GCP Setup Commands for Coditect V5
Project ID: serene-voltage-464305-n2
Prerequisites Check​
# Set project
gcloud config set project serene-voltage-464305-n2
# Verify project
gcloud config get-value project
# Check current infrastructure
gcloud container clusters list
gcloud compute addresses list
gcloud secrets list
Expected Existing Infrastructure​
From CLAUDE.md, these should already exist:
- ✅ GKE cluster:
codi-poc-e2-cluster(us-central1-a) - ✅ FoundationDB:
10.128.0.8:4500(3-node StatefulSet) - ✅ Domain/SSL:
coditect.ai(34.8.51.57, Google-managed cert) - ✅ Container Registry:
gcr.io/serene-voltage-464305-n2
New Setup Required for V5 Backend​
1. Enable Required APIs​
gcloud services enable \
run.googleapis.com \
cloudbuild.googleapis.com \
artifactregistry.googleapis.com \
secretmanager.googleapis.com \
vpcaccess.googleapis.com \
compute.googleapis.com
2. Create Artifact Registry (for Docker images)​
# Create repository for backend images
gcloud artifacts repositories create coditect-images \
--repository-format=docker \
--location=us-central1 \
--description="Coditect V5 container images"
# Verify
gcloud artifacts repositories list --location=us-central1
3. Create JWT Secret​
# Generate secure random key
openssl rand -base64 32 > jwt-secret.txt
# Create secret in Secret Manager
gcloud secrets create jwt-secret \
--data-file=jwt-secret.txt \
--replication-policy=automatic
# Verify secret was created
gcloud secrets versions list jwt-secret
# Clean up local file
rm jwt-secret.txt
4. Create VPC Connector (for FoundationDB access)​
# Check existing VPC network
gcloud compute networks list
# Create VPC Access Connector
gcloud compute networks vpc-access connectors create fdb-connector \
--region=us-central1 \
--network=default \
--range=10.8.0.0/28 \
--min-instances=2 \
--max-instances=10
# Verify connector
gcloud compute networks vpc-access connectors describe fdb-connector --region=us-central1
5. Grant Cloud Build Permissions​
# Get Cloud Build service account
PROJECT_ID="serene-voltage-464305-n2"
CLOUD_BUILD_SA="${PROJECT_ID}@cloudbuild.gserviceaccount.com"
# Grant Cloud Run Admin role
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${CLOUD_BUILD_SA} \
--role=roles/run.admin
# Grant Service Account User role
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${CLOUD_BUILD_SA} \
--role=roles/iam.serviceAccountUser
# Grant Secret Manager Accessor role
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${CLOUD_BUILD_SA} \
--role=roles/secretmanager.secretAccessor
# Verify IAM bindings
gcloud projects get-iam-policy ${PROJECT_ID} \
--flatten="bindings[].members" \
--filter="bindings.members:${CLOUD_BUILD_SA}"
6. Get FoundationDB Cluster File​
# Get cluster file from existing FDB pods
kubectl get pods -n default | grep fdb
# Copy cluster file from FDB pod (replace POD_NAME)
kubectl exec -it <FDB_POD_NAME> -- cat /var/dynamic-conf/fdb.cluster > backend/fdb.cluster
# Example if pod name is foundationdb-0:
kubectl exec -it foundationdb-0 -- cat /var/dynamic-conf/fdb.cluster > backend/fdb.cluster
# Verify file
cat backend/fdb.cluster
7. Create Cloud Build Trigger​
# Create trigger for backend changes (manual - easier to manage)
gcloud builds triggers create github \
--name=coditect-v5-backend \
--repo-name=LM-Studio-multiple-llm-IDE \
--repo-owner=coditect-ai \
--branch-pattern=^main$ \
--build-config=backend/cloudbuild.yaml \
--included-files=backend/**
# Verify trigger
gcloud builds triggers list
Manual Build and Deploy​
Build Backend Image Locally​
cd backend
# Build with Cloud Build
gcloud builds submit --config cloudbuild.yaml
# Or build locally with Docker
docker build -t us-central1-docker.pkg.dev/serene-voltage-464305-n2/coditect-images/coditect-v5-api:latest .
# Authenticate Docker
gcloud auth configure-docker us-central1-docker.pkg.dev
# Push image
docker push us-central1-docker.pkg.dev/serene-voltage-464305-n2/coditect-images/coditect-v5-api:latest
Deploy to Cloud Run​
# Get FDB cluster file content (will be passed as env var or mounted)
FDB_CLUSTER=$(cat backend/fdb.cluster)
# Deploy to Cloud Run
gcloud run deploy coditect-v5-api \
--image=us-central1-docker.pkg.dev/serene-voltage-464305-n2/coditect-images/coditect-v5-api:latest \
--region=us-central1 \
--platform=managed \
--allow-unauthenticated \
--port=8080 \
--memory=512Mi \
--cpu=1 \
--min-instances=0 \
--max-instances=10 \
--concurrency=80 \
--timeout=300s \
--set-env-vars=HOST=0.0.0.0,PORT=8080,RUST_LOG=info,FDB_CLUSTER_FILE=/app/fdb.cluster \
--set-secrets=JWT_SECRET=jwt-secret:latest \
--vpc-connector=fdb-connector
# Get service URL
gcloud run services describe coditect-v5-api --region=us-central1 --format='value(status.url)'
Testing the Deployment​
# Get the service URL
SERVICE_URL=$(gcloud run services describe coditect-v5-api --region=us-central1 --format='value(status.url)')
# Test health endpoint
curl $SERVICE_URL/api/v5/health
# Expected response:
# {"success":true,"data":{"status":"healthy","service":"coditect-v5-api"}}
# Test registration
curl -X POST $SERVICE_URL/api/v5/auth/register \
-H "Content-Type: application/json" \
-d '{
"email":"test@example.com",
"password":"password123",
"firstName":"Test",
"lastName":"User"
}'
# Test login
curl -X POST $SERVICE_URL/api/v5/auth/login \
-H "Content-Type: application/json" \
-d '{
"email":"test@example.com",
"password":"password123"
}'
Monitoring and Logs​
# View Cloud Run logs
gcloud run services logs read coditect-v5-api --region=us-central1 --limit=50
# View Cloud Build logs
gcloud builds list --limit=5
# Stream logs in real-time
gcloud run services logs tail coditect-v5-api --region=us-central1
Troubleshooting​
Cloud Build fails​
# Check Cloud Build service account permissions
gcloud projects get-iam-policy serene-voltage-464305-n2 \
--flatten="bindings[].members" \
--filter="bindings.members:serene-voltage-464305-n2@cloudbuild.gserviceaccount.com"
# View specific build logs
gcloud builds log <BUILD_ID>
Cloud Run can't connect to FoundationDB​
# Verify VPC connector
gcloud compute networks vpc-access connectors describe fdb-connector --region=us-central1
# Check FDB is accessible from GKE
kubectl get pods -l app=foundationdb
kubectl exec -it <FDB_POD> -- fdbcli --exec status
# Verify FDB cluster file is correct
cat backend/fdb.cluster
JWT Secret not accessible​
# Verify secret exists
gcloud secrets versions list jwt-secret
# Check Cloud Run service account has access
gcloud secrets get-iam-policy jwt-secret
# Grant access if needed
gcloud secrets add-iam-policy-binding jwt-secret \
--member=serviceAccount:<CLOUD_RUN_SERVICE_ACCOUNT> \
--role=roles/secretmanager.secretAccessor
Cleanup (for testing)​
# Delete Cloud Run service
gcloud run services delete coditect-v5-api --region=us-central1
# Delete VPC connector
gcloud compute networks vpc-access connectors delete fdb-connector --region=us-central1
# Delete Artifact Registry repository
gcloud artifacts repositories delete coditect-images --location=us-central1
# Delete secret
gcloud secrets delete jwt-secret
References​
- Project Infrastructure: See
CLAUDE.mdline 33-38 - V5 Roadmap: See
docs/corrected-execution-order.md - Deployment Guide: See
docs/deployment.md - Backend Integration: See
docs/backend-integration.md