Add Cloud Build deployment script and permission setup helper

- deploy-cloud-build.sh: Uses Cloud Build service (no local Docker needed)
- setup-gcp-permissions.sh: Helper to create project and enable APIs
- Updated cloudbuild.yaml with better substitutions
- QUICK_DEPLOY.md: Troubleshooting guide for permission issues

QUICK_DEPLOY.md

@@ -0,0 +1,104 @@
+# Quick Deploy to Google Cloud Run
+
+## Current Status
+
+**Issue**: Permission denied on project `light-quest-475608-k7`
+
+## Quick Fix Options
+
+### Option 1: Fix Permissions (Recommended)
+
+1. **Grant yourself permissions** on the existing project:
+   - Visit: https://console.cloud.google.com/iam-admin/iam/project?project=light-quest-475608-k7
+   - Add role: `Editor` or `Owner` to your account (`jameswilsonlearnsrocode@gmail.com`)
+   - Wait 2-3 minutes for propagation
+
+2. **Enable APIs**:
+   ```bash
+   gcloud services enable cloudbuild.googleapis.com run.googleapis.com containerregistry.googleapis.com --project=light-quest-475608-k7
+   ```
+
+3. **Deploy**:
+   ```bash
+   cd Milestone-6/router-agent/zero-gpu-space
+   ./deploy-cloud-build.sh
+   ```
+
+### Option 2: Create New Project
+
+```bash
+# Run setup helper
+./setup-gcp-permissions.sh
+
+# Or manually:
+gcloud projects create router-agent-deploy --name="Router Agent Deployment"
+gcloud config set project router-agent-deploy
+gcloud services enable cloudbuild.googleapis.com run.googleapis.com containerregistry.googleapis.com
+
+# Then deploy
+./deploy-cloud-build.sh
+```
+
+### Option 3: Use Different Account/Project
+
+If you have access to another project:
+
+```bash
+export GCP_PROJECT_ID="your-other-project-id"
+gcloud config set project ${GCP_PROJECT_ID}
+./deploy-cloud-build.sh
+```
+
+## Manual Deployment Steps
+
+If scripts don't work, deploy manually:
+
+```bash
+# 1. Set project
+gcloud config set project YOUR_PROJECT_ID
+
+# 2. Enable APIs (if not already enabled)
+gcloud services enable cloudbuild.googleapis.com run.googleapis.com containerregistry.googleapis.com
+
+# 3. Submit build
+cd Milestone-6/router-agent/zero-gpu-space
+gcloud builds submit --config=cloudbuild.yaml .
+
+# 4. Or build and deploy separately
+gcloud builds submit --tag gcr.io/YOUR_PROJECT_ID/router-agent:latest .
+gcloud run deploy router-agent \
+    --image gcr.io/YOUR_PROJECT_ID/router-agent:latest \
+    --platform managed \
+    --region us-central1 \
+    --allow-unauthenticated \
+    --port 7860 \
+    --memory 8Gi \
+    --cpu 4
+```
+
+## Required Permissions
+
+Your account needs these roles:
+- `roles/cloudbuild.builds.editor` - To build images
+- `roles/run.admin` - To deploy to Cloud Run
+- `roles/serviceusage.serviceUsageConsumer` - To enable APIs
+- `roles/storage.admin` - To push to Container Registry
+
+Or use `roles/editor` or `roles/owner` for full access.
+
+## Troubleshooting
+
+**Permission Denied**: 
+- Check IAM: https://console.cloud.google.com/iam-admin/iam
+- Ensure billing is enabled
+- Wait 2-3 minutes after granting permissions
+
+**API Not Enabled**:
+- Enable manually: https://console.cloud.google.com/apis/library
+- Or use: `gcloud services enable <api-name>`
+
+**Build Fails**:
+- Check logs: `gcloud builds list` then `gcloud builds log BUILD_ID`
+- Ensure Dockerfile is correct
+- Check requirements.txt for compatibility
+

cloudbuild.yaml

@@ -1,25 +1,23 @@
 # Cloud Build configuration for Google Cloud Run
+# Usage: gcloud builds submit --config=cloudbuild.yaml .
+
 steps:
   # Build the container image
   - name: 'gcr.io/cloud-builders/docker'
     args:
       - 'build'
       - '-t'
-      - 'gcr.io/$PROJECT_ID/router-agent:$COMMIT_SHA'
-      - '-t'
       - 'gcr.io/$PROJECT_ID/router-agent:latest'
+      - '-t'
+      - 'gcr.io/$PROJECT_ID/router-agent:$SHORT_SHA'
       - '.'
 
   # Push the container image
   - name: 'gcr.io/cloud-builders/docker'
     args:
       - 'push'
-      - 'gcr.io/$PROJECT_ID/router-agent:$COMMIT_SHA'
-
-  - name: 'gcr.io/cloud-builders/docker'
-    args:
-      - 'push'
-      - 'gcr.io/$PROJECT_ID/router-agent:latest'
+      - '--all-tags'
+      - 'gcr.io/$PROJECT_ID/router-agent'
 
   # Deploy to Cloud Run (CPU only - for GPU use Compute Engine)
   - name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
@@ -29,11 +27,11 @@ steps:
       - 'deploy'
       - 'router-agent'
       - '--image'
-      - 'gcr.io/$PROJECT_ID/router-agent:$COMMIT_SHA'
+      - 'gcr.io/$PROJECT_ID/router-agent:latest'
       - '--platform'
       - 'managed'
       - '--region'
-      - 'us-central1'
+      - '${_REGION}'
       - '--allow-unauthenticated'
       - '--port'
       - '7860'
@@ -43,12 +41,17 @@ steps:
       - '4'
       - '--timeout'
       - '3600'
+      - '--max-instances'
+      - '10'
       - '--set-env-vars'
       - 'GRADIO_SERVER_NAME=0.0.0.0,GRADIO_SERVER_PORT=7860'
 
 images:
-  - 'gcr.io/$PROJECT_ID/router-agent:$COMMIT_SHA'
   - 'gcr.io/$PROJECT_ID/router-agent:latest'
+  - 'gcr.io/$PROJECT_ID/router-agent:$SHORT_SHA'
+
+substitutions:
+  _REGION: 'us-central1'
 
 options:
   machineType: 'E2_HIGHCPU_8'

deploy-cloud-build.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+# Deploy using Cloud Build (no local Docker required)
+# This uses Google Cloud Build service to build and deploy
+
+set -e
+
+PROJECT_ID=${GCP_PROJECT_ID:-"light-quest-475608-k7"}
+REGION=${GCP_REGION:-"us-central1"}
+SERVICE_NAME="router-agent"
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+echo -e "${GREEN}🚀 Deploying Router Agent to Cloud Run using Cloud Build${NC}"
+
+# Check if gcloud is installed
+if ! command -v gcloud &> /dev/null; then
+    echo -e "${RED}❌ gcloud CLI not found. Please install it: https://cloud.google.com/sdk/docs/install${NC}"
+    exit 1
+fi
+
+# Set project
+echo -e "${YELLOW}📋 Setting project to ${PROJECT_ID}...${NC}"
+gcloud config set project ${PROJECT_ID}
+
+# Check if Cloud Build API is enabled
+echo -e "${YELLOW}📋 Checking Cloud Build API...${NC}"
+if ! gcloud services list --enabled --filter="name:cloudbuild.googleapis.com" --format="value(name)" | grep -q cloudbuild; then
+    echo -e "${YELLOW}⚠️  Cloud Build API not enabled. Attempting to enable...${NC}"
+    gcloud services enable cloudbuild.googleapis.com run.googleapis.com containerregistry.googleapis.com || {
+        echo -e "${RED}❌ Failed to enable APIs. Please enable them manually:${NC}"
+        echo -e "${YELLOW}   https://console.cloud.google.com/apis/library/cloudbuild.googleapis.com?project=${PROJECT_ID}${NC}"
+        exit 1
+    }
+fi
+
+# Submit build to Cloud Build
+echo -e "${GREEN}📦 Submitting build to Cloud Build...${NC}"
+COMMIT_SHA=$(git rev-parse --short HEAD 2>/dev/null || echo "latest")
+
+gcloud builds submit --config=cloudbuild.yaml \
+    --substitutions=_SERVICE_NAME=${SERVICE_NAME},_REGION=${REGION},COMMIT_SHA=${COMMIT_SHA} \
+    . || {
+    echo -e "${YELLOW}⚠️  Cloud Build failed. Trying alternative approach...${NC}"
+    
+    # Alternative: Build and deploy separately
+    echo -e "${GREEN}📦 Building image with Cloud Build...${NC}"
+    gcloud builds submit --tag gcr.io/${PROJECT_ID}/${SERVICE_NAME}:latest . || {
+        echo -e "${RED}❌ Build failed. Please check:${NC}"
+        echo -e "${YELLOW}   1. Cloud Build API is enabled${NC}"
+        echo -e "${YELLOW}   2. You have permissions (roles/cloudbuild.builds.editor)${NC}"
+        echo -e "${YELLOW}   3. Billing is enabled for the project${NC}"
+        exit 1
+    }
+    
+    echo -e "${GREEN}🚀 Deploying to Cloud Run...${NC}"
+    gcloud run deploy ${SERVICE_NAME} \
+        --image gcr.io/${PROJECT_ID}/${SERVICE_NAME}:latest \
+        --platform managed \
+        --region ${REGION} \
+        --allow-unauthenticated \
+        --port 7860 \
+        --memory 8Gi \
+        --cpu 4 \
+        --timeout 3600 \
+        --max-instances 10 \
+        --set-env-vars "GRADIO_SERVER_NAME=0.0.0.0,GRADIO_SERVER_PORT=7860" \
+        --quiet || {
+        echo -e "${RED}❌ Deployment failed. Please check:${NC}"
+        echo -e "${YELLOW}   1. Cloud Run API is enabled${NC}"
+        echo -e "${YELLOW}   2. You have permissions (roles/run.admin)${NC}"
+        exit 1
+    }
+}
+
+echo -e "${GREEN}✅ Deployment complete!${NC}"
+SERVICE_URL=$(gcloud run services describe ${SERVICE_NAME} --platform managed --region ${REGION} --format 'value(status.url)' 2>/dev/null || echo "Check Cloud Console")
+echo -e "${GREEN}🌐 Service URL: ${SERVICE_URL}${NC}"
+

setup-gcp-permissions.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# Script to help set up GCP permissions and create a new project if needed
+
+set -e
+
+PROJECT_ID=${GCP_PROJECT_ID:-"light-quest-475608-k7"}
+
+echo "🔧 GCP Setup Helper"
+echo "=================="
+echo ""
+echo "Current project: ${PROJECT_ID}"
+echo ""
+
+# Option 1: Create a new project
+read -p "Create a new project? (y/N): " -n 1 -r
+echo
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    read -p "Enter new project ID (lowercase, hyphens only): " NEW_PROJECT_ID
+    read -p "Enter project name: " PROJECT_NAME
+    
+    echo "Creating project..."
+    gcloud projects create ${NEW_PROJECT_ID} --name="${PROJECT_NAME}" || {
+        echo "❌ Failed to create project. It may already exist or you don't have permission."
+        exit 1
+    }
+    
+    echo "Setting as active project..."
+    gcloud config set project ${NEW_PROJECT_ID}
+    
+    echo "Enabling billing (you'll need to do this manually)..."
+    echo "Visit: https://console.cloud.google.com/billing/linkedaccount?project=${NEW_PROJECT_ID}"
+    read -p "Press Enter after enabling billing..."
+    
+    PROJECT_ID=${NEW_PROJECT_ID}
+fi
+
+# Enable required APIs
+echo ""
+echo "Enabling required APIs..."
+gcloud services enable \
+    cloudbuild.googleapis.com \
+    run.googleapis.com \
+    containerregistry.googleapis.com \
+    --project=${PROJECT_ID} || {
+    echo "⚠️  Failed to enable APIs. You may need:"
+    echo "   1. Billing enabled: https://console.cloud.google.com/billing?project=${PROJECT_ID}"
+    echo "   2. Permissions: roles/serviceusage.serviceUsageConsumer"
+    echo "   3. Owner role on the project"
+    exit 1
+}
+
+echo ""
+echo "✅ Setup complete!"
+echo "   Project ID: ${PROJECT_ID}"
+echo ""
+echo "Next steps:"
+echo "   1. Set HF_TOKEN secret (if using private models)"
+echo "   2. Run: ./deploy-cloud-build.sh"
+echo ""
+