I would like to use the following tools together:
- Docker
- gcloud SDK
- gcloud Service Account
- gcloud Source Repo (as part of project dependencies)
The steps i'm taking:
1) Log into the Google Cloud Console at: https://console.cloud.google.com/iam-admin/serviceaccounts/project?project=project-name
2) Create a service account, for now give 'Owner' permissions, and download the json key as account-name.json
3) Add a Dockerfile:
FROM google/cloud-sdk
COPY account-name.json /tmp/account-name.json
RUN gcloud auth activate-service-account --key-file /tmp/account-name.json
RUN rm /tmp/account-name.json
RUN gcloud config set project project-name
RUN gcloud config set account [email protected]
RUN gcloud source repos clone default --project=project-name
4) Build and run docker:
docker build -t service-account-repo .
docker run -ti service-account-repo
The error I get is:
ERROR: (gcloud.source.repos.clone) You do not currently have an active account selected. Please run:
$ gcloud auth login
to obtain new credentials, or if you have already logged in with a different account:
$ gcloud config set account ACCOUNT
to select an already authenticated account to use.
And no matter which commands I try, including setting the account and auth login, via docker exec it doesn't work.
If I run the same commands locally it works, because I am already logged in with my main gcloud account.
Do gcloud Service Accounts work with gcloud Source Repos? does anyone have a working example without their normal accounts logged in? Do I need to enable other cloud APIs to get it to work?
