Home > OS >  Github actions secret of gcp service account not parsed correctly
Github actions secret of gcp service account not parsed correctly

Time:06-13

I have created a GCP service account having the roles/storageAdmin role.

I have tested it locally as follows:

$ gcloud auth activate-service-account --key-file=myfile.json

$ gcloud auth configure-docker

$ docker push gcr.io/my-project-id/echoserver:1.0.1

I then create a repo-level secret with the contents of this file named GCR_SECRET and run the following action

    - name: build and push to staging gcr
      id: stg_img_build
      uses: RafikFarhad/push-to-gcr-github-action@v4
      with:
        gcloud_service_key: ${{ secrets.GCR_SECRET }}
        registry: gcr.io
        project_id: $STAGING_GCR_PROJECT
        image_name: ${{ github.event.inputs.image_name }}
        image_tag:  ${{ github.event.inputs.image_tag }}

This fails as follows:

Error response from daemon: Get "https://gcr.io/v2/": unknown: Unable to parse json key.

What could be causing this?

CodePudding user response:

I encourage you to consider Workload Identity Federation as this will enable you to federate auth using a Google Service Account to GitHub Actions.

See Enabling keyless auth from GitHub Actions.

If you want to use RafikFarhad/push-to-gcr-github-action, note the requirement to base64 encode the key before persisting it to the repo.

Page link:https//www.codepudding.com/os/440105.html

Prev:git action/workflow is not running other than master/default branch?
Next:Running sh as part of assembling android project on git action yml
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding