Home > Software design >  Cannot push Docker images to GCP from Github Action
Cannot push Docker images to GCP from Github Action

Time:12-30

I have the following Github Actions script, and the JSON keyfile I am using here has owner privileges on the GCP project. I cannot push images to the GCP artifact docker repo.

steps:
    - name: Checkout
      uses: actions/checkout@v2
  
    - name: Authenticate to Google Cloud
      uses: google-github-actions/[email protected]
      with:
        project_id: something-dev-tooling
        credentials_json: '${{ secrets.GCP_JSON }}'
        
    - name: Configure GCloud Auth provider with Docker
      run: |
            gcloud auth configure-docker australia-southeast1-docker.pkg.dev

    - name: Build Tag & Push Container
      run: | 
              tagname="${{github.ref_name}}"
              docker build -t test-signup-api --target prod .
              docker tag test-signup-api australia-southeast1-docker.pkg.dev/something-docker/test-signup-api:$tagname
              docker push australia-southeast1-docker.pkg.dev/something-docker/test-signup-api:$tagname

This yields the following error:

Successfully tagged test-signup-api:latest The push refers to repository [australia-southeast1-docker.pkg.dev/something-docker/test-signup-api] 123f04c654be: Preparing 1d4281763c85: Preparing 4251fe09055f: Preparing a057xxef5483: Preparing c6323d11ce20: Preparing b4c1ae489097: Preparing 07d2d7aa362e: Preparing 7c1610cf2397: Preparing 16427a3bb904: Preparing 449a28044116: Preparing f11bbd657c82: Preparing b4c1ae489097: Waiting 07d2d7aa362e: Waiting 7c1610cf2397: Waiting 16427a3bb904: Waiting 449a28044116: Waiting f11bbd657c82: Waiting denied: Permission "artifactregistry.repositories.downloadArtifacts" denied on resource "projects/something-docker/locations/australia-southeast1/repositories/test-signup-api" (or it may not exist)

Can anyone help?

CodePudding user response:

I am not sure if you just redacted the project_id with different names but at first glance, it looks like you are not tagging the Docker image with the correct project ID and hence it's trying to push to an inexistent project.

On your "Authenticate with gcloud" step, you have defined the project ID as: project_id: something-dev-tooling

so change the docker tag to the correct project id, it would be:

docker tag test-signup-api australia-southeast1-docker.pkg.dev/something-dev-tooling/test-signup-api:$tagname
docker push australia-southeast1-docker.pkg.dev/something-dev-tooling/test-signup-api:$tagname

Now, if you are pushing to a different project ID (rather than the one you authenticated with gcloud) your Service Account will need to have the permissions cross project in order to push/download images from a different project.

Page link:https//www.codepudding.com/Softwaredesign/244584.html

Prev:Google Cloud Deploying Containers VM "Command" option
Next:How to run Faust from Docker - ERROR: Failed building wheel for python-rocksdb
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding