getsentry · trevor-e · Feb 20, 2026 · Feb 17, 2026 · Feb 18, 2026 · Feb 19, 2026
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,5 @@
+bazel-*
+builds/
+.git
+.circleci
+.github
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,42 @@
+# Build stage — compile everything with Bazel
+FROM ubuntu:24.04 AS builder
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    build-essential \
+    git \
+    openjdk-21-jdk-headless \
+    python3 \
+    curl \
+    zip \
+    unzip \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Bazelisk (manages Bazel version via .bazelversion)
+RUN curl -L https://github.com/bazelbuild/bazelisk/releases/download/v1.25.0/bazelisk-linux-amd64 \
+    -o /usr/local/bin/bazel && chmod +x /usr/local/bin/bazel
+
+RUN useradd -m builder && mkdir -p /output && chown builder /output
+WORKDIR /src
+COPY --chown=builder . .
+
+# Use CI bazelrc for optimized builds
+RUN cp .bazelrc.ci .bazelrc
+
+USER builder
+RUN bazel build :livegrep \
+    && mkdir -p /output \
+    && tar -C /output -xf "$(bazel info bazel-bin)/livegrep.tar"
+
+# Runtime stage
+FROM ubuntu:24.04
+
+RUN apt-get update \
+    && apt-get -y dist-upgrade \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -y \
+        git \
+        openssh-client \
+        ca-certificates \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /output/ /livegrep/
diff --git a/cloudbuild.yaml b/cloudbuild.yaml
@@ -0,0 +1,50 @@
+steps:
+  # Build the container image
+  - name: 'gcr.io/cloud-builders/docker'
+    args:
+      - 'build'
+      - '-t'
+      - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$COMMIT_SHA'
+      - '-t'
+      - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$SHORT_SHA'
+      - '-t'
+      - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:latest'
+      - '.'
+
+  # Push all tags
+  - name: 'gcr.io/cloud-builders/docker'
+    args:
+      - 'push'
+      - '--all-tags'
+      - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image'
+
+  # Deploy to Cloud Run service
+  - name: 'gcr.io/cloud-builders/gcloud'
+    args:
+      - 'run'
+      - 'services'
+      - 'update'
+      - 'livegrep-web-and-server'
+      - '--region=us-west2'
+      - '--image=us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$COMMIT_SHA'
+
+  # Deploy to Cloud Run indexer job
+  - name: 'gcr.io/cloud-builders/gcloud'
+    args:
+      - 'run'
+      - 'jobs'
+      - 'update'
+      - 'livegrep-indexer'
+      - '--region=us-west2'
+      - '--image=us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$COMMIT_SHA'
+
+images:
+  - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$COMMIT_SHA'
+  - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:$SHORT_SHA'
+  - 'us-west2-docker.pkg.dev/$PROJECT_ID/$REPO_NAME/image:latest'
+
+timeout: 3600s
+
+options:
+  machineType: 'E2_HIGHCPU_8'
+  logging: CLOUD_LOGGING_ONLY