I am using this command to trigger a build from project A and execute the build in project B.
My command is :
gcloud builds submit --verbosity=debug --project=dev_project --config=build.yaml
and getting the errors from the build logs:
DEBUG: (gcloud.builds.submit)
Step #0 - "Kicking off Build/Release": The build is running, and logs are being written to the default logs bucket.
Step #0 - "Kicking off Build/Release": This tool can only stream logs if you are Viewer/Owner of the project and, if applicable, allowed by your VPC-SC security policy.
Step #0 - "Kicking off Build/Release":
Step #0 - "Kicking off Build/Release": The default logs bucket is always outside any VPC-SC security perimeter.
Step #0 - "Kicking off Build/Release": If you want your logs saved inside your VPC-SC perimeter, use your own bucket.
Step #0 - "Kicking off Build/Release": See https://cloud.google.com/build/docs/securing-builds/store-manage-build-logs.
Step #0 - "Kicking off Build/Release": Traceback (most recent call last):
Step #0 - "Kicking off Build/Release": File "/usr/lib/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line 987, in Execute
Step #0 - "Kicking off Build/Release": resources = calliope_command.Run(cli=self, args=args)
Step #0 - "Kicking off Build/Release": File "/usr/lib/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py", line 807, in Run
Step #0 - "Kicking off Build/Release": resources = command_instance.Run(args)
Step #0 - "Kicking off Build/Release": File "/usr/lib/google-cloud-sdk/lib/surface/builds/submit.py", line 220, in Run
Step #0 - "Kicking off Build/Release": build, _ = submit_util.Build(
Step #0 - "Kicking off Build/Release": File "/usr/lib/google-cloud-sdk/lib/googlecloudsdk/command_lib/builds/submit_util.py", line 922, in Build
Step #0 - "Kicking off Build/Release": build = cb_logs.CloudBuildClient(client, messages, support_gcl).Stream(
Step #0 - "Kicking off Build/Release": File "/usr/lib/google-cloud-sdk/lib/googlecloudsdk/api_lib/cloudbuild/logs.py", line 541, in Stream
Step #0 - "Kicking off Build/Release": raise t.exception
Step #0 - "Kicking off Build/Release": googlecloudsdk.api_lib.cloudbuild.logs.DefaultLogsBucketIsOutsideSecurityPerimeterException:
Step #0 - "Kicking off Build/Release": The build is running, and logs are being written to the default logs bucket.
Step #0 - "Kicking off Build/Release": This tool can only stream logs if you are Viewer/Owner of the project and, if applicable, allowed by your VPC-SC security policy.
I have already provided the access LogsWriter, Viewer to my service account for both Project A and Project B.
How to solve this issue ?
LinkedIn
Twitter
