Cloud Building a Python Poetry-based Cloud Function with Python Private GCP Artifact Repo
Over the past few weeks, Python’s Poetry has developed significantly. Specifically, the library has developed the ability to authenticate to Google Cloud Platform’s (GCP) Artifact Repo through a keyring Python library. This was a very exciting discovery for me, as I utilize the GCP Cloud Build CI/CD services at work and also recently started to utilize Python-developed Poetry dependency/package management library. In this post, I will cover the basics of Poetry and how to set up a Python Poetry-based package to utilize a GCP private Artifact Repo in GCP’s Cloud Build service with building a GCP cloud function version.
What is Poetry?
The Python-based library, Poetry, is great! It helps Python developers easily maintain package upgrades/updates, and helps manage dependencies very easily. Additionally, it helps with package management. In essence, Poetry makes all Python developers’ lives easier! Poetry comes as a CLI application that will manage virtual machines, Python package dependencies, and publishing packages. The CLI is easy to use and one can update non-breaking changes for dependencies easily by typing poetry update. If a developer would like to see all of the outdated packages, they would type poetry show -o.
Poetry utilizes two specific file types primarily: .toml and .lock. The .toml file manages how the .lock file is generated/updated. And the .lock file manages the record-keeping of specific versions installed for a particular package.
Now that you know the basics about poetry, let’s jump into developing a basic CI/CD build on Cloud Build that utilizes Poetry and a GCP private Artifact Repo.
In this article, I will not cover GCP Artifact Repo, so I am assuming that you already have a private repo created in the service.
Let’s start by working on our cloudbuild.yaml file. We will want to basically a Python slim docker image and will install Poetry, and a library for authenticating with default credentials, GCP Keyring. As a side note, we will be utilizing an alpha version of Poetry, 1.2.0a2, since the GCP Keyring integration was recently added. After we install the libraries, we will generate a `requirements.txt` file from the Poetry `.lock` file. See below for an example:
From there, we will simply launch a gCloud functions deploy command and this will deploy our cloud function. See below for an example:
Overall, this is all that’s required to deploy a Cloud Function that utilizes an Artifact Repo private Python package. If you run into authentication issues, verify that your Cloud Build service account has Artifact Repo read access to the corresponding project’s repo in IAM.
I hope this article was helpful, thank you for reading. Happy Coding!
