我的书签
添加书签
移除书签Configuring GCS Artifact Credentials
Spinnaker supports using GCS objects as artifacts.
Spinnaker stages that read data from artifacts can consume GCS objects as artifacts.
Prerequisites
You need a Google Cloud Platform (GCP) project to host a bucket in. The next steps assume you’ve already created a project , and installed <code>gcloud</code> . You can check that gcloud is installed and authenticated by running:
gcloud info
Downloading credentials
Spinnaker needs a service account to authenticate as against GCP, with the roles/storage.admin role enabled. If you don’t already have such a service account with the corresponding JSON key downloaded, you can run the following commands to do so:
SERVICE_ACCOUNT_NAME=spin-gcs-artifacts-accountSERVICE_ACCOUNT_DEST=~/.gcp/gcs-artifacts-account.jsongcloud iam service-accounts create \$SERVICE_ACCOUNT_NAME \--display-name $SERVICE_ACCOUNT_NAMESA_EMAIL=$(gcloud iam service-accounts list \--filter="displayName:$SERVICE_ACCOUNT_NAME" \--format='value(email)')PROJECT=$(gcloud config get-value project)gcloud projects add-iam-policy-binding $PROJECT \--role roles/storage.admin --member serviceAccount:$SA_EMAILmkdir -p $(dirname $SERVICE_ACCOUNT_DEST)gcloud iam service-accounts keys create $SERVICE_ACCOUNT_DEST \--iam-account $SA_EMAIL
Once you have run these commands, your GCS JSON key is sitting in a file called $SERVICE_ACCOUNT_DEST.
Editing Your Artifact Settings
All that’s required are the following values:
# Same as in Prerequisites section aboveSERVICE_ACCOUNT_DEST=~/.gcp/gcs-artifacts-account.jsonARTIFACT_ACCOUNT_NAME=my-gcs-artifact-account
First, enable artifact support .
Next, add an artifact account:
hal config artifact gcs account add $ARTIFACT_ACCOUNT_NAME \--json-path $SERVICE_ACCOUNT_DEST
And enable GCS artifact support:
hal config artifact gcs enable
There are more options described here if you need more control over your configuration.
Last modified May 7, 2021: docs(migration): fix imgs and links (9a18ce6)
