DinD push image to GCR from GKE #5530
Unanswered
danielhstahl
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
As a final step in my workflow I am trying to build an image and push it to a (private) GCR that exists in the same project as my GKE cluster.
For my other steps I simply use the "default" gcloud service account that has read/write permissions to the GCR. I don't have to specify anything in imagePullSecrets; it automatically "works".
However, for the DinD step I get "You don't have the needed permissions to perform this operation, and you may have invalid credentials.". I get this at the "FROM gcr.io/myprivaterepo" line, so it seems that the gcloud service account is not working in DinD. I've created a kubernetes service account that mirrors the gcloud account (as described in https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity#gcloud) but including this SA as a volume does not work either.
Anyone successfully gotten this to work?
Beta Was this translation helpful? Give feedback.
All reactions