-
-
Save Philmod/e18056caac485549bb5339ffa4fd31b5 to your computer and use it in GitHub Desktop.
| steps: | |
| - name: 'gcr.io/cloud-builders/npm' | |
| args: ['install'] | |
| - name: 'gcr.io/cloud-builders/npm' | |
| args: ['test'] | |
| - name: 'gcr.io/cloud-builders/docker' | |
| args: ["build", "-t", "gcr.io/$PROJECT_ID/frontend:$REVISION_ID", "."] | |
| - name: 'gcr.io/cloud-builders/docker' | |
| args: ["push", "gcr.io/$PROJECT_ID/frontend:$REVISION_ID"] | |
| - name: 'gcr.io/cloud-builders/gcloud' | |
| entrypoint: 'bash' | |
| args: | |
| - '-c' | |
| - | | |
| gcloud components install kubectl | |
| gsutil cp gs://container-kubernetes-key/kubeconfig . | |
| export KUBECONFIG=kubeconfig | |
| kubectl set image deployment/frontend frontend=gcr.io/$PROJECT_ID/frontend:$REVISION_ID |
gsutil cp ~/.kube/config gs://container-kubernetes-key/kubeconfig
You don't need this magic anymore: https://github.com/GoogleCloudPlatform/cloud-builders/blob/master/kubectl/examples/pods-list/cloudbuild.yaml
I took an "upside-down" approach to this problem and made this tool: https://github.com/dminkovsky/kube-cloud-build/
Also, do take a look at http://github.com/weaveworks/flux, it offers a more decoupled approach with where you install a git reconciliation operator into your cluster, and it picks up new images from the registry, makes changes in git and then applies new config to the cluster.
We blogged a lot about our approach too, see e.g. https://www.weave.works/blog/gitops-high-velocity-cicd-for-kubernetes.
I keep hitting this error:
Step #2: ERROR: (gcloud.container.clusters.get-credentials) ResponseError: code=403, message=Required "container.clusters.get" permission for "projects/buildanything-io/zones/us-central1-a/clusters/cluster-3".
Finished Step #2
ERROR
ERROR: build step 2 "gcr.io/cloud-builders/kubectl" failed: exit status 1
What shall I do?
@Philmod I am facing below issue which is similar to the above one.
The connection to the server localhost:8080 was refused - did you specify the right host or port?
ERROR: (gcloud.container.clusters.get-credentials) ResponseError: code=403, message=Required "container.clusters.get" permission for "projects/PROJECT/zones/ZONE/clusters/CLUSTER_NAME".
Fetching cluster endpoint and auth data.
All components are up to date.
Already have image (with digest): gcr.io/cloud-builders/gcloud
When you get Required "BLABLABLABLA" permission .... message, go into IAM -> Roles -> Create role [ROLE_NAME] -> add container.clusters.get and/or whatever other permissions you need in order to get it done, and assign that role (IAM -> Add) to the Cloud Builder service account ..........@cloudbuild.gserviceaccount.com
Secondly, it works with:
- id: kubectl-set-image
name: gcr.io/cloud-builders/kubectl
args: ['set', 'image', 'deployment/[DEPLOYMENT_NAME]', '[IMAGE_NAME]=gcr.io/$PROJECT_ID/[IMAGE_NAME]:$TAG_NAME']
env:
- 'CLOUDSDK_COMPUTE_ZONE=[ZONE]'
- 'CLOUDSDK_CONTAINER_CLUSTER=[CLUSTER]'
The previous comment worked for me! Thanks for that.
How do you actually get the kubeconfig file into the cloud storage? / how do you create that file so the script is able to connect to the k8s cluster?