How to Deploy to GCP Cloud Run With Bitbucket Pipelines
Activate a service account with gcloud auth activate-service-account, then gcloud run deploy the image to Cloud Run.
A Cloud Run deploy authenticates with a service account key, then deploys the container image. Store the JSON key as a secured variable, write it to a file, and activate it before deploying.
Steps
- Create a service account with the Cloud Run Admin and Service Account User roles.
- Store its JSON key (base64) as the secured variable
GCP_SA_KEY. - Decode and
gcloud auth activate-service-account. gcloud run deploy <service> --image <image> --region <region>.
Pipeline
bitbucket-pipelines.yml
image: google/cloud-sdk:slim
pipelines:
branches:
main:
- step:
name: Deploy to Cloud Run
deployment: production
script:
- echo "$GCP_SA_KEY" | base64 -d > /tmp/key.json
- gcloud auth activate-service-account --key-file /tmp/key.json
- gcloud config set project "$GCP_PROJECT"
- >
gcloud run deploy web
--image "$IMAGE_REPO:$BITBUCKET_COMMIT"
--region us-central1 --platform managed --quietGotchas
- The image must live in Artifact Registry or GCR that the service account can read.
- Add
--allow-unauthenticatedonly if the service should be public. - Prefer workload identity federation over a long-lived key where supported.
Related guides
How to Deploy to Azure With Bitbucket PipelinesDeploy to an Azure App Service from Bitbucket Pipelines by logging in with a service principal and running az…
How to Build and Push a Docker Image With the docker Service in Bitbucket PipelinesBuild and push a Docker image from Bitbucket Pipelines by enabling the docker service, logging in to the regi…