Gitlab Cloud 运行 部署成功但作业失败
Gitlab Cloud run deploy successfully but Job failed
我的 CI/CD 管道有问题,
它已成功部署到 GCP 云 运行 但在 Gitlab 仪表板上状态为失败。
我尝试将图像替换为其他 docker 个图像,但也失败了。
# File: .gitlab-ci.yml
image: google/cloud-sdk:alpine
deploy_int:
stage: deploy
environment: integration
only:
- integration # This pipeline stage will run on this branch alone
script:
- echo $GCP_SERVICE_KEY > gcloud-service-key.json # Google Cloud service accounts
- gcloud auth activate-service-account --key-file gcloud-service-key.json
- gcloud config set project $GCP_PROJECT_ID
- gcloud builds submit . --config=cloudbuild_int.yaml
# File: cloudbuild_int.yaml
steps:
# build the container image
- name: 'gcr.io/cloud-builders/docker'
args: [ 'build','--build-arg','APP_ENV=int' , '-t', 'gcr.io/$PROJECT_ID/tpdropd-int-front', '.' ]
# push the container image
- name: 'gcr.io/cloud-builders/docker'
args: [ 'push', 'gcr.io/$PROJECT_ID/tpdropd-int-front']
# deploy to Cloud Run
- name: "gcr.io/cloud-builders/gcloud"
args: ['run', 'deploy', 'tpd-front', '--image', 'gcr.io/$PROJECT_ID/tpdropd-int-front', '--region', 'us-central1', '--platform', 'managed', '--allow-unauthenticated']
gitlab 构建输出:
ERROR: (gcloud.builds.submit)
The build is running, and logs are being written to the default logs bucket.
This tool can only stream logs if you are Viewer/Owner of the project and, if applicable, allowed by your VPC-SC security policy.
The default logs bucket is always outside any VPC-SC security perimeter.
If you want your logs saved inside your VPC-SC perimeter, use your own bucket.
See https://cloud.google.com/build/docs/securing-builds/store-manage-build-logs.
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
您可以使用此解决方法:
通过将 Viewer 角色授予服务帐户 运行 来解决此问题,但这感觉就像给这样的角色授予了太多权限。
我使用以下方法修复它:
options:
logging: CLOUD_LOGGING_ONLY
在cloudbuild.yaml
凯文的回答对我来说就像魔法一样,因为我无法发表评论,所以我正在写这个新答案。
最初我遇到了同样的问题,尽管 gcloud build submit 命令通过了,但我的 gitlab CI 失败了。
下面是 cloudbuild.yaml 文件,我在其中添加了 Kevin 建议的日志记录选项。
步数:
姓名:gcr.io/cloud-builders/gcloud
入口点:'bash'
args: ['run_query.sh', '${_SCRIPT_NAME}']
选项:
记录:CLOUD_LOGGING_ONLY
查看此文档了解详情:https://cloud.google.com/build/docs/build-config-file-schema#options
对我来说,我使用了@Kevin 提到的 options 解决方案。只需在 cloudbuild.yml 文件中添加前面提到的参数即可。
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/myproject/myimage', '.']
options:
logging: CLOUD_LOGGING_ONLY
这对我有用:使用 --suppress-logs
gcloud builds submit --suppress-logs --tag=<my-tag>
我的 CI/CD 管道有问题, 它已成功部署到 GCP 云 运行 但在 Gitlab 仪表板上状态为失败。
我尝试将图像替换为其他 docker 个图像,但也失败了。
# File: .gitlab-ci.yml
image: google/cloud-sdk:alpine
deploy_int:
stage: deploy
environment: integration
only:
- integration # This pipeline stage will run on this branch alone
script:
- echo $GCP_SERVICE_KEY > gcloud-service-key.json # Google Cloud service accounts
- gcloud auth activate-service-account --key-file gcloud-service-key.json
- gcloud config set project $GCP_PROJECT_ID
- gcloud builds submit . --config=cloudbuild_int.yaml
# File: cloudbuild_int.yaml
steps:
# build the container image
- name: 'gcr.io/cloud-builders/docker'
args: [ 'build','--build-arg','APP_ENV=int' , '-t', 'gcr.io/$PROJECT_ID/tpdropd-int-front', '.' ]
# push the container image
- name: 'gcr.io/cloud-builders/docker'
args: [ 'push', 'gcr.io/$PROJECT_ID/tpdropd-int-front']
# deploy to Cloud Run
- name: "gcr.io/cloud-builders/gcloud"
args: ['run', 'deploy', 'tpd-front', '--image', 'gcr.io/$PROJECT_ID/tpdropd-int-front', '--region', 'us-central1', '--platform', 'managed', '--allow-unauthenticated']
gitlab 构建输出:
ERROR: (gcloud.builds.submit)
The build is running, and logs are being written to the default logs bucket.
This tool can only stream logs if you are Viewer/Owner of the project and, if applicable, allowed by your VPC-SC security policy.
The default logs bucket is always outside any VPC-SC security perimeter.
If you want your logs saved inside your VPC-SC perimeter, use your own bucket.
See https://cloud.google.com/build/docs/securing-builds/store-manage-build-logs.
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
您可以使用此解决方法:
通过将 Viewer 角色授予服务帐户 运行 来解决此问题,但这感觉就像给这样的角色授予了太多权限。
我使用以下方法修复它:
options:
logging: CLOUD_LOGGING_ONLY
在cloudbuild.yaml
凯文的回答对我来说就像魔法一样,因为我无法发表评论,所以我正在写这个新答案。
最初我遇到了同样的问题,尽管 gcloud build submit 命令通过了,但我的 gitlab CI 失败了。
下面是 cloudbuild.yaml 文件,我在其中添加了 Kevin 建议的日志记录选项。
步数:
姓名:gcr.io/cloud-builders/gcloud
入口点:'bash'
args: ['run_query.sh', '${_SCRIPT_NAME}']
选项: 记录:CLOUD_LOGGING_ONLY
查看此文档了解详情:https://cloud.google.com/build/docs/build-config-file-schema#options
对我来说,我使用了@Kevin 提到的 options 解决方案。只需在 cloudbuild.yml 文件中添加前面提到的参数即可。
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/myproject/myimage', '.']
options:
logging: CLOUD_LOGGING_ONLY
这对我有用:使用 --suppress-logs
gcloud builds submit --suppress-logs --tag=<my-tag>