Skip to content
Docs

Run it, deploy it, point it at your cluster.

Three modes: local development, Cloud Run deploy, and connector mode against a real project.

Run locally

git clone https://github.com/divyamohan1993/sentinelcloud
cd sentinelcloud/web
npm install
npm run dev
# open http://localhost:8080

By default, the LLM gateway uses Vertex AI Gemini if Application Default Credentials are present. Otherwise it falls back to a deterministic stub so the demo always works.

Deploy to Cloud Run

gcloud config set project dmjone
gcloud run deploy sentinelcloud \
  --source . \
  --region asia-east1 \
  --min-instances 0 \
  --max-instances 10 \
  --memory 1Gi --cpu 1 \
  --port 8080 \
  --allow-unauthenticated

Cold-start is acceptable on the free tier. Domain mapping commands are in DEPLOY.md.

Connector mode

# Bind a service account with least privilege
gcloud iam service-accounts create sentinelcloud-runtime
gcloud projects add-iam-policy-binding dmjone \
  --member=serviceAccount:sentinelcloud-runtime@dmjone.iam.gserviceaccount.com \
  --role=roles/aiplatform.user

# Optional Anthropic key
echo -n $KEY | gcloud secrets create anthropic-key --data-file=-

# Deploy with the bound SA
gcloud run services update sentinelcloud \
  --service-account sentinelcloud-runtime@dmjone.iam.gserviceaccount.com \
  --region asia-east1

Connector mode replaces simulated actuators with real ones. It is gated behind the admin allowlist and is off by default.

Environment

The five env vars that matter.

VarDefaultPurpose
GOOGLE_CLOUD_PROJECTdmjoneProject for Vertex AI and Firestore.
SENTINEL_REGIONasia-east1Cloud Run region used in metadata.
ANTHROPIC_API_KEYunsetOptional Claude provider as second opinion.
SENTINEL_FORCE_STUB0Force the deterministic stub. Useful for offline demos.
SENTINEL_ADMIN_EMAILSdivyamohan1993@gmail.comComma-separated allowlist for connector-mode actions.