如何使用云构建来部署云,并在google云上运行云sql?
如何使用云构建来部署云,并在google云上运行云sql?
提问于 2021-01-08 01:35:11
我的cloudbuild.yaml文件(我已经构建了一个坞映像并将它推送到gcr)
此应用程序在Cloud上使用mysql。所以需要连接到它。
steps:
- id: cloud-run
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: gcloud
args:
- 'run'
- 'deploy'
- 'my-service'
- '--image'
- 'asia.gcr.io/$_PROJECT_ID/my-service:$_COMMIT_SHA'
- '--region'
- 'asia-northeast1'
- '--platform'
- 'managed'
- '--service-account'
- '$_CLOUD_RUN_PUBSUB_INVOKER'
- '--add-cloudsql-instances'
- '$_MYSQL_MAIN_INSTANCE_NAME'
- '--set-env-vars'
- 'MYSQL_MAIN_CONNECTIONS=$_MYSQL_MAIN_CONNECTIONS'
- '--set-env-vars'
- 'MYSQL_MAIN_INSTANCE_NAME=$_MYSQL_MAIN_INSTANCE_NAME'
- '--set-env-vars'
- 'MYSQL_MAIN_DB=$_MYSQL_MAIN_DB'
- '--set-env-vars'
- 'MYSQL_MAIN_USER=$_MYSQL_MAIN_USER'
- '--set-env-vars'
- 'MYSQL_MAIN_PASSWORD_SECRET_ID=$_MYSQL_MAIN_PASSWORD_SECRET_ID'
- '--set-env-vars'当运行构建提交时,得到Cloud未激活错误
$ gcloud builds submit
Creating temporary tarball archive of 5 file(s) totalling 47.4 KiB before compression.
Uploading tarball of [.] to [gs://my-project_cloudbuild/source/1610067564.911628-8d7f3de581ca4b8faa57bd5a8ea75ef1.tgz]
Created [https://cloudbuild.googleapis.com/v1/projects/my-project/locations/global/builds/b4e1bf9c-bc06-4ce8-b252-3b34f164719d].
Logs are available at [https://console.cloud.google.com/cloud-build/builds/b4e1bf9c-bc06-4ce8-b252-3b34f164719d?project=421686839359].
---------------------------------------------------------------------------------------------- REMOTE BUILD OUTPUT -----------------------------------------------------------------------------------------------
starting build "b4e1bf9c-bc06-4ce8-b252-3b34f164719d"
FETCHSOURCE
Fetching storage object: gs://my-project_cloudbuild/source/1610067564.911628-8d7f3de581ca4b8faa57bd5a8ea75ef1.tgz#1610067566084932
Copying gs://my-project_cloudbuild/source/1610067564.911628-8d7f3de581ca4b8faa57bd5a8ea75ef1.tgz#1610067566084932...
/ [1 files][ 17.1 KiB/ 17.1 KiB]
Operation completed over 1 objects/17.1 KiB.
BUILD
Pulling image: gcr.io/google.com/cloudsdktool/cloud-sdk
Using default tag: latest
latest: Pulling from google.com/cloudsdktool/cloud-sdk
6c33745f49b4: Already exists
...
ffa0764d79dc: Pull complete
Digest: sha256:3f32cb39cdfe8902bc85e31111a9f1bc7cbd9d37f31c6164f2b41cfdaa66284f
Status: Downloaded newer image for gcr.io/google.com/cloudsdktool/cloud-sdk:latest
gcr.io/google.com/cloudsdktool/cloud-sdk:latest
Skipped validating Cloud SQL API and Cloud SQL Admin API enablement due to an issue contacting the Service Usage API. Please ensure the Cloud SQL API and Cloud SQL Admin API are activated (see https://console.cloud.google.com/apis/dashboard).
ERROR: (gcloud.run.deploy) PERMISSION_DENIED: The caller does not have permission
ERROR
ERROR: build step 0 "gcr.io/google.com/cloudsdktool/cloud-sdk" failed: step exited with non-zero status: 1
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ERROR: (gcloud.builds.submit) build b4e1bf9c-bc06-4ce8-b252-3b34f164719d completed with status "FAILURE"我检查了仪表板https://console.cloud.google.com/apis/dashboard,两个Cloud SQL API and Cloud SQL Admin API都激活了。
我还运行了https://cloud.google.com/cloud-build/docs/deploying-builds/deploy-cloud-run#continuous-iam的权限设置
gcloud iam service-accounts add-iam-policy-binding \
PROJECT_NUMBER-compute@developer.gserviceaccount.com \
--member="serviceAccount:PROJECT_NUMBER@cloudbuild.gserviceaccount.com" \
--role="roles/iam.serviceAccountUser"但还是同样的错误。
回答 1
Stack Overflow用户
回答已采纳
发布于 2021-01-08 05:39:18
似乎是关于IAM许可的错误。
PERMISSION_DENIED:调用方没有权限
您还需要遵循此文档中所需的IAM权限步骤。
要部署到云运行(完全托管),将云运行管理和服务帐户用户角色授予云构建服务帐户:
- 在云控制台中,转到云构建设置页面:
- 打开“设置”页面
- 在“服务帐户权限”面板中,将云运行管理角色的状态设置为“已启用”:
- 在可能需要弹出的附加步骤中,单击“跳过”或“授予对所有服务帐户的访问权限”。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/65622280
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号