我制作了一个多级dockerfile,安装我的npm包,然后尝试将它们部署到gcp
问题是当我运行部署时,它告诉我它无法打开配置文件,并且我没有选择活动帐户
WARNING: Could not open the configuration file: [/root/.config/gcloud/configurations/config_default].
ERROR: (gcloud.functions.deploy) You do not currently have an active account selected.
Please run:
$ gcloud auth login
to obtain new credentials, or if you have already logged in with a
different account:
$ gcloud config set account ACCOUNT
to select an already authenticated account to use.
这是我的档案:
FROM node:10.19.0-alpine3.9 AS build
ADD . /app
WORKDIR /app
RUN npm install
FROM google/cloud-sdk
WORKDIR /app
COPY --from=build /app /app
RUN gcloud auth activate-service-account --key-file /app/firebase-service-account.json
RUN gcloud config set project MY_PROJECT
RUN gcloud config set account service-account-email@service-account.iam.gserviceaccount.com
我还编写了一个bash脚本来构建和部署我的云功能
#! /bin/sh
docker build . -f deploy-functions.dockerfile -t cloud-functions-deploy
docker run cloud-functions-deploy gcloud functions deploy event-log-trigger
--project ${GCP_PROJECT_ID}
--entry-point eventLogBuilder
--trigger-event providers/cloud.firestore/eventTypes/document.update
--trigger-resource projects/${GCP_PROJECT_ID}/databases/(default)/documents/events/{eventId}
--region=${GCP_REGION} --stage-bucket=${STAGE_BUCKET} --runtime nodejs10
在我的第一个bash脚本中,我没有--project标志,但需要添加它,因为它表明该命令没有项目。警告似乎是正确的,即使我以root身份运行所有内容,它也无法打开config_default文件。
您可以通过创建entrypoint.sh文件来解决此问题
# entrypoint.sh
# Set your env variables GCP_PROJECT_ID, STAGE_BUCKET, GCP_REGION, ...
gcloud auth activate-service-account --key-file /app/firebase-service-account.json
gcloud config set project $GCP_PROJECT_ID
# your deploy command
gcloud functions deploy event-log-trigger
--entry-point eventLogBuilder
--trigger-event providers/cloud.firestore/eventTypes/document.update
--trigger-resource projects/${GCP_PROJECT_ID}/databases/(default)/documents/events/{eventId}
--region=${GCP_REGION} --stage-bucket=${STAGE_BUCKET} --runtime nodejs10
并在Dockerfile 中设置此信息
# previous stage ...
FROM google/cloud-sdk
WORKDIR /app
COPY --from=build /app /app
RUN chmod +x /app/entrypoint.sh
ENTRYPOINT ["/bin/sh","/app/entrypoint.sh"]
在图像形成后,命令似乎不会持久存在。
RUN gcloud auth activate-service-account --key-file /app/firebase-service-account.json
RUN gcloud config set project MY_PROJECT
RUN gcloud config set account service-account-email@service-account.iam.gserviceaccount.com
我通过运行命令检查了这一点
docker run cloud-functions-deploy gcloud config list
对于身份验证,而不是执行此
RUN gcloud auth activate-service-account --key-file /app/firebase-service-account.json
只需定义env-var
ENV GOOGLE_APPLICATION_CREDENTIALS=/app/firebase-service-account.json
对于项目和帐户,您可以将其添加到gcloud调用的参数中(带有--project和--account标志(。