Use when deploying applications to Google Cloud Run, configuring Cloud Run services, managing revisions, setting up environment variables, or troubleshooting Cloud Run deployments - focuses on containerized serverless deployments on GCP
☐ Ensure Dockerfile exists and builds successfully
☐ Test container locally with docker run
☐ Verify application listens on PORT environment variable
☐ Check application responds to health checks
Example: Dockerfile for Cloud Run
FROM node:20-slim
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
EXPOSE 8080
CMD ["node", "server.js"]
Application must listen on PORT:
const PORT = process.env.PORT || 8080;
app.listen(PORT, () => {
console.log(`Server listening on port ${PORT}`);
});
☐ Authenticate with Google Cloud: gcloud auth login
☐ Set project: gcloud config set project PROJECT_ID
☐ Build image: gcloud builds submit --tag gcr.io/PROJECT_ID/APP_NAME
☐ Verify image pushed to Container Registry
Using Artifact Registry (recommended):
gcloud builds submit --tag us-docker.pkg.dev/PROJECT_ID/REPO_NAME/APP_NAME:latest
☐ Deploy service with gcloud command ☐ Specify region (e.g., us-central1) ☐ Configure CPU and memory allocation ☐ Set environment variables ☐ Allow unauthenticated access (if public) or configure IAM
Basic deployment:
gcloud run deploy SERVICE_NAME \
--image gcr.io/PROJECT_ID/APP_NAME \
--platform managed \
--region us-central1 \
--allow-unauthenticated
With environment variables:
gcloud run deploy SERVICE_NAME \
--image gcr.io/PROJECT_ID/APP_NAME \
--region us-central1 \
--set-env-vars "DATABASE_URL=postgresql://...,NODE_ENV=production" \
--memory 512Mi \
--cpu 1 \
--max-instances 10
☐ Set minimum instances (0 for cost, 1+ for low latency) ☐ Set maximum instances (limit scaling) ☐ Configure memory (128Mi to 32Gi) ☐ Configure CPU allocation (always vs. during request) ☐ Set timeout (max 3600s)
Scaling configuration:
gcloud run services update SERVICE_NAME \
--min-instances 1 \
--max-instances 100 \
--cpu 2 \
--memory 1Gi \
--timeout 300
☐ Create secrets in Secret Manager ☐ Grant Cloud Run service account access ☐ Mount secrets as environment variables or files
Using Secret Manager:
# Create secret
echo -n "my-secret-value" | gcloud secrets create SECRET_NAME --data-file=-
# Deploy with secret
gcloud run deploy SERVICE_NAME \
--image gcr.io/PROJECT_ID/APP_NAME \
--set-secrets "API_KEY=SECRET_NAME:latest"
☐ Verify domain ownership in GCP ☐ Map domain to Cloud Run service ☐ Update DNS records (A and AAAA records) ☐ Wait for SSL certificate provisioning
Domain mapping:
gcloud run domain-mappings create --service SERVICE_NAME --domain example.com
☐ Check deployment status: gcloud run services describe SERVICE_NAME
☐ Test service URL in browser or with curl
☐ Check logs: gcloud run logs read --service SERVICE_NAME
☐ Monitor metrics in Cloud Console
☐ Verify environment variables loaded correctly
Cloud Run automatically handles this with traffic migration between revisions.
# List revisions
gcloud run revisions list --service SERVICE_NAME
# Route traffic to previous revision
gcloud run services update-traffic SERVICE_NAME --to-revisions REVISION_NAME=100