Hello,
I’ve been trying for a few days to get the “authenticating to Google container registry” directions working: https://circleci.com/docs/2.0/google-auth/
I copied and pasted the example found at that link and keep checking my yaml syntax but I keep getting the error: “Error parsing config file: yaml: line 5: mapping values are not allowed in this context” . I did successfully pull the image and run it using the machine executor step that involves a manual docker login call here: https://circleci.com/docs/2.0/private-images/ to confirm that my google environment service key was working.
Using circleci’s authentication to enter into the docker container would be much less clunky than manually pulling/running the private image and then sending commands to the running docker container.
I’m providing the yaml stubs that are working, and not working (I did scrub some sensitive information that is not relevant to the actual config syntax and are build and deploy code calls.)
First, the syntax that is not working:
#trying to match gcr syntax here: https://circleci.com/docs/2.0/google-auth/
I tried several tags including the sha digest tag for the image that I had created earlier for the pushed image, and none worked.
version: 2
jobs:
build:
docker:
- image: us.gcr.io/my-account/image1:v1.0.4
auth:
username: _json_key
password: $MY_GCLOUD_SERVICE_KEY
#rest of my commands - gave a stub to see flow of code.
working_directory: ~/my_repo/
steps:
- checkout
- run:
shell: /bin/bash -e
command: |
......(commands/rest of code that is not being flagged by circleci as error)
This is the working machine version login. Note that I first had to save my GCR/google cloud
project key into a json file for the _json_key to work. I am wondering if just passing the environment
variable above is the bug?
I also found that I needed us.gcr.io and not just gcr.io to tag the gcr repo for the manual login version.
version: 2
jobs:
build:
machine: true
working_directory: ~/my_repo/
steps:
# Docker is preinstalled, along with docker-compose
- checkout
# start proprietary DB using private Docker image
# https://medium.com/google-cloud/using-googles-private-container-registry-with-docker-1b470cf3f50a
#service key is circleci environment variable
- run: |
echo $MY_GCLOUD_SERVICE_KEY | base64 -d > servicekey.json
docker login -u _json_key -p "$(cat servicekey.json)" https://us.gcr.io
docker run -d --name db us.gcr.io/my-account/image1:v1.0.4
Any tips? I know oftentimes circleci errors concern yaml. I’ve spent quite a while trying to root out where the yaml error could be around the auth: step though and putting the code into a yaml validator isn’t giving clues.