Implementation:Mage ai Mage ai GitHub Actions GCP Cloud Run Deploy
| Knowledge Sources | |
|---|---|
| Domains | Deployment, CI_CD, GCP |
| Last Updated | 2026-02-09 00:00 GMT |
Overview
GitHub Actions workflow template for building a Docker image and deploying Mage to Google Cloud Run via Google Artifact Registry.
Description
This GitHub Actions workflow template named "Deploy to GCP Cloud Run" triggers on pushes to the master branch and automates the full build-and-deploy pipeline to Google Cloud Run. The workflow runs a single build-and-deploy job on ubuntu-latest with five steps (plus an optional sixth for DBT docs). It first checks out the repository using actions/checkout@master, then authenticates to Google Cloud using google-github-actions/auth@v0.6.0 with a service account credentials JSON stored in the GCP_CREDENTIALS GitHub secret, requesting an access_token format for Docker authentication. It logs in to the Google Artifact Registry (GAR) Docker registry at ${GAR_LOCATION}-docker.pkg.dev using docker/login-action@v1 with OAuth2 access token authentication. It then builds the Docker image and tags it with the full GAR path including project ID, repository, image name, and the git commit SHA. After pushing the image, it deploys to Cloud Run using google-github-actions/deploy-cloudrun@v0, targeting the specified service name and region. An optional commented-out step is included for deploying a separate DBT docs service using the same image with a -docs suffix appended to the service name. Five environment variables must be configured: GAR_LOCATION, GOOGLE_CLOUD_RUN_SERVICE_NAME, IMAGE, PROJECT_ID, and REPOSITORY.
Usage
Copy this template into your repository's .github/workflows/ directory. Replace the placeholder environment variable values with your actual GCP resource identifiers. Add your GCP service account credentials JSON as a GitHub repository secret named GCP_CREDENTIALS. Optionally uncomment the DBT docs deployment step if you use a separate Cloud Run service for DBT documentation.
Code Reference
Source Location
- Repository: mage-ai
- File: templates/github_actions/build_and_deploy_to_gcp_cloud_run.yml
- Lines: 1-60
Signature
name: Deploy to GCP Cloud Run
on:
push:
branches:
- master
env:
GAR_LOCATION: GAR_LOCATION
GOOGLE_CLOUD_RUN_SERVICE_NAME: GOOGLE_CLOUD_RUN_SERVICE_NAME
IMAGE: IMAGE
PROJECT_ID: PROJECT_ID
REPOSITORY: REPOSITORY
jobs:
build-and-deploy:
name: Build, Publish, and Deploy
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Authenticate to Google Cloud
- name: Docker login
- name: Docker build
- name: Docker push
- name: Deploy to Cloud Run
# Optional: Deploy DBT docs service
Import
# Template file - copy to your project's GitHub Actions workflow directory
# cp templates/github_actions/build_and_deploy_to_gcp_cloud_run.yml \
# .github/workflows/deploy_to_cloud_run.yml
I/O Contract
Inputs
| Name | Type | Required | Description |
|---|---|---|---|
| GAR_LOCATION | workflow env var | Yes | Google Artifact Registry region (e.g., us-central1); also used as the Cloud Run deployment region
|
| GOOGLE_CLOUD_RUN_SERVICE_NAME | workflow env var | Yes | Name of the Cloud Run service to deploy to |
| IMAGE | workflow env var | Yes | Docker image name within the GAR repository |
| PROJECT_ID | workflow env var | Yes | Google Cloud project ID |
| REPOSITORY | workflow env var | Yes | Google Artifact Registry repository name |
| GCP_CREDENTIALS | GitHub secret | Yes | GCP service account credentials JSON for authentication and deployment |
Outputs
| Name | Type | Description |
|---|---|---|
| Docker image | GAR image | Docker image tagged with the git commit SHA pushed to Google Artifact Registry at ${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}
|
| Cloud Run deployment | GCP Cloud Run service | Cloud Run service updated with the new container image revision |
| DBT docs service (optional) | GCP Cloud Run service | Optional separate Cloud Run service for DBT documentation (commented out by default) |
Workflow Steps
- Checkout -- Clones the repository using
actions/checkout@master - Authenticate to Google Cloud -- Authenticates using
google-github-actions/auth@v0.6.0with theGCP_CREDENTIALSsecret inaccess_tokenformat - Docker login -- Logs in to the GAR Docker registry at
${GAR_LOCATION}-docker.pkg.devusing the OAuth2 access token from the auth step - Docker build -- Builds the Docker image and tags it as
${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA} - Docker push -- Pushes the tagged image to Google Artifact Registry
- Deploy to Cloud Run -- Deploys the image to the specified Cloud Run service in the
${GAR_LOCATION}region usinggoogle-github-actions/deploy-cloudrun@v0 - (Optional) Deploy DBT docs -- Commented-out step to deploy the same image to a separate Cloud Run service named
${GOOGLE_CLOUD_RUN_SERVICE_NAME}-docs
Docker Image Path
The full Docker image path follows the Google Artifact Registry convention:
${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}
For example: us-central1-docker.pkg.dev/my-project/mage-repo/mage-ai:abc123def456
Usage Examples
# .github/workflows/deploy_to_cloud_run.yml
name: Deploy to GCP Cloud Run
on:
push:
branches:
- master
env:
GAR_LOCATION: us-central1
GOOGLE_CLOUD_RUN_SERVICE_NAME: mage-ai-service
IMAGE: mage-ai
PROJECT_ID: my-gcp-project-id
REPOSITORY: mage-ai-repo
jobs:
build-and-deploy:
name: Build, Publish, and Deploy
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@master
# ... remaining steps as in template
# To enable DBT docs deployment, uncomment the optional step:
- id: deploy-docs
uses: google-github-actions/deploy-cloudrun@v0
with:
service: ${{ env.GOOGLE_CLOUD_RUN_SERVICE_NAME }}-docs
image: ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.REPOSITORY }}/${{ env.IMAGE }}:${{ github.sha }}
region: ${{ env.GAR_LOCATION }}