CODEWITHSUNDEEP
jenkinskubernetesjenkins-pipelinekubectl
Amir Damirov
Amir Damirov

Reputation: 97

Jenkinsfile pipeline stage error in gcloud

I have the below pipeline. 

pipeline {
    agent any

    environment {
        PROJECT_ID = "*****"
        IMAGE = "gcr.io/$PROJECT_ID/node-app"
        BRANCH_NAME_NORMALIZED = "${BRANCH_NAME.toLowerCase().replace(" / ", "
        _ ")}"
    }

    stages {
        stage('Build') {
            steps {
                sh ' docker build -t ${IMAGE}:${BRANCH_NAME_NORMALIZED} . '

            }
        }
        stage('Push') {
            steps {
                withCredentials([file(credentialsId: 'jenkins_secret', variable: 'GC_KEY')]) {
                    sh("gcloud auth activate-service-account --key-file=${GC_KEY}")
                }
                sh ' gcloud auth configure-docker  '
                sh ' docker push $IMAGE:${BRANCH_NAME_NORMALIZED} '
            }
        }
        stage('Deploy') {
            steps {
                withDockerContainer(image: "gcr.io/google.com/cloudsdktool/cloud-sdk", toolName: 'latest') {
                    withCredentials([file(credentialsId: 'jenkins_secret', variable: 'GC_KEY')]) {
                        sh("gcloud auth activate-service-account --key-file=${GC_KEY}")
                        sh("gcloud container clusters get-credentials k8s --region us-central1 --project ${DEV_PROJECT}")
                        sh("kubectl get pods")

                    }
                }
            }
        }
    }
}

In Deploy stage it gives the following error :

gcloud auth activate-service-account --key-file=**** WARNING: Could not setup log file in /.config/gcloud/logs, (Error: Could not create directory [/.config/gcloud/logs/2020.02.05]: Permission denied.

Please verify that you have permissions to write to the parent directory.) ERROR: (gcloud.auth.activate-service-account) Could not create directory [/.config/gcloud]: Permission denied. Please verify that you have permissions to write to the parent directory.

I can't understand where this command wants to create a directory, docker container or in Host machine? Have you got any similar problem ?

Upvotes: 0

Views: 1019

Answers (2)

schulz
schulz

Reputation: 11

You can set where gcloud stores it's configs using the environment variable CLOUDSDK_CONFIG

environment {
  CLOUDSDK_CONFIG = "${env.WORKSPACE}"
}

I had the same problem and that worked for me.

Upvotes: 1

Shawlz
Shawlz

Reputation: 648

A better approach would be to Login to GKE via Kubernetes service account with token and using a kubeconfig file instead of activating a google service account.

This has several advantages including Kubernetes RBAC support, controlling blast radius should your credentials be compromised, etc. You can read more about using RBAC Authorization here.

Upvotes: 1

Related Questions