Google Cloud Platform & APIs
Deploy Node.js applications on Google Cloud with Cloud Run, Cloud Firestore, and Google APIs. Implement OAuth2 authentication and manage service accounts. Apply when building serverless applications, integrating Google services, or deploying to GCP.
git clone --depth 1 https://github.com/ThamJiaHe/claude-code-handbook /tmp/google-cloud-platform-apis && cp -r /tmp/google-cloud-platform-apis/skills/examples/google-cloud-platform- ~/.claude/skills/google-cloud-platform-apisgoogle-cloud-platform-skill.md
# Google Cloud Platform & APIs
Systematic GCP deployment for Node.js applications with serverless architecture and Google API integration.
## Overview
This Skill enforces:
- Cloud Run for serverless deployments
- Cloud Firestore for document storage
- Realtime Database for real-time data
- OAuth 2.0 authentication (user and service accounts)
- Service account management
- Google APIs integration
- Auto-scaling and cost optimization
- Security and access control
Apply when deploying to GCP, integrating Google services, or building serverless applications.
## Google Cloud Setup
### Create GCP Project
```bash
# Create project
gcloud projects create my-project --name="My Project"
# Set as active project
gcloud config set project my-project
# Enable services
gcloud services enable run.googleapis.com
gcloud services enable firestore.googleapis.com
gcloud services enable cloudfunctions.googleapis.com
gcloud services enable cloudtasks.googleapis.com
```
## Cloud Run Deployment
### Deploy Node.js Application
```bash
# Build and deploy
gcloud run deploy my-app \
--source . \
--platform managed \
--region us-central1 \
--allow-unauthenticated \
--set-env-vars NODE_ENV=production
# Check deployment
gcloud run services list
gcloud run services describe my-app --region us-central1
```
### Dockerfile for Cloud Run
```dockerfile
FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
EXPOSE 3000
CMD ["node", "server.js"]
```
### app.js Configuration
```ts
import express from 'express';
const app = express();
const PORT = process.env.PORT || 3000;
app.get('/', (req, res) => {
res.send('Hello from Cloud Run!');
});
app.listen(PORT, () => {
console.log(`Server running on port ${PORT}`);
});
```
## Firestore Database
### Initialize Firestore
```ts
// lib/firestore.ts
import { initializeApp } from 'firebase/app';
import { getFirestore } from 'firebase/firestore';
const firebaseConfig = {
apiKey: process.env.FIREBASE_API_KEY,
authDomain: process.env.FIREBASE_AUTH_DOMAIN,
projectId: process.env.FIREBASE_PROJECT_ID,
storageBucket: process.env.FIREBASE_STORAGE_BUCKET,
messagingSenderId: process.env.FIREBASE_MESSAGING_SENDER_ID,
appId: process.env.FIREBASE_APP_ID
};
const app = initializeApp(firebaseConfig);
export const db = getFirestore(app);
```
### CRUD Operations
```ts
import {
collection,
addDoc,
getDocs,
doc,
getDoc,
updateDoc,
deleteDoc,
query,
where
} from 'firebase/firestore';
// CREATE
async function createUser(userData: { email: string; name: string }) {
const docRef = await addDoc(collection(db, 'users'), {
email: userData.email,
name: userData.name,
createdAt: new Date()
});
return docRef.id;
}
// READ (single document)
async function getUser(userId: string) {
const docRef = doc(db, 'users', userId);
const docSnap = await getDoc(docRef);
if (docSnap.exists()) {
return docSnap.data();
} else {
throw new Error('User not found');
}
}
// READ (collection with query)
async function getUsersByEmail(email: string) {
const q = query(
collection(db, 'users'),
where('email', '==', email)
);
const querySnapshot = await getDocs(q);
const users: any[] = [];
querySnapshot.forEach(doc => {
users.push({ id: doc.id, ...doc.data() });
});
return users;
}
// UPDATE
async function updateUser(userId: string, updates: any) {
const userRef = doc(db, 'users', userId);
await updateDoc(userRef, {
...updates,
updatedAt: new Date()
});
}
// DELETE
async function deleteUser(userId: string) {
await deleteDoc(doc(db, 'users', userId));
}
```
## Realtime Database
### Firebase Realtime Setup
```ts
// lib/realtime-db.ts
import { initializeApp } from 'firebase/app';
import { getDatabase, ref, onValue, set, update, remove } from 'firebase/database';
const app = initializeApp(firebaseConfig);
export const realtimeDb = getDatabase(app);
// Real-time listener
function subscribeToPresence(userId: string, callback: (data: any) => void) {
const presenceRef = ref(realtimeDb, `presence/${userId}`);
const unsubscribe = onValue(presenceRef, snapshot => {
callback(snapshot.val());
});
return unsubscribe;
}
// Write data
async function setUserStatus(userId: string, status: string) {
const statusRef = ref(realtimeDb, `status/${userId}`);
await set(statusRef, {
status,
lastUpdated: new Date().toISOString()
});
}
```
## Google OAuth 2.0 (User Authentication)
### Setup OAuth Credentials
1. Go to Google Cloud Console → APIs & Services → Credentials
2. Create OAuth 2.0 Client ID
3. Set authorized redirect URIs
### OAuth Implementation
```ts
// lib/google-oauth.ts
import { google } from 'googleapis';
import session from 'express-session';
const oauth2Client = new google.auth.OAuth2(
process.env.GOOGLE_CLIENT_ID,
process.env.GOOGLE_CLIENT_SECRET,
process.env.GOOGLE_REDIRECT_URL
);
// Route: Start OAuth flow
app.get('/auth/google', (req, res) => {
const scopes = [
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile'
];
const authUrl = oauth2Client.generateAuthUrl({
access_type: 'offline',
scope: scopes,
include_granted_scopes: true
});
res.redirect(authUrl);
});
// Route: OAuth callback
app.get('/auth/callback', async (req, res) => {
const { code } = req.query;
try {
const { tokens } = await oauth2Client.getToken(code as string);
oauth2Client.setCredentials(tokens);
// Use tokens to get user info
const oauth2 = google.oauth2({
auth: oauth2Client,
version: 'v2'
});
const userinfo = await oauth2.userinfo.get();
req.session.user = userinfo.data;
req.session.tokens = tokens;
res.redirect('/dashboard');
} catch (error) {
console.error('OAuth error:', error);
res.status(500).send('Authentication failed');
}
});
// Middleware: Check authentication
export function requireAutBuild REST APIs with proper error handling, status codes, request validation, response formatting, and rate limiting. Apply when creating API routes, handling errors, validating input, or designing API responses.
Harden REST and GraphQL APIs against common attack vectors. Apply when building API endpoints, implementing authentication, handling file uploads, or exposing APIs to external consumers.
Deploy Node.js applications on AWS using EC2, RDS, and managed services with security best practices. Apply when setting up AWS infrastructure, configuring databases, managing security, or optimizing costs.
Rapidly fix build failures, type errors, and lint issues with minimal diffs. Apply when builds fail, TypeScript reports errors, or CI/CD pipelines break. Focuses on getting the build green fast.
STRIDE-based threat modeling for application architecture. Apply when designing new systems, reviewing architecture, or assessing security posture of existing applications.
Production-ready Docker patterns for multi-stage builds, security hardening, and orchestration. Apply when creating Dockerfiles, docker-compose configs, or deploying containerized applications.
Enforces Conventional Commits, PR standards, merge conflict resolution, and branch management. Apply when committing code, opening PRs, resolving conflicts, managing branches, or handling Git operations.
Structured production incident triage, resolution, and post-mortem. Apply when production systems are down, degraded, or behaving unexpectedly. Covers detection, containment, resolution, and learning.