Build and push a Docker image with Cloud Build
Learn how to get started with Cloud Build by building a Docker image and pushing the image to Artifact Registry. Artifact Registry provides a single location for managing private packages and Docker container images.
You will first build the image using a Dockerfile, which is the Docker
configuration file, and then build the same image using the
Cloud Build configuration file.
To follow step-by-step guidance for this task directly in the Cloud Shell Editor, click Guide me:
Before you begin
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
- 
    
    
      
        In the Google Cloud console, on the project selector page, select or create a Google Cloud project. Roles required to select or create a project - Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
- 
      Create a project: To create a project, you need the Project Creator
      (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.createpermission. Learn how to grant roles.
 
- 
  
    Verify that billing is enabled for your Google Cloud project. 
- 
  
  
    
      Enable the Cloud Build, Compute Engine and Artifact Registry APIs. Roles required to enable APIs To enable APIs, you need the Service Usage Admin IAM role ( roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enablepermission. Learn how to grant roles.
- 
      Install the Google Cloud CLI. 
- 
          If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity. 
- 
        To initialize the gcloud CLI, run the following command: gcloud init
- 
    
    
      
        In the Google Cloud console, on the project selector page, select or create a Google Cloud project. Roles required to select or create a project - Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
- 
      Create a project: To create a project, you need the Project Creator
      (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.createpermission. Learn how to grant roles.
 
- 
  
    Verify that billing is enabled for your Google Cloud project. 
- 
  
  
    
      Enable the Cloud Build, Compute Engine and Artifact Registry APIs. Roles required to enable APIs To enable APIs, you need the Service Usage Admin IAM role ( roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enablepermission. Learn how to grant roles.
- 
      Install the Google Cloud CLI. 
- 
          If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity. 
- 
        To initialize the gcloud CLI, run the following command: gcloud init
- 
    
        Make sure that you have the following role or roles on the project: Artifact Registry Administrator, Cloud Build Editor, Logs Viewer, Service Account User, Service Usage Admin, Storage Bucket Viewer, Storage Object Creator Check for the roles- 
              In the Google Cloud console, go to the IAM page. Go to IAM
- Select the project.
- 
              In the Principal column, find all rows that identify you or a group that you're included in. To learn which groups you're included in, contact your administrator. 
- For all rows that specify or include you, check the Role column to see whether the list of roles includes the required roles.
 Grant the roles- 
              In the Google Cloud console, go to the IAM page. Go to IAM
- Select the project.
- Click Grant access.
- 
              In the New principals field, enter your user identifier. This is typically the email address for a Google Account. 
- In the Select a role list, select a role.
- To grant additional roles, click Add another role and add each additional role.
- Click Save.
 
- 
              
Prepare source files to build
You'll need some sample source code to package into a container image. In this section,
you'll create a shell script and a Dockerfile. A Dockerfile is a text
document that contains instructions for Docker to build an image.
- Open a terminal window. 
- Create a new directory named - quickstart-dockerand navigate into it:- mkdir quickstart-docker cd quickstart-docker
- Create a file named - quickstart.shwith the following contents:
- Create a file named - Dockerfilewith the following contents:
- In the terminal window, run the following command to make - quickstart.shexecutable:- chmod +x quickstart.sh
Create a Docker repository in Artifact Registry
- Create a new Docker repository named - quickstart-docker-repoin the location- us-west2with the description "Docker repository":- gcloud artifacts repositories create quickstart-docker-repo --repository-format=docker \ --location=us-west2 --description="Docker repository"
- Verify that your repository was created: - gcloud artifacts repositories list- You will see - quickstart-docker-repoin the list of displayed repositories.
Build an image using Dockerfile
Cloud Build allows you to build a Docker image using a
Dockerfile. You don't require a separate Cloud Build config file.
To build using a Dockerfile:
- Get your Google Cloud project ID by running the following command: - gcloud config get-value project
- Run the following command from the directory containing - quickstart.shand- Dockerfile:- gcloud builds submit --region=us-west2 --tag us-west2-docker.pkg.dev/PROJECT_ID/quickstart-docker-repo/quickstart-image:tag1
After the build is complete, you will see an output similar to the following:
DONE
------------------------------------------------------------------------------------------------------------------------------------
ID                                    CREATE_TIME                DURATION  SOURCE   IMAGES     STATUS
545cb89c-f7a4-4652-8f63-579ac974be2e  2020-11-05T18:16:04+00:00  16S       gs://gcb-docs-project_cloudbuild/source/1604600163.528729-b70741b0f2d0449d8635aa22893258fe.tgz  us-west2-docker.pkg.dev/gcb-docs-project/quickstart-docker-repo/quickstart-image:tag1  SUCCESS
You've just built a Docker image named quickstart-image using a Dockerfile
and pushed the image to Artifact Registry.
Build an image using a build config file
In this section you will use a Cloud Build config file to build the same Docker image as above. The build config file instructs Cloud Build to perform tasks based on your specifications.
- In the same directory that contains - quickstart.shand the- Dockerfile, create a file named- cloudbuild.yamlwith the following contents. This file is your build config file. At build time, Cloud Build automatically replaces- $PROJECT_IDwith your project ID.
- Start the build by running the following command: - gcloud builds submit --region=us-west2 --config cloudbuild.yaml
When the build is complete, you will see an output similar to the following:
DONE
------------------------------------------------------------------------------------------------------------------------------------
ID                                    CREATE_TIME                DURATION  SOURCE          IMAGES          STATUS
046ddd31-3670-4771-9336-8919e7098b11  2020-11-05T18:24:02+00:00  15S       gs://gcb-docs-project_cloudbuild/source/1604600641.576884-8153be22c94d438aa86c78abf11403eb.tgz  us-west2-docker.pkg.dev/gcb-docs-project/quickstart-docker-repo/quickstart-image:tag1  SUCCESS
You've just built quickstart-image using the build config file and pushed the
image to Artifact Registry.
View build details
- Open the Cloud Build page in the Google Cloud console. 
- If necessary, select your project and click Open. - You will see the Build history page:   
- If necessary, select - us-west2in the Region drop-down menu to view builds in that region.- There will be two builds listed, one for each of the builds you executed in this quickstart. 
- Click one of the builds. - You will see the Build details page. 
- To view the artifacts of your build, under Build Summary, click Build Artifacts. - You will see an output similar to the following:   - You can download your build log and view your image details in Artifact Registry from this page. 
Clean up
To avoid incurring charges to your Google Cloud account for the resources used on this page, follow these steps.
- Open the Artifact Registry page in the Google Cloud console. 
- Select your project and click Open. 
- Select quickstart-docker-repo. 
- Click Delete. 
You have now deleted the repository that you created as part of this quickstart.
What's next
- Learn how to run a Docker image.
- Learn how to create a basic build config file.
- Learn how to deploy using Cloud Build.
- Learn how to build Node.js applications.
- Learn how to build Java applications.
- Learn how to build Go applications.