I am trying to run a somewhat sophisticated build - a Cloud Run job deployed from a Cloud Build trigger copying sources from a git repo, it also uses some secrets from Secret Manager. I keep getting an error from docker as if I had not specified the build directory, even though I did, as you can see from my cloudbuild.yaml. I have also seen https://www.googlecloudcommunity.com/gc/Developer-Tools/Using-GCP-secrets-as-part-of-cloud-build/m-p... this post and the last message in it, but it did not help, unfortunately. What am I doing incorrectly?
The error is :
"docker build" requires exactly 1 argument.
The log from the builder:
HEAD is now at 1d904ab WIP
BUILD
Starting Step #0 - "build image"
Step #0 - "build image": Already have image (with digest): gcr.io/cloud-builders/docker
Step #0 - "build image": "docker build" requires exactly 1 argument.
Step #0 - "build image": See 'docker build --help'.
Step #0 - "build image":
Step #0 - "build image": Usage: docker build [OPTIONS] PATH | URL | -
Step #0 - "build image":
Step #0 - "build image": Build an image from a Dockerfile
Finished Step #0 - "build image"
ERROR
ERROR: build step 0 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
my cloudbuild.yaml:
steps:
- id: "build image"
name: "gcr.io/cloud-builders/docker"
entrypoint: 'bash'
args:
['-c', 'docker build --build-arg CONTAINER_PRIVATE_KEY=$$PRIVATE_KEY --build-arg CONTAINER_PUBLIC_KEY=$$PUBLIC_KEY -t gcr.io/${PROJECT_ID}/${_JOB_NAME} .']
secretEnv: [ 'PRIVATE_KEY', 'PUBLIC_KEY' ]
- id: "push image"
name: "gcr.io/cloud-builders/docker"
args: [ "push", "gcr.io/${PROJECT_ID}/${_JOB_NAME}" ]
- id: "deploy to cloud run"
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: gcloud
args:
[
'beta', 'run', '${_JOB_NAME}',
'--image', 'gcr.io/${PROJECT_ID}/${_JOB_NAME}',
'--region', '${_REGION}',
'--set-env-vars', "BUCKET=${_BUCKET}",
'--set-env-vars', "MNT_DIR=${_MNT_DIR}"
]
images:
- "gcr.io/${PROJECT_ID}/${_JOB_NAME}"
availableSecrets:
secretManager:
- versionName: "projects/${_PROJECT_ID_NUMBER}/secrets/${_CONTAINER_PRIVATE_KEY_SECRET_NAME}/versions/latest"
env: "PRIVATE_KEY"
- versionName: "projects/${_PROJECT_ID_NUMBER}/secrets/${_CONTAINER_PUBLIC_KEY_SECRET_NAME}/versions/latest"
env: "PUBLIC_KEY"
Solved! Go to Solution.
I have managed to figure out what was causing the issue, below is the correct argument string (it goes in the args):
["-c", "docker build --build-arg 'CONTAINER_PRIVATE_KEY=$$PRIVATE_KEY' --build-arg 'CONTAINER_PUBLIC_KEY=$$PUBLIC_KEY' -t gcr.io/${PROJECT_ID}/${_JOB_NAME} ."]
The problem was the lack of single quotes around build-args' values. Basically, in this context a `build-arg` value is a single string, not a key-value pair.
Hi @vadim-vi,
Welcome to Google Cloud Community!
docker build .
docker build /path/to/Dockerfile
steps:
- id: "build image"
name: "gcr.io/cloud-builders/docker"
entrypoint: 'bash'
args:
['-c', 'docker build --build-arg CONTAINER_PRIVATE_KEY=$$PRIVATE_KEY --build-arg CONTAINER_PUBLIC_KEY=$$PUBLIC_KEY -t gcr.io/${PROJECT_ID}/${_JOB_NAME} /path/to/Dockerfile']
secretEnv: [ 'PRIVATE_KEY', 'PUBLIC_KEY' ]
Hello, thanks for your reply,
But surely I do have the build directory argument - it is right in the end of my bash command (the dot).
Moreover, I believe that the issue is somehow related to build args in my command - I tried running the build without them, and cloud build actually started building the image. I suspect that it might be some sort of issue with the parsing of build args in this context?
Hi @vadim-vi,
Thanks for the feedback.
args:
['-c', 'docker build --build-arg CONTAINER_PRIVATE_KEY=$$PRIVATE_KEY --build-arg CONTAINER_PUBLIC_KEY=$$PUBLIC_KEY . -t gcr.io/${PROJECT_ID}/${_JOB_NAME}']
In fact, I did try running it on the local machine (with dummy data for secrets) and it actually built an image.
I have already checked the permissions on secrets, and no, that was not the issue, because earlier when I did have problems with permissions, cloud build explicitly reported that. Once I set the permissions properly, that error disappeared and I encountered the "one argument" issue.
What really puzzles me is that I basically took the code from here, and the post indicates that this command should work, but it does not!
I have managed to figure out what was causing the issue, below is the correct argument string (it goes in the args):
["-c", "docker build --build-arg 'CONTAINER_PRIVATE_KEY=$$PRIVATE_KEY' --build-arg 'CONTAINER_PUBLIC_KEY=$$PUBLIC_KEY' -t gcr.io/${PROJECT_ID}/${_JOB_NAME} ."]
The problem was the lack of single quotes around build-args' values. Basically, in this context a `build-arg` value is a single string, not a key-value pair.