build-gcp-artifact-registry-image.yaml

id: build-gcp-artifact-registry-image
namespace: company.team

tasks:
  - id: fetch_auth_token
    type: io.kestra.plugin.gcp.auth.OauthAccessToken
    projectId: your_gcp_project_id
    serviceAccount: "{{ secret('GCP_CREDS') }}"

  - id: build
    type: io.kestra.plugin.docker.Build
    dockerfile: |
      FROM python:3.10
      RUN pip install --upgrade pip
      RUN pip install --no-cache-dir kestra requests "polars[all]"
    tags:
      - europe-west3-docker.pkg.dev/your_gcp_project_id/kestra/polars:latest
    push: true
    credentials:
      username: oauth2accesstoken
      password: "{{ outputs.fetch_auth_token.accessToken.tokenValue }}"

extend:
  title: Build a Docker image and push it to Google Cloud Artifact Registry
  description: >-
    This flow will build a Docker image and push it to a remote container
    registry.

    1. The `dockerfile` parameter is a multiline string that contains the
    Dockerfile content. However, it can also be a path to a file.

    2. The `tags` parameter is a list of tags of the image to build. Make sure
    to replace the `europe-west3` prefix with your GCP region, and adjust the
    rest of the URL to match your Artifact Registry repository.

    3. The `push` parameter is a boolean that indicates whether to push the
    image to GitHub Container Registry.

    4. Make sure to securely store your GCP credentials as secrets or
    environment variables.

    5. Finally, note how we used the `OauthAccessToken` task to fetch an access
    token for the `docker` command. This is necessary because Docker doesn't
    directly support GCP service accounts.
  tags:
    - Docker
    - GCP
  ee: false
  demo: false
  meta_description: This flow will build a Docker image and push it to a remote
    container registry.