2: Configuring Cloud Build Workers

Technical requirements

How worker pools can be configured in Cloud Build

Prerequisites for running builds on worker pools

Using the default pool

Using private pools

Summary

Chapter 3: Getting Started – Which Build Information Is Available to Me?

Technical requirements

How your build resources are accessed

Build submission and status

Using the GCP console

Build operations

Summary

Part 2: Deconstructing a Build

Chapter 4: Build Configuration and Schema

Defining the minimum configuration for build steps

Setting up your environment

Adjusting the default configuration for the build steps

Defining the relationships between individual build steps

Configuring build-wide specifications

Summary

Chapter 5: Triggering Builds

Technical requirements

The anatomy of a trigger

Integrations with source code management platforms

Defining your own triggers

Summary

Chapter 6: Managing Environment Security

Defense in depth

The principle of least privilege

Accessing sensitive data and secrets

Build metadata for container images

Securing the network perimeter

Summary

Part 3: Practical Applications

Chapter 7: Automating Deployment with Terraform and Cloud Build

Treating infrastructure as code

Building a custom builder

Managing the principle of least privilege for builds

Human-in-the-loop with manual approvals

Summary

Chapter 8: Securing Software Delivery to GKE with Cloud Build

Creating your build infrastructure and deployment target

Securing build and deployment infrastructure

Applying POLP to builds

Configuring release management for builds

Enabling verifiable trust in artifacts from builds

Summary

Chapter 9: Automating Serverless with Cloud Build

Understanding Cloud Functions and Cloud Run

Building containers without a build configuration

Automating tasks for Cloud Run and Cloud Functions

Summary

Chapter 10: Running Operations for Cloud Build in Production

Executing in production

Configurations to consider in production

Speeding up your builds

Summary

Part 4: Looking Forward

Chapter 11: Looking Forward in Cloud Build

Implementing continuous delivery with Cloud Deploy

Summary

Index

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Reducing toil with managed services

In the previous section, we discussed the efforts involved in maintaining a platform for building applications and services. Many of the activities described in making sure the environment is always up and running could involve some toil. For example, Google’s SRE handbook (https://sre.google/sre-book/eliminating-toil/) goes further into the elements of IT tasks that could be considered toil.

If we are able to avoid toil and know that a provider manages the underlying build infrastructure, we are able to focus on what is more important, the application that helps drive our business. This is one of the goals of managed services, letting the provider handle the underlying details, providing a consistent syntax that becomes the common language between teams, providing compute resources as needed, and not billing when the service is not being utilized.

It is one less component of a build pipeline to consider as the provider is maintaining the underlying infrastructure and they are able to provide the team with scale when needed at any given time. The MSP would be responsible for making sure that there are enough workers in order to execute all the jobs in the build pipeline. However, managed services could also be seen as a form of lock-in to a particular vendor or cloud provider. In most cases, a managed service typically has the best integration to services provided by the offering provider. This is where adding additional capabilities are much more streamlined, but not limited, to the following:

Triggering mechanisms
Secrets management
Securing communication and data transfer between integrated services
Observability

The integrations are there to help save time and, in reference to the original theme of this book, allow an organization to focus on the application at hand. Though important topics are noted in the preceding section, the importance of a managed service to allow flexibility and a way to integrate third-party-specific capabilities is also important when choosing a managed service.

As noted earlier, if an organization chooses to manage their own build solution, they may be responsible for the availability of the platform. In the case of a managed service, the provider is responsible for the availability and may establish an SLA with the customer using its services. The customer would have to make the determination of whether the communicated SLA is acceptable to the business.

Managed services offered by providers reduce the amount of toil to keep the build platform up and running. They allow teams at an organization to focus on critical business functions or revenue-generating activities. In the case of on-premises, not having to wait for hardware procurement or setup allows for maximum business flexibility. The provider would be responsible for making sure the platform is up to date and allowing for fast-paced groups within the organization to experiment with newer capabilities.

Cloud Native Automation with Google Cloud Build

By : Anthony Bushong, Kent Hua

Cloud Native Automation with Google Cloud Build

By: Anthony Bushong, Kent Hua

Overview of this book

Related Content you might be interested in

Current Title:

Cloud Native Automation with Google Cloud Build

Secure Continuous Delivery on Google Cloud

Hands-On Serverless Computing with Google Cloud.

Google Cloud for DevOps Engineers

Reducing toil with managed services