I want to use Cloud Build to execute a script to deploy a NodeJS project on my private VM.
Here is what i have done in my cloudbuild.yaml
steps: # copy configuration bucket from GCS to cloudbuild - name: gcr.io/cloud-builders/gsutil args: ['cp', '-r', 'gs://${_GCS_CONFIGRATION_BUCKET}', '.'] # Set 400 to private key. - name: 'kroniak/ssh-client' args: ['chmod', '400', '${_GCS_CONFIGRATION_BUCKET}/ssh/cloudbuild_id_rsa'] # ssh into remote instance and run a script. - name: 'kroniak/ssh-client' args: ['ssh', '-i', '${_GCS_CONFIGRATION_BUCKET}/ssh/cloudbuild_id_rsa', '-o', 'UserKnownHostsFile=/dev/null', '-o', 'StrictHostKeyChecking=no', '-p', '${_SSH_REMOTE_PORT}', '${_SSH_REMOTE_USER_HOST}', '${_SSH_REMOTE_COMMAND}']Because CloudBuild is stateless, you need to create your RSA keypairs and store the keys on a private GCS.
You need to add your RSA public key into ~/.ssh/authorized_keys on your server, tutorial here
And the script to pulling code and restart server.
#!/bin/sh # It is good practice to print the required versions on server. # cause the code will execute in SSH non interactively mode. # https://stackoverflow.com/questions/17089808/how-to-do-remote-ssh-non-interactively echo "NodeJS: "$(node -v) echo "NPM: "$(npm -v) WORKSPACE=/working_directory/public_html echo "Working directory: " $WORKSPACE cd $WORKSPACE git checkout develop git pull -Xtheirs echo "===================Install dependencies ===========" npm install echo "===================Finished install dependencies ========" echo "RELOAD ENV" pm2 reload $WORKSPACE/ecosystem.config.js production --update-env
Here are example values of the variable.
_GCS_CONFIGRATION_BUCKET : my-private-bucket-configuration _SSH_REMOTE_PORT : 2202 // hacker will sad. _SSH_REMOTE_USER_HOST : aduckdev@8.8.8.8 _SSH_REMOTE_COMMAND : /home/aduckdev/deployment_script.sh
