Skip to main content

πŸš€ SmartSRE Setup Instructions

SmartSRE now runs either entirely on your workstation (local mode) or entirely in Google Cloud (Cloud Run + Cloud SQL). Hybrid combinations are no longer supported. Pick the workflow that matches your environment.

Option A β€” Local Development (All Services Local)​

  1. Clone the repository and create a virtualenv 
    git clone https://github.com/your-org/smartsre.git
    cd smartsre
    python3 -m venv .venv
    .venv/bin/pip install -r requirements.txt
  2. Run the backend 
    .venv/bin/uvicorn src.api.main:app --reload --host 0.0.0.0 --port 8081
  3. Start the frontend 
    cd frontend
    npm install
    npm run dev
  4. Configure impersonation (required)
    • Set PLATFORM_SERVICE_ACCOUNT in .env.local to the platform identity that will impersonate tenant service accounts, e.g.:
      • PLATFORM_SERVICE_ACCOUNT=smartsre-platform@your-platform-project.iam.gserviceaccount.com
    • Ensure ADC is available so your local principal can mint impersonation tokens: 
      gcloud auth application-default login
    • If using docker compose, ADC is mounted into the backend container via ~/.config/gcloud.
  5. Browse the app

Backend agents execute in-process using impersonation-only. No service account keys are used. Ensure the platform identity has roles/iam.serviceAccountTokenCreator on the tenant service account and your local ADC can act as the source principal.

Option B β€” Cloud Deployment (All Services on GCP)​

  1. Configure gcloud 
    gcloud auth login
    gcloud config set project <YOUR_PROJECT_ID>
    gcloud auth application-default login
  2. Run the Cloud Build + Terraform pipeline 
    gcloud builds submit \
      --config ci/cloudbuild/infra.yaml \
      --substitutions _PROJECT_ID=<YOUR_PROJECT_ID>,_REGION=us-central1
    This builds the container image, deploys Cloud Run, provisions Cloud SQL, applies IAM bindings, and runs database migrations.
  3. Seed configuration
    • Set PLATFORM_SERVICE_ACCOUNT, GOOGLE_CLOUD_PROJECT, and other settings in the Cloud Run service via the Terraform variables or the console. Impersonation is required.
  4. Access the deployment
    • The Cloud Build output logs the Cloud Run URL. Visit https://<service>.run.app/health to verify the API and point the frontend to the same base URL (see frontend/.env.frontend).

With the Cloud deployment, agents execute in the same Cloud Run serviceβ€”no separate runner is required. The application uses service-account impersonation to reach tenant projects; make sure the deployed service account has the necessary IAM roles.

Troubleshooting​

  • Local mode: verify .venv/bin/python -m pytest tests/test_api.py and ensure Redis/Postgres containers are running if you rely on compose.
  • Cloud mode: inspect Cloud Run logs (gcloud logs tail --service=smartsre-agents) and confirm Cloud SQL connectivity.

Need to reset the stack? Use docker compose down locally or rerun the Cloud Build pipeline to redeploy.