DinD push image to GCR from GKE #5530
Unanswered
danielhstahl
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
As a final step in my workflow I am trying to build an image and push it to a (private) GCR that exists in the same project as my GKE cluster.
For my other steps I simply use the "default" gcloud service account that has read/write permissions to the GCR. I don't have to specify anything in imagePullSecrets; it automatically "works".
However, for the DinD step I get "You don't have the needed permissions to perform this operation, and you may have invalid credentials.". I get this at the "FROM gcr.io/myprivaterepo" line, so it seems that the gcloud service account is not working in DinD. I've created a kubernetes service account that mirrors the gcloud account (as described in https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity#gcloud) but including this SA as a volume does not work either.
Anyone successfully gotten this to work?
Beta Was this translation helpful? Give feedback.
All reactions