gcloud beta run deploy --source . throws 412
Question
Due to corporate restrictions, I'm supposed to host everything on GCP in Europe. The organisation I work for, has set a restriction policy to enforce this.
When I deploy a cloud run instance from source with gcloud beta run deploy --source. --region europe-west1 gcloud beta run deploy --source. --region europe-west1 it seems the command tries to store the temporary files in a storage bucket in the us , which is not allowed. The command then throws a 412 error.
➜ gcloud beta run deploy cloudrun-service-name --source . --platform managed --region=europe-west1 --allow-unauthenticated
This command is equivalent to running `gcloud builds submit --tag [IMAGE] .` and `gcloud run deploy cloudrun-service-name --image [IMAGE]`
Building using Dockerfile and deploying container to Cloud Run service [cloudrun-service-name] in project [PROJECT_ID] region [europe-west1]
X Building and deploying new service... Uploading sources.
- Uploading sources...
. Building Container...
. Creating Revision...
. Routing traffic...
. Setting IAM Policy...
Deployment failed
ERROR: (gcloud.beta.run.deploy) HTTPError 412: 'us' violates constraint 'constraints/gcp.resourceLocations'
I see the Artifact Registry Repository being created in the correct region, but not the storage bucket.
To bypass this I have to create a storage bucket first in the correct region with the name PROJECT_ID_cloudbuild . Is there any other way to fix this?
1 answers
solution1
0 2022-03-02 07:59:38
Looking at the error message indicates that the bucket is forced to be created in the US regardless of the Organisation policy set in Europe. As per this public issue tracker comment ,
“Cloud build submit creates a [PROJECT_ID]_cloudbuild bucket in the US. This will of course not work when resource restrictions apply. What you can do as a workaround is to create that bucket yourself in another location. You should do this before your first cloud build submit.”
This has been a known issue and I found two workarounds that can help you achieve what you want.
The first workaround is by using “gcloud builds submit” with additional flags:
- Create a new bucket with the name [PROJECT_ID]_cloudbuild in the preferred location.
- Specify non-buckets using --gcs-source-staging-dir and --gcs-log-dir 2 ===> this flag is required as if it is not set it will create a bucket in the US.
The second workaround is by using a cloudbuild.yaml and the “--gcs-source-staging-dir” flag:
- Create a bucket in the region, dual-region or multi-region you may want
- Create a cloudbuild.yaml for storing a build artifacts
- You can find an example of the YAML file in the following external documentation , please note that I cannot vouch for its accuracy since it is not from GCP.
- Run the command:
gcloud builds submit --gcs-source-staging-dir="gs://example-bucket/cloudbuild-custom" --config cloudbuild.yaml
Please try these workarounds and let me know if it worked for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.