Build and push a Docker image with Cloud Build

Learn how to get started with Cloud Build by building a Docker image and pushing the image to Artifact Registry. Artifact Registry provides a single location for managing private packages and Docker container images.

You will first build the image using a Dockerfile, which is the Docker configuration file, and then build the same image using the Cloud Build configuration file.

To follow step-by-step guidance for this task directly in the Cloud Shell Editor, click Guide me:

Guide me

Before you begin

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Make sure that billing is enabled for your Google Cloud project.

  4. Enable the Cloud Build, Compute Engine and Artifact Registry APIs.

    Enable the APIs

  5. Install the Google Cloud CLI.

  6. To initialize the gcloud CLI, run the following command: 

    gcloud init

  7. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  8. Make sure that billing is enabled for your Google Cloud project.

  9. Enable the Cloud Build, Compute Engine and Artifact Registry APIs.

    Enable the APIs

  10. Install the Google Cloud CLI.

  11. To initialize the gcloud CLI, run the following command: 

    gcloud init
  12. Make sure the default Compute Engine service account has sufficient permissions.
    1. Add the storage.admin role: 
      gcloud projects add-iam-policy-binding PROJECT_ID \
    --member=serviceAccount:$(gcloud projects describe PROJECT_ID \
    --format="value(projectNumber)")-compute@developer.gserviceaccount.com \
    --role="roles/storage.admin"
    2. Add the artifactregistry.writer role: 
      gcloud projects add-iam-policy-binding PROJECT_ID \
    --member=serviceAccount:$(gcloud projects describe PROJECT_ID \
    --format="value(projectNumber)")-compute@developer.gserviceaccount.com \
    --role="roles/artifactregistry.writer"

      3. If you have trouble adding either of these roles, contact your project administrator.

    3. Add the iam.serviceAccountUser role, which includes the actAspermission to deploy to the runtime: 
      gcloud iam service-accounts add-iam-policy-binding $(gcloud projects describe PROJECT_ID \
    --format="value(projectNumber)")-compute@developer.gserviceaccount.com \
    --member=serviceAccount:$(gcloud projects describe PROJECT_ID \
    --format="value(projectNumber)")-compute@developer.gserviceaccount.com \
    --role="roles/iam.serviceAccountUser" \
    --project=PROJECT_ID

Prepare source files to build

You'll need some sample source code to package into a container image. In this section, you'll create a shell script and a Dockerfile. A Dockerfile is a text document that contains instructions for Docker to build an image.

  1. Open a terminal window.

  2. Create a new directory named quickstart-docker and navigate into it:

    mkdir quickstart-docker
cd quickstart-docker

  3. Create a file named quickstart.sh with the following contents:

    echo "Hello, world! The time is $(date)."

  4. Create a file named Dockerfile with the following contents:

    FROM alpine
COPY quickstart.sh /
CMD ["/quickstart.sh"]

  5. In the terminal window, run the following command to make quickstart.sh executable:

    chmod +x quickstart.sh

Create a Docker repository in Artifact Registry

  1. Create a new Docker repository named quickstart-docker-repo in the location us-west2 with the description "Docker repository":

    gcloud artifacts repositories create quickstart-docker-repo --repository-format=docker \
    --location=us-west2 --description="Docker repository"

  2. Verify that your repository was created:

    gcloud artifacts repositories list

    You will see quickstart-docker-repo in the list of displayed repositories.

Build an image using Dockerfile

Cloud Build allows you to build a Docker image using a Dockerfile. You don't require a separate Cloud Build config file.

To build using a Dockerfile:

  1. Get your Google Cloud project ID by running the following command:

    gcloud config get-value project

  2. Run the following command from the directory containing quickstart.sh and Dockerfile:

    gcloud builds submit --region=us-west2 --tag us-west2-docker.pkg.dev/PROJECT_ID/quickstart-docker-repo/quickstart-image:tag1

After the build is complete, you will see an output similar to the following:

DONE
------------------------------------------------------------------------------------------------------------------------------------
ID                                    CREATE_TIME                DURATION  SOURCE   IMAGES     STATUS
545cb89c-f7a4-4652-8f63-579ac974be2e  2020-11-05T18:16:04+00:00  16S       gs://gcb-docs-project_cloudbuild/source/1604600163.528729-b70741b0f2d0449d8635aa22893258fe.tgz  us-west2-docker.pkg.dev/gcb-docs-project/quickstart-docker-repo/quickstart-image:tag1  SUCCESS

You've just built a Docker image named quickstart-image using a Dockerfile and pushed the image to Artifact Registry.

Build an image using a build config file

In this section you will use a Cloud Build config file to build the same Docker image as above. The build config file instructs Cloud Build to perform tasks based on your specifications.

  1. In the same directory that contains quickstart.sh and the Dockerfile, create a file named cloudbuild.yaml with the following contents. This file is your build config file. At build time, Cloud Build automatically replaces $PROJECT_ID with your project ID.

    steps:
- name: 'gcr.io/cloud-builders/docker'
  script: |
    docker build -t us-west2-docker.pkg.dev/$PROJECT_ID/quickstart-docker-repo/quickstart-image:tag1 .
  automapSubstitutions: true
images:
- 'us-west2-docker.pkg.dev/$PROJECT_ID/quickstart-docker-repo/quickstart-image:tag1'

  2. Start the build by running the following command:

    gcloud builds submit --region=us-west2 --config cloudbuild.yaml

When the build is complete, you will see an output similar to the following:

DONE
------------------------------------------------------------------------------------------------------------------------------------
ID                                    CREATE_TIME                DURATION  SOURCE          IMAGES          STATUS
046ddd31-3670-4771-9336-8919e7098b11  2020-11-05T18:24:02+00:00  15S       gs://gcb-docs-project_cloudbuild/source/1604600641.576884-8153be22c94d438aa86c78abf11403eb.tgz  us-west2-docker.pkg.dev/gcb-docs-project/quickstart-docker-repo/quickstart-image:tag1  SUCCESS

You've just built quickstart-image using the build config file and pushed the image to Artifact Registry.

View build details

  1. Open the Cloud Build page in the Google Cloud console.

    Open the Cloud Build page

  2. If necessary, select your project and click Open.

    You will see the Build history page:

    Screenshot of the build history page

  3. If necessary, select us-west2in the Region drop-down menu to view builds in that region.

    There will be two builds listed, one for each of the builds you executed in this quickstart.

  4. Click one of the builds.

    You will see the Build details page.

  5. To view the artifacts of your build, under Build Summary, click Build Artifacts.

    You will see an output similar to the following:

    Screenshot of build artifacts

    You can download your build log and view your image details in Artifact Registry from this page.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used on this page, follow these steps.

  1. Open the Artifact Registry page in the Google Cloud console.

    Open the Artifact Registry page

  2. Select your project and click Open.

  3. Select quickstart-docker-repo.

  4. Click Delete.

You have now deleted the repository that you created as part of this quickstart.

What's next