Deployment
This guide covers deploying your StackSolo project to Google Cloud Platform.
Quick Deploy
Section titled “Quick Deploy”stacksolo deployThat’s it. StackSolo handles everything else.
What Happens During Deploy
Section titled “What Happens During Deploy”- Secrets Check - Missing secrets are detected and optionally created
- Validation - Config is validated
- Code Generation - CDKTF/Terraform code is generated
- Build - Container images are built (if any)
- Apply - Terraform applies the infrastructure
- Output - URLs and connection strings are displayed
Deploy Options
Section titled “Deploy Options”Preview Changes
Section titled “Preview Changes”See what would change without actually deploying:
stacksolo deploy --previewSkip Image Building
Section titled “Skip Image Building”If you’ve already built and pushed images:
stacksolo deploy --skip-buildSpecific Image Tag
Section titled “Specific Image Tag”Deploy with a specific container image tag:
stacksolo deploy --tag v1.2.3Force Recreate
Section titled “Force Recreate”Force delete and recreate resources that are stuck:
stacksolo deploy --forceSecrets Management
Section titled “Secrets Management”StackSolo automatically handles secrets referenced with @secret/secret-name in your config.
Using .env.production
Section titled “Using .env.production”Create a .env.production file with your secrets:
# .env.production (add to .gitignore!)OPENAI_API_KEY=sk-...STRIPE_SECRET_KEY=sk_live_...DATABASE_URL=postgres://...Reference them in your config:
{ "functions": [{ "name": "api", "env": { "OPENAI_API_KEY": "@secret/openai-api-key", "STRIPE_SECRET_KEY": "@secret/stripe-secret-key" } }]}During deploy, StackSolo will:
- Check which secrets exist in GCP Secret Manager
- Offer to create missing secrets from
.env.production - Prompt for any secrets not found in
.env.production
$ stacksolo deploy
[1/4] Checking secrets✓ database-url exists✗ openai-api-key missing
Found OPENAI_API_KEY in .env.production? Use this value? (Y/n)
Creating secret: openai-api-key...✓ Created: openai-api-keySee the full Secrets Management Guide for more details.
Generated Code
Section titled “Generated Code”StackSolo generates infrastructure code in .stacksolo/:
CDKTF Backend (GCP):
.stacksolo/├── cdktf/│ ├── main.ts # Infrastructure definition│ ├── cdktf.json # CDKTF config│ └── terraform/ # Generated Terraform└── stacksolo.config.jsonKubernetes Backend with Helm:
.stacksolo/├── helm-chart/│ ├── Chart.yaml # Chart metadata│ ├── values.yaml # Default values│ └── templates/ # K8s manifests└── stacksolo.config.jsonYou can inspect this code to see exactly what will be created.
Helm Charts (Kubernetes)
Section titled “Helm Charts (Kubernetes)”For Kubernetes backend projects, use --helm to generate Helm charts:
stacksolo deploy --helm --previewHelm charts enable:
- Multi-environment deployments via values files (
values-dev.yaml,values-prod.yaml) - GitOps workflows with ArgoCD or Flux
- Rollbacks with
helm rollback - Templated configuration with
--setoverrides
See Helm Plugin for full documentation.
If you want to manage the infrastructure yourself:
- The generated code in
.stacksolo/cdktf/is yours - You can run
cdktf deploydirectly - Or export to plain Terraform with
cdktf synth
State Management
Section titled “State Management”Terraform state is stored locally in .stacksolo/cdktf/terraform.tfstate.
For team environments, consider configuring remote state:
{ "project": { "backend": "cdktf", "stateBackend": { "bucket": "my-terraform-state", "prefix": "stacksolo" } }}GitHub Actions Example
Section titled “GitHub Actions Example”name: Deploy
on: push: branches: [main]
jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4
- uses: actions/setup-node@v4 with: node-version: '20'
- name: Install StackSolo run: npm install -g @stacksolo/cli
- name: Setup GCP Auth uses: google-github-actions/auth@v2 with: credentials_json: ${{ secrets.GCP_SA_KEY }}
- name: Deploy run: stacksolo deployMonitoring Deployment
Section titled “Monitoring Deployment”Check Status
Section titled “Check Status”stacksolo statusView Outputs
Section titled “View Outputs”stacksolo outputView Logs
Section titled “View Logs”stacksolo logs --since 1hView Deploy Events
Section titled “View Deploy Events”StackSolo logs every operation during deployment with millisecond precision. Use stacksolo events to view the event timeline:
# View latest deploy sessionstacksolo events
# List all sessionsstacksolo events list
# Filter by categorystacksolo events show --category terraformExample output:
+--------------+-----------------+------------+----------------------+---------------------+| TIME | PROJECT | CATEGORY | EVENT | DETAILS |+--------------+-----------------+------------+----------------------+---------------------+| 19:55:54.294 | my-app | internal | session_start | deploy || 19:55:54.297 | my-app | internal | phase_start | phase=preflight || 19:56:24.356 | my-app | internal | phase_end | phase=preflight || 19:56:24.358 | my-app | internal | phase_start | phase=apply || 19:56:24.359 | my-app | terraform | apply_start | || 19:57:14.519 | my-app | terraform | apply_end | exit=0 |+--------------+-----------------+------------+----------------------+---------------------+Events are stored in ~/.stacksolo/registry.db and persisted across sessions.
Rollback
Section titled “Rollback”StackSolo doesn’t have built-in rollback, but you can:
- Revert your config changes
- Run
stacksolo deployagain - Or use Terraform directly:
cd .stacksolo/cdktf && terraform apply
Destroy
Section titled “Destroy”Remove all deployed resources:
# With confirmationstacksolo destroy
# Skip confirmationstacksolo destroy --forceWarning: This permanently deletes all resources including databases.
Firebase Hosting for Apps with Firebase Auth
Section titled “Firebase Hosting for Apps with Firebase Auth”If your app uses Firebase Authentication with social providers (Google, Apple, etc.), you should use Firebase Hosting instead of GCS buckets. This avoids cross-origin cookie issues that cause “missing initial state” errors.
Configure Firebase Hosting
Section titled “Configure Firebase Hosting”- Set
hosting: "firebase"in your UI config:
{ "networks": [{ "name": "main", "uis": [{ "name": "web", "hosting": "firebase", "sourceDir": "apps/web" }] }]}- Create a
firebase.jsonin your project root:
{ "hosting": { "public": "apps/web/dist", "ignore": ["firebase.json", "**/.*", "**/node_modules/**"], "rewrites": [ { "source": "**", "destination": "/index.html" } ] }}- Set
authDomainto your Firebase Hosting domain in your app:
VITE_FIREBASE_AUTH_DOMAIN=your-project.web.app- Deploy:
stacksolo deployStackSolo will run firebase deploy --only hosting after the Terraform apply completes.
Prerequisites
Section titled “Prerequisites”- Firebase CLI installed:
npm install -g firebase-tools - Logged in to Firebase:
firebase login - Firebase project initialized:
firebase init
Why Firebase Hosting?
Section titled “Why Firebase Hosting?”Modern browsers block third-party cookies/storage. When your app is hosted on a different domain than Firebase’s authDomain, OAuth redirects fail with “missing initial state” errors. Firebase Hosting ensures same-origin hosting, avoiding these issues.
Troubleshooting
Section titled “Troubleshooting””Permission denied”
Section titled “”Permission denied””Make sure you’re authenticated:
gcloud auth logingcloud auth application-default login“API not enabled”
Section titled ““API not enabled””Enable required APIs:
gcloud services enable cloudfunctions.googleapis.comgcloud services enable cloudbuild.googleapis.comgcloud services enable run.googleapis.comgcloud services enable compute.googleapis.com“Resource already exists”
Section titled ““Resource already exists””The resource may have been created outside of StackSolo. Options:
- Import it:
cd .stacksolo/cdktf && terraform import ... - Delete it manually in GCP Console
- Use
--forceto recreate
State out of sync
Section titled “State out of sync”Reset and reimport:
stacksolo resetstacksolo deploy --refreshNext Steps
Section titled “Next Steps”- CLI Reference - All deploy options
- Configuration Guide - Config reference