Jenkins - gcp 实例 - 找不到 gcloud-service-account-secret-key.json
[英]Jenkins - gcp instance - cant find gcloud-service-account-secret-key.json
问题描述
i'm building jenkins pipline,one of the steps run's bash script, with few commands:
我正在构建 jenkins 管道,其中一个步骤是运行 bash 脚本,命令很少:
* gcloud --quiet auth configure-docker
* docker-compose -f ${DOCKER_COMPOSE_PATH} ${DOCKER_COMPOSE_CACHING_FILE} build ${SERVICE_NAME}
when i tried just running the script in the piplinet当我尝试在 piplinet 中运行脚本时
/var/lib/jenkins/workspace/infrastructure-build/build.sh
i've got an error我有一个错误
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.40/images/create?fromImage=gcr.io%2Fkycstation-production%2Fzkui&tag=stagingcache : dial unix /var/run/docker.sock: connect: permission denied
so i added "sudo" and than a new error have accured instead:所以我添加了“sudo” ,而不是一个新的错误:
ERROR: (gcloud.auth.activate-service-account) Could not read json file gcloud-service-account-secret-key.json: No JSON object could be decoded
i have tried the next things: 1. created global variable in jenkins configuration 2. adding docker to root group 3. gcloud init我尝试了接下来的事情: 1. 在 jenkins 配置中创建全局变量 2. 将 docker 添加到根组 3. gcloud init
- https://cloud.google.com/sdk/docs/quickstart-debian-ubuntu https://cloud.google.com/container-registry/docs/advanced-authentication https://cloud.google.com/container-registry/docs/support/deprecation-notices#gcloud-docker https://cloud.google.com/iam/docs/creating-managing-service-account-keys
surfed the web, and still hadn't find anything that can help me浏览了 web,但仍然没有找到任何可以帮助我的东西
1 个解决方案
解决方案1
0 2021-03-30 12:21:35
/var/run/docker.sock: connect: permission denied For this issue, you need to do two things; /var/run/docker.sock: connect: permission denied对于这个问题,你需要做两件事;
- Adding Jenkins as superuser (to exclude sudo in commands)添加 Jenkins 作为超级用户(在命令中排除 sudo)
- $ sudo visudo $ sudo visudo
- jenkins ALL=(ALL) NOPASSWD:ALL jenkins ALL=(ALL) NOPASSWD:ALL
- $ sudo visudo
- chmod 777 /var/run/docker.sock (to overcome permission issue) chmod 777 /var/run/docker.sock(克服权限问题)
ERROR: (gcloud.auth.activate-service-account)错误:(gcloud.auth.activate-service-account)
- For this issue, before running gcloud commands, include your service account JSON file with appropriate credentials in Jenkins as Secret File.对于此问题,在运行 gcloud 命令之前,请将您的服务帐户 JSON 文件与 Jenkins 中的相应凭据作为机密文件包含在内。
- Reference that inside the Jenkinsfile as将 Jenkinsfile 中的内容引用为
- withCredentials([file(credentialsId: "sa-credentials", variable: 'SA_KEY')]) { withCredentials([file(credentialsId: "sa-credentials", variable: 'SA_KEY')]) {
- sh 'gcloud auth activate-service-account --key-file=${SA_KEY}' } sh 'gcloud auth activate-service-account --key-file=${SA_KEY}' }
- sh 'gcloud auth activate-service-account --key-file=${SA_KEY}' }
- withCredentials([file(credentialsId: "sa-credentials", variable: 'SA_KEY')]) {
and then execute other commands.然后执行其他命令。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.