Deployment Options for Sereact
This directory contains multiple options for deploying the Sereact application:
Terraform Infrastructure (/terraform)
The Terraform configuration automates the provisioning of all required Google Cloud resources:
- Google Cloud Run service
- Google Container Registry (GCR)
- Cloud Firestore
- Cloud Storage buckets
See terraform/README.md for detailed instructions.
Cloud Run Deployment (/cloud-run)
The service.yaml file defines the Cloud Run service configuration which can be deployed using:
gcloud run services replace deployment/cloud-run/service.yaml --region=us-central1
Deployment Script (deploy.sh)
For convenience, a deployment script is provided to handle the entire deployment workflow:
# Provision infrastructure with Terraform
./deployment/deploy.sh --provision
# Build and push Docker image
./deployment/deploy.sh --build
# Deploy to Cloud Run
./deployment/deploy.sh --deploy
# Do everything (provision, build, deploy)
./deployment/deploy.sh --all
CI/CD Pipelines
For CI/CD integration, consider using:
- GitHub Actions: Sample workflow included in terraform/README.md
- Cloud Build: Configure a
cloudbuild.yamlin your repository - Jenkins: Use the
deploy.shscript in your pipeline
Managing Secrets
Sensitive data should be managed using Google Secret Manager:
# Create a secret
gcloud secrets create sereact-api-key-secret --replication-policy="automatic"
gcloud secrets create sereact-vector-db-key --replication-policy="automatic"
# Add a secret version
echo -n "your-api-key-secret" | gcloud secrets versions add sereact-api-key-secret --data-file=-
echo -n "your-vector-db-key" | gcloud secrets versions add sereact-vector-db-key --data-file=-
# Update Cloud Run service to use the secrets
gcloud run services update sereact \
--update-secrets=API_KEY_SECRET=sereact-api-key-secret:latest,VECTOR_DB_API_KEY=sereact-vector-db-key:latest