This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Restrict cloud run job to edit container command and container argument

Posted on 12-18-2023 11:02 PM
FalconSid
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hello All,

I am looking for solution where I am. Running my python code container inside cloud run job and I have given the container command and argument as below

container command - python 

container argument - main.py

While creating docker image I also restricted entrypoint script to run only this command and it is tested using docker run command and working 

but when I change the container argument in cloud run job its override is there anyway to restrict container argument not editable or not override with any different argument other tha. Main.py 

Thanks in advance 

0 2 845
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
christianpaula
Staff
Reply posted on --/--/---- --:-- AM

Hi @FalconSid,

Welcome to Google Cloud Community!

Cloud Run doesn't directly offer a way to prevent container command and argument edits, here are strategies to effectively achieve this goal:

  1. Dockerfile Entrypoint:

    • Set ENTRYPOINT to explicitly run python main.py.
      Exclude CMD to avoid overrides.

  2. Cloud Run Job Configuration:

    • Omit the args field when creating/updating jobs.

  3. Security Measures:

    • Enforce IAM permissions for job configuration modifications.
    • Use Cloud Build triggers for automated deployments.

  4. Alternative Solutions:

    • Explore Cloud Run services for greater control.
    • Enforce image immutability in Container Registry.

Remember:

  • Test configurations thoroughly.
  • Monitor jobs for unexpected changes.
  • Document deployment processes and standards.

By implementing these approaches, you can effectively restrict edits and ensure consistent execution of your Python code in Cloud Run jobs.

Posted on --/--/---- --:-- AM
FalconSid
Bronze 3
Bronze 3
In response to christianpaula
Reply posted on --/--/---- --:-- AM

I have configure the docker image with entryoint still cloud run job overrides this value, if yiu any example docker file how to restrict it via Docker image that would be very helpful.

thanks

0 Likes
Top Solution Authors
View all