Cloud Native Automation with Google Cloud Build

Cloud Native Automation with Google Cloud Build

by Anthony Bushong, Kent Hua
Released October 2022
Publisher(s): Packt Publishing
ISBN: 9781801816700

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Written by two Google Cloud experts, this book will help you to create a concrete foundation of Cloud Build so that you can define workflows and pipelines as builds in Google Cloud Build

Key Features

  • Learn Cloud Build's API and build configuration/schema
  • Apply scalability and security best practices for using Cloud Build
  • Integrate Cloud Build with external systems critical to workflows

Book Description

When adopting cloud infrastructure, you are often looking to modernize the automation of workflows such as continuous integration and software delivery. Minimizing operational overhead via fully managed solutions such as Cloud Build can be tough. Moreover, learning Cloud Build's API and build schema, scalability, security, and integrating Cloud Build with other external systems can be challenging. This book helps you to overcome these challenges by cementing a Google Cloud Build foundation.

The book starts with an introduction to Google Cloud Build and explains how it brings value via automation. You will then configure the architecture and environment in which builds run while learning how to execute these builds. Next, you will focus on writing and configuring fully featured builds and executing them securely. You will also review Cloud Build's functionality with practical applications and set up a secure delivery pipeline for GKE. Moving ahead, you will learn how to manage safe roll outs of cloud infrastructure with Terraform. Later, you will build a workflow from local source to production in Cloud Run. Finally, you will integrate Cloud Build with external systems while leveraging Cloud Deploy to manage roll outs.

By the end of this book, you'll be able to automate workflows securely by leveraging the principles of Google Cloud Build.

What you will learn

  • Get started with Cloud Build the right way
  • Define new workflows using the Cloud Build schema
  • Implement a secure build and deployment environment for GKE
  • Automate serverless workflows for Cloud Run and Cloud Functions
  • Integrate Cloud Build with source code management and artifact stores
  • Develop a Cloud Build strategy for your organization

Who this book is for

This book is for cloud engineers and DevOps engineers who manage cloud environments and desire to automate workflows in a fully managed, scalable, and secure platform. You are expected to have an understanding of cloud fundamentals, software delivery, and containerization fundamentals to get the most out of this book.

Table of contents

  1. Cloud Native Automation with Google Cloud Build
  2. Contributors
  3. About the authors
  4. About the reviewers
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Share Your Thoughts
  6. Part 1: The Fundamentals
  7. Chapter 1: Introducing Google Cloud Build
    1. Technical requirements
    2. The value of automation
    3. Before there was the cloud
      1. Making sure there are enough resources
      2. Who needs to manage all of this?
    4. Reducing toil with managed services
    5. Cloud-native automation with Google Cloud Build
      1. GCP service integrations
    6. Summary
  8. Chapter 2: Configuring Cloud Build Workers
    1. Technical requirements
    2. How worker pools can be configured in Cloud Build
    3. Prerequisites for running builds on worker pools
    4. Using the default pool
    5. Using private pools
    6. Summary
  9. Chapter 3: Getting Started – Which Build Information Is Available to Me?
    1. Technical requirements
    2. How your build resources are accessed
    3. Build submission and status
    4. Using the GCP console
    5. Build operations
    6. Summary
  10. Part 2: Deconstructing a Build
  11. Chapter 4: Build Configuration and Schema
    1. Defining the minimum configuration for build steps
    2. Setting up your environment
      1. Defining your build step container image
      2. Defining your build step arguments
    3. Adjusting the default configuration for the build steps
    4. Defining the relationships between individual build steps
    5. Configuring build-wide specifications
    6. Summary
  12. Chapter 5: Triggering Builds
    1. Technical requirements
    2. The anatomy of a trigger
    3. Integrations with source code management platforms
    4. Defining your own triggers
      1. Webhook triggers
      2. Manual triggers
    5. Summary
  13. Chapter 6: Managing Environment Security
    1. Defense in depth
    2. The principle of least privilege
    3. Accessing sensitive data and secrets
      1. Secret Manager
      2. Cloud Key Management
    4. Build metadata for container images
      1. Provenance
      2. Attestations
    5. Securing the network perimeter
    6. Summary
  14. Part 3: Practical Applications
  15. Chapter 7: Automating Deployment with Terraform and Cloud Build
    1. Treating infrastructure as code
      1. Simple and straightforward Terraform
      2. The separation of resource creation and the build steps
    2. Building a custom builder
    3. Managing the principle of least privilege for builds
    4. Human-in-the-loop with manual approvals
    5. Summary
  16. Chapter 8: Securing Software Delivery to GKE with Cloud Build
    1. Creating your build infrastructure and deployment target
      1. Enabling foundational Google Cloud services
      2. Setting up the VPC networking for your environment
      3. Setting up your private GKE cluster
    2. Securing build and deployment infrastructure
      1. Creating private pools with security best practices
      2. Securing access to your private GKE control plane
    3. Applying POLP to builds
      1. Creating build-specific IAM service accounts
      2. Custom IAM roles for build service accounts
    4. Configuring release management for builds
      1. Integrating SCM with Cloud Build
      2. Gating builds with manual approvals
      3. Executing builds via build triggers
    5. Enabling verifiable trust in artifacts from builds
      1. Building images with build provenance
      2. Utilizing Binary Authorization for admission control
    6. Summary
  17. Chapter 9: Automating Serverless with Cloud Build
    1. Understanding Cloud Functions and Cloud Run
      1. Cloud Functions
      2. Cloud Run
      3. Cloud Functions 2nd gen
      4. Comparing Cloud Functions and Cloud Run
    2. Building containers without a build configuration
      1. Dockerfile
      2. Language-specific tooling
      3. Buildpacks
    3. Automating tasks for Cloud Run and Cloud Functions
      1. Deploying services and jobs to Cloud Run
      2. Deploying to Cloud Functions
      3. Going from source code directly to containers running in Cloud Run
      4. Progressive rollouts for revisions of a Cloud Run service
      5. Securing production with Binary Authorization
    4. Summary
  18. Chapter 10: Running Operations for Cloud Build in Production
    1. Executing in production
      1. Leveraging Cloud Build services from different projects
      2. Securing build triggers even further
      3. Notifications
      4. Deriving more value from logs
    2. Configurations to consider in production
      1. Making builds more dynamic
      2. Changes in Cloud Build related to secret management
    3. Speeding up your builds
    4. Summary
  19. Part 4: Looking Forward
  20. Chapter 11: Looking Forward in Cloud Build
    1. Implementing continuous delivery with Cloud Deploy
      1. The relationship between Cloud Build and Cloud Deploy
    2. Summary
  21. Index
    1. Why subscribe?
  22. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: Cloud Native Automation with Google Cloud Build
  • Author(s): Anthony Bushong, Kent Hua
  • Release date: October 2022
  • Publisher(s): Packt Publishing
  • ISBN: 9781801816700