DEV Community

Jonathan Huang
Jonathan Huang

Posted on

Google Agent Development Kit (ADK) Introduction (6): Deploy to Google Cloud

#googlecloud #programming #adk

Learning Objectives

  • Master container deployment and autoscaling on Google Cloud Run, including secure key management.
  • Implement performance monitoring and cost control using Cloud Monitoring and Grafana.

Task Overview

  1. Application Containerization: Package the Streamlit Agent as a Docker image, manage credentials.json/token.json securely with Secret Manager, and deploy to Cloud Run.
  2. Performance Monitoring: Set up Cloud Monitoring and Grafana.
  3. Environment Setup: Install Google Cloud SDK and handle Docker image authentication.

Prerequisites: Install and Configure Google Cloud SDK

  • Install following the official documentation.
  • macOS (Homebrew): brew install --cask google-cloud-sdk
  • Initialize: gcloud init (sign in, set or create a project, e.g. adk-learning-journey)
  • Set project: gcloud config set project adk-learning-journey
  • Docker auth: gcloud auth configure-docker
  • Enable required APIs: 
  gcloud services enable secretmanager.googleapis.com \
      artifactregistry.googleapis.com \
      run.googleapis.com \
      iam.googleapis.com \
      cloudbuild.googleapis.com \
      logging.googleapis.com \
      monitoring.googleapis.com
  # If additional APIs are needed (e.g. Calendar, Gemini), enable them as well
  # gcloud services enable calendar-json.googleapis.com
  # gcloud services enable generativelanguage.googleapis.com
Enter fullscreen mode Exit fullscreen mode

Deployment Steps (Detailed)

1. Prepare Application and Security Config

  • requirements.txt: Make sure all required packages are included (such as google-cloud-secret-manager, etc).
  • Sensitive Files: Never include credentials.json or token.json in your Git repo or Docker image. Add them to .gitignore.

Using Secret Manager

A. Upload credentials.json

gcloud secrets create calendar-credentials \
    --project="adk-learning-journey" \
    --replication-policy="automatic" \
    --description="OAuth client credentials for Google Calendar API"
gcloud secrets versions add calendar-credentials \
    --project="adk-learning-journey" \
    --data-file="path/to/credentials.json"
Enter fullscreen mode Exit fullscreen mode

B. Upload token.json

gcloud secrets create calendar-token \
    --project="adk-learning-journey" \
    --replication-policy="automatic" \
    --description="User OAuth token for Google Calendar API"
gcloud secrets versions add calendar-token \
    --project="adk-learning-journey" \
    --data-file="path/to/token.json"
Enter fullscreen mode Exit fullscreen mode

C. Modify your application to read from Secret Manager
Your code should load credentials.json and token.json from Secret Manager (see example).

2. Docker Packaging

Sample Dockerfile (key points):

FROM python:3.12-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
EXPOSE 8080
ENV PYTHONUNBUFFERED 1
ENV GOOGLE_CLOUD_PROJECT "adk-learning-journey"
ENV PORT 8080
CMD streamlit run streamlit_app.py --server.port $PORT --server.address 0.0.0.0
Enter fullscreen mode Exit fullscreen mode

Tip: Use --set-env-vars during Cloud Run deployment to override the project ID for portability.

3. Build & Test Docker Image 

docker build -t $IMAGE_URI .
docker run -p 8080:8080 \
  -e GOOGLE_CLOUD_PROJECT="adk-learning-journey" \
  -e PORT="8080" \
  $IMAGE_URI
# Verify local access via http://localhost:8080
Enter fullscreen mode Exit fullscreen mode

4. Push Image to Artifact Registry (or GCR)

  • Create repository (if not already created): 
  gcloud artifacts repositories create $REPO \
    --project="adk-learning-journey" \
    --repository-format=docker \
    --location=$REGION
Enter fullscreen mode Exit fullscreen mode
  • Push: 
  docker push $IMAGE_URI
Enter fullscreen mode Exit fullscreen mode

5. Deploy to Cloud Run

A. Create Service Account (SA):

gcloud iam service-accounts create meeting-workflow \
  --project="adk-learning-journey" \
  --description="Service account for Meeting Workflow Streamlit Agent" \
  --display-name="Meeting Workflow"
Enter fullscreen mode Exit fullscreen mode

B. Grant Secret Manager access to SA:

gcloud projects add-iam-policy-binding adk-learning-journey \
  --member="serviceAccount:meeting-workflow@adk-learning-journey.iam.gserviceaccount.com" \
  --role="roles/secretmanager.secretAccessor"
Enter fullscreen mode Exit fullscreen mode

C. Deploy to Cloud Run:

gcloud run deploy meeting-scheduler \
  --image gcr.io/adk-learning-journey/meeting-workflow \
  --platform managed \
  --service-account meeting-workflow@adk-learning-journey.iam.gserviceaccount.com \
  --set-env-vars="GOOGLE_CLOUD_PROJECT=adk-learning-journey"
Enter fullscreen mode Exit fullscreen mode

6. Validate Deployment

  • After deployment, open the Cloud Run URL provided by gcloud in your browser to test your service.
  • In Google Cloud Console > Cloud Run > select your service > Logs, check for errors (env vars, secret access, app startup, etc).
profile
Warp
 Promoted

Warp.dev image

The best coding agent. Backed by benchmarks.

Warp outperforms every other coding agent on the market, and gives you full control over which model you use. Get started now for free, or upgrade and unlock 2.5x AI credits on Warp's paid plans.

Download Warp

Top comments (0)