我正在使用 Gitlab CI 构建 docker 映像并将它们推送到 GCR。我的脚本是这样的 -
build:
image: google/cloud-sdk
services:
- docker:dind
stage: build
cache:
script:
- echo "$GCP_SERVICE_KEY" > gcloud-service-key.json # Google Cloud service accounts
- gcloud auth activate-service-account --key-file gcloud-service-key.json
- gcloud auth configure-docker --quiet
- gcloud config set project $GCP_PROJECT_ID
- echo ${IMAGE_NAME}:${IMAGE_TAG}
- PYTHONUNBUFFERED=1 gcloud builds submit -t ${IMAGE_NAME}:${IMAGE_TAG} .
only:
- master
我收到了这个错误-
ERROR: (gcloud.builds.submit) HTTPError 403: <service account name>@<projectname>.iam.gserviceaccount.com does not have storage.buckets.list access to project <projectid>.
授予服务帐户Cloud Editor权限后,我收到错误 -
ERROR: (gcloud.builds.submit) User [<service account name>@<projectname>.iam.gserviceaccount.com] does not have permission to access b [<bucker_name>] (or it may not exist): <service account name>@<projectname>.iam.gserviceaccount.com does not have storage.buckets.get access to <bucket_name>
我必须向服务帐户授予什么权限才能实现这一目标?