From 06a1de42c86fde66609c9094006b3a74a51a30cf Mon Sep 17 00:00:00 2001 From: David Gageot Date: Thu, 16 Jan 2020 09:19:43 +0100 Subject: [PATCH] =?UTF-8?q?There=E2=80=99s=20no=20`gcsBucket`=20config=20a?= =?UTF-8?q?nymore?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: David Gageot --- integration/examples/kaniko/README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/integration/examples/kaniko/README.md b/integration/examples/kaniko/README.md index 40532b8f6d0..65650ed3407 100644 --- a/integration/examples/kaniko/README.md +++ b/integration/examples/kaniko/README.md @@ -2,6 +2,18 @@ This is an example demonstrating: -* **building** a single Go file app and with a single stage `Dockerfile` using [kaniko](https://github.com/GoogleContainerTools/kaniko) to build on a K8S cluster directly from a local build context +* **building** a single Go file app and with a single stage `Dockerfile` using [kaniko](https://github.com/GoogleContainerTools/kaniko) to build on a K8S cluster * **tagging** using the default tagPolicy (`gitCommit`) * **deploying** a single container pod using `kubectl` + +### GCP + +If you are on GCP, create a [Service Account](https://cloud.google.com/iam/docs/understanding-service-accounts) for Kaniko that has permissions to pull and push images from/to `gcr.io`. + +Download the json service account file, rename the file to `kaniko-secret` (do not append .json to the filename) and create a Kubernetes secret using the following example: + +``` +kubectl create secret generic kaniko-secret --from-file=kaniko-secret +``` + +Note the name of the secret *AND* the key must be `kaniko-secret`