Last active
March 8, 2021 12:54
-
-
Save kibablu/6481d8cb150ab58ff9454661c2127cba to your computer and use it in GitHub Desktop.
You must complete a series of tasks within the allocated time period. Instead of following step-by-step instructions, you'll be given a scenario and a set of tasks - you figure out how to complete it on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly. To score 10…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| gcloud config set project \ | |
| $(gcloud projects list --format='value(PROJECT_ID)' \ | |
| --filter='qwiklabs-gcp') | |
| gcloud config set run/region us-central1 | |
| gcloud config set run/platform managed | |
| git clone https://github.com/rosera/pet-theory.git && cd pet-theory/lab07 | |
| #Task 1: Enable a Public Service | |
| # change directory to api-billing | |
| cd unit-api-billing | |
| # building an image then stores it in container registry | |
| gcloud builds submit \ | |
| --tag gcr.io/$GOOGLE_CLOUD_PROJECT/billing-staging-api:0.1 | |
| # building cloud run and specify our image in container registry | |
| gcloud beta run deploy public-billing-service \ | |
| --image gcr.io/$GOOGLE_CLOUD_PROJECT/billing-staging-api:0.1 \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --allow-unauthenticated | |
| #Task 2: Deploy a Frontend Service | |
| # change directory to staging-frontend-billing | |
| cd .. && cd staging-frontend-billing | |
| # building an image then stores it in container registry | |
| gcloud builds submit \ | |
| --tag gcr.io/$GOOGLE_CLOUD_PROJECT/frontend-staging:0.1 | |
| # building cloud run and specify our image in container registry | |
| gcloud beta run deploy frontend-staging-service \ | |
| --image gcr.io/$GOOGLE_CLOUD_PROJECT/frontend-staging:0.1 \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --allow-unauthenticated | |
| # Delete the existing Billing Service on Cloud Run | |
| gcloud beta run services delete public-billing-service | |
| #Task 3: Deploy a Private Service | |
| # change directory to staging-frontend-billing | |
| cd .. && cd staging-api-billing | |
| # building an image then stores it in container registry | |
| gcloud builds submit \ | |
| --tag gcr.io/$GOOGLE_CLOUD_PROJECT/billing-staging-api:0.2 | |
| # building cloud run and specify our image in container registry with authenticated endpoint | |
| gcloud beta run deploy private-billing-service \ | |
| --image gcr.io/$GOOGLE_CLOUD_PROJECT/billing-staging-api:0.2 \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --no-allow-unauthenticated | |
| # Assign the SERVICE_URL to a environment variable | |
| BILLING_URL=$(gcloud run services describe private-billing-service \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --format "value(status.url)") | |
| # Service should respond when the endpoint is accessed | |
| curl -X get -H "Authorization: Bearer $(gcloud auth print-identity-token)" $BILLING_URL | |
| #Task 4: Create a Billing Service Account | |
| # create a Service Account for the Billing Service | |
| gcloud iam service-accounts create billing-service-sa --display-name "Billing Service Cloud Run" | |
| # Task 5: Deploy the Billing Service | |
| # change directory to staging-frontend-billing | |
| cd .. && cd prod-api-billing | |
| # building an image then stores it in container registry | |
| gcloud builds submit \ | |
| --tag gcr.io/$GOOGLE_CLOUD_PROJECT/billing-prod-api:0.1 | |
| # building cloud run and specify our image in container registry with authenticated endpoint | |
| gcloud beta run deploy billing-prod-service \ | |
| --image gcr.io/$GOOGLE_CLOUD_PROJECT/billing-prod-api:0.1 \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --no-allow-unauthenticated | |
| # add-iam-policy-binding - add IAM policy binding to a Cloud Run service | |
| gcloud run services add-iam-policy-binding billing-prod-service \ | |
| --member=serviceAccount:billing-service-sa@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com \ | |
| --role=roles/run.invoker | |
| # Add an environment variable | |
| PROD_BILLING_SERVICE=private-billing-service | |
| # Get the URL of the Billing Service | |
| PROD_BILLING_URL=$(gcloud run services describe $PROD_BILLING_SERVICE \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --format "value(status.url)") | |
| # Access the deployed endpoint | |
| curl -X get -H "Authorization: Bearer \ | |
| $(gcloud auth print-identity-token)" \ | |
| $PROD_BILLING_URL | |
| # Task 6: Frontend Service Account | |
| # create a Service Account for the Billing Service | |
| gcloud iam service-accounts create frontend-service-sa --display-name "Billing Service Cloud Run Invoker" | |
| # Task 7: Redeploy the Frontend Service | |
| # change directory to staging-frontend-billing | |
| cd .. && cd prod-frontend-billing | |
| # building an image then stores it in container registry | |
| gcloud builds submit \ | |
| --tag gcr.io/$GOOGLE_CLOUD_PROJECT/frontend-prod:0.1 | |
| # building cloud run and specify our image in container registry with authenticated endpoint | |
| gcloud beta run deploy frontend-prod-service \ | |
| --image gcr.io/$GOOGLE_CLOUD_PROJECT/frontend-prod:0.1 \ | |
| --platform managed \ | |
| --region us-central1 \ | |
| --allow-unauthenticated | |
| # add-iam-policy-binding - add IAM policy binding to a Cloud Run service | |
| gcloud run services add-iam-policy-binding frontend-prod-service \ | |
| --member=serviceAccount:frontend-service-sa@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com \ | |
| --role=roles/run.invoker |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment