diff --git a/solutions/document-processing/apps/master/Dockerfile b/solutions/document-processing/apps/master/Dockerfile
index cc1927fdc..02de98066 100644
--- a/solutions/document-processing/apps/master/Dockerfile
+++ b/solutions/document-processing/apps/master/Dockerfile
@@ -20,5 +20,5 @@ RUN pip install --no-cache-dir -r requirements.txt
 # For environments with multiple CPU cores, increase the number of workers
 # to be equal to the cores available.
 # Timeout is set to 0 to disable the timeouts of the workers to allow Cloud Run to handle instance scaling.
-CMD exec gunicorn --bind :$PORT --workers 1 --threads 8 --timeout 0 main:app
+CMD exec gunicorn --bind :$PORT --workers 1 --threads 8 --timeout 0 solutions/document-processing/apps/master/main:app
 
diff --git a/solutions/document-processing/apps/master/cloudbuild.yaml b/solutions/document-processing/apps/master/cloudbuild.yaml
index 6efc891b9..34d4ca4e7 100644
--- a/solutions/document-processing/apps/master/cloudbuild.yaml
+++ b/solutions/document-processing/apps/master/cloudbuild.yaml
@@ -43,11 +43,13 @@ steps:
   
   # [START cloudbuild_python_deploy_yaml]
   # Deploy to Cloud Run
- # - name: google/cloud-sdk
- #   args: ['gcloud', 'run', 'deploy', 'helloworld-${SHORT_SHA}', 
- #          '--image=us-central1-docker.pkg.dev/${PROJECT_ID}/docproc3/dp-master:${SHORT_SHA}', 
- #          '--region', 'us-central1', '--platform', 'managed', 
- #          '--allow-unauthenticated']
+  # AR_NAME
+  # DOCKER_MASTER_IMAGE_NAME
+  #- name: google/cloud-sdk
+  #  args: ['gcloud', 'run', 'deploy', 'helloworld-${SHORT_SHA}', 
+  #         '--image=us-central1-docker.pkg.dev/${PROJECT_ID}/docproc3/dp-master:${SHORT_SHA}', 
+  #         '--region', 'us-central1', '--platform', 'managed', 
+  #         '--allow-unauthenticated']
   # [END cloudbuild_python_deploy_yaml]
   
 # [START cloudbuild_python_logs_yaml]
@@ -61,5 +63,7 @@ steps:
 # Store images in Google Artifact Registry 
 images:
   - us-central1-docker.pkg.dev/${PROJECT_ID}/docproc3/dp-master:${SHORT_SHA}
+    # ["gcr.io/$PROJECT_ID/magellan-nbi:latest"]
+#  - us-central1-docker.pkg.dev/${PROJECT_ID}/docproc3/dp-master:latest
 # [END cloudbuild_python_yaml]
 #
diff --git a/solutions/document-processing/gcloud/deployment.sh b/solutions/document-processing/gcloud/deployment.sh
index 0e55a627a..a11273bc1 100755
--- a/solutions/document-processing/gcloud/deployment.sh
+++ b/solutions/document-processing/gcloud/deployment.sh
@@ -479,14 +479,42 @@ create_ar() {
    echo "create ar"
    # enable csr role
    #gcloud source repos set-iam-policy REPOSITORY_NAME POLICY_FILE
-   # ar
    gcloud artifacts repositories create $AR_NAME --location=$REGION --repository-format=docker
 }
 
 delete_ar() {
     echo "delete ar"
+    # test
+    gcloud artifacts repositories delete $AR_NAME --location=$REGION
 }
 
+create_cloudrun() {
+    echo "create cloud run"
+    # Get service account via project mumber env
+gcloud run deploy ${CLOUD_RUN_MASTER_NAME} \
+--image=${REGION}-docker.pkg.dev/${CC_PROJECT_ID}/${AR_NAME}/${CLOUD_RUN_MASTER_NAME}@sha256:19c7e0c35c47a2a408bde8d9a54402cbad94c46b5421f1b17bdf4f4b27010e60 \
+--allow-unauthenticated \
+--service-account=${PROJECT_NUMBER}-compute@developer.gserviceaccount.com \
+--min-instances=1 \
+--max-instances=10 \
+--set-env-vars=GCS_BUCKET=${GCSBUCKET}=bucket,HOSTPATH=${HOSTPATH_MASTER} \
+--no-cpu-throttling \
+--execution-environment=gen2 \
+--region=${REGION} \
+--project=${CC_PROJECT_ID}
+
+# get master cloud run url
+export CLOUD_RUN_MASTER_URL=$(gcloud run services describe $CLOUD_RUN_MASTER_NAME --platform managed --region $REGION --format 'value(status.url)')
+echo "Cloud Run URL for $CLOUD_RUN_MASTER_NAME: ${CLOUD_RUN_MASTER_URL}"
+}
+
+delete_cloudrun() {
+    echo "delete cloud run"
+    gcloud run services delete $CLOUD_RUN_MASTER_NAME --region=$REGION --quiet
+}
+
+
+
 delete_all() {
   # delete service accounts
   #gcloud iam service-accounts delete $SERVICE_ACCOUNT_M4A_CE_SRC@$PROJECT_ID.iam.gserviceaccount.com  --project=$PROJECT_ID --quiet
@@ -563,10 +591,13 @@ if [[ "$CREATE_KCC" != false ]]; then
 # check expiry https://cloud.google.com/sdk/gcloud/reference/projects/add-iam-policy-binding
 
   # get GKE/ASM ids
-  export PROJECT_NUMBER=$(gcloud projects describe ${CC_PROJECT_ID} --format="value(projectNumber)")
+  # get project number
+  export PROJECT_NUMBER=$(gcloud projects list --filter="${CC_PROJECT_ID}" '--format=value(PROJECT_NUMBER)')
+  #export PROJECT_NUMBER=$(gcloud projects describe ${CC_PROJECT_ID} --format="value(projectNumber)")
   export WORKLOAD_POOL=${CC_PROJECT_ID}.svc.id.goog
   export MESH_ID="proj-${CC_PROJECT_NUMBER}"
 
+
   create_roles_services
   create_vpc
   create_once_only
@@ -580,6 +611,8 @@ if [[ "$CREATE_KCC" != false ]]; then
  # istio_injection_prod
  # install_gateway_prod
  # trigger_prod_main_build
+  create_cloudrun
+
 
 else
   echo "Switching to KCC project ${KCC_PROJECT_ID}"
@@ -628,11 +661,12 @@ fi
   #create_cloudbuild_prod
   #delete_cloudbuild_prod
   #trigger_prod_main_build
-
+  #create_cloudrun
 
 # delete
 if [[ "$DELETE_KCC" != false ]]; then
   echo "Deleting ${CC_PROJECT_ID}"
+   delete_cloudrun
  #  delete_clusters
  #  delete_istio_registration
    delete_cloudbuild_prod
diff --git a/solutions/document-processing/gcloud/vars.sh b/solutions/document-processing/gcloud/vars.sh
index fb3feab92..3399fa737 100755
--- a/solutions/document-processing/gcloud/vars.sh
+++ b/solutions/document-processing/gcloud/vars.sh
@@ -16,6 +16,7 @@
 
 ###
 # UPDATE
+export REGION=us-central1
 # root of current project dir
 export ROOT_DIR=~/docproc-old
 # generated project prefix
@@ -26,8 +27,8 @@ export PREFIX=pdt
 # increment/verify
 export CSR_NAME=docproc3
 export AR_NAME=$CSR_NAME
-# directory inside this current repo from where we run scripts
-export GITHUB_GCLOUD_REPO_DIR=pubsec-declarative-toolkit/solutions/document-processing/gcloud
+export CLOUD_RUN_MASTER_NAME=dp-master
+export DOCKER_MASTER_IMAGE_NAME=dp-master
 # no underscores
 export SERVICE_ACCOUNT_MAIN=service-account-main
 # current project - not the target project
@@ -35,6 +36,11 @@ export SERVICE_ACCOUNT_MAIN=service-account-main
 export BOOT_PROJECT_ID=docproc-old
 ###
 
+### APP SPECIFIC
+export GCS_BUCKET=${CSR_NAME}-bucket
+export HOSTPATH_MASTER=0.0.0.0
+###
+
 ###
 # DERIVED - do not edit
 # current project - not the target project
@@ -45,19 +51,16 @@ export PROJECT_ID=$DEVSHELL_PROJECT_ID
 # dir/name of internal source repo
 #export SRC_REPO=docproc
 export SRC_REPO=pubsec-declarative-toolkit
+# directory inside this current repo from where we run scripts
+export GITHUB_GCLOUD_REPO_DIR=${SRC_REPO}/solutions/document-processing/gcloud
+
 # branch under use
 export CSR_BRANCH_OTHER_THAN_MAIN=canary
 # subfolder off root to hold CSR from github
 export CSR_ROOT=csr
 export REPO_TREE_DEPTH_FOR_CD_UP=../../../../
-# after the fact - post service enablement - 2nd one
-# not required
-export CLOUD_BUILD_SA=880919021125@cloudbuild.gserviceaccount.com
-
 
 export TEMP_REPO_DIR=temp0
-
-export REGION=us-central1
 export NETWORK=$REGION
 export SUBNET=$NETWORK-sn
 #export NETWORK=default