This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

I can not run deploy in the "Managing infrastructure as code with Terraform, Cloud Build, and GitOps

Posted 2 weeks ago
anlex_N
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I can not run Managing infrastructure as code with Terraform, Cloud Build, and GitOps 

step: Click Show all checks and wait for the check to become green. can not pass

anlex_N_0-1751529090674.pnganlex_N_1-1751529121252.png

Managing infrastructure as code with Terraform, Cloud Build, and GitOps docs use service accout: projectNumber@cloudbuild.gserviceaccount.com

But I can not select this service accout when I create Cloud Build trigger. and service account must be selected. so I tried to select "my-service-account@even-autonomy-464301-n0.iam.gserviceaccount.com" and give it correct role, however, build is still failed.

I insert "logsBucket: 'gs://even-autonomy-464301-n0-tfstate'" into cloudbuild.yaml, build is success.

anlex_N_0-1751532512532.png

But how to not update cloudbuild.yaml so that build also can be success?

If cloudbuild.yaml really need to be updated, I can contribute source code to original repo , but original repo have so many pull requests to merge, so I think original repo is not health.

Solved Solved
0 2 109
Topic Labels
Jump to Solution
0 Likes
Reply
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
francislouie
Staff
Reply posted on --/--/---- --:-- AM

Hi anlex_N,

Welcome to Google Cloud Community!

I tried to follow the tutorial/guide and encountered the same error.

If you're using a user-specified service account, please follow the relevant guide. For legacy service accounts, review the applicable Organization Policies/Organization Policy Constraints. As a best practice, it is recommended that you specify your own service account to run your builds.

As a workaround you have three option:

  1. specify build.logs_bucket
  2. specify CLOUD_LOGGING in the yaml file
  3. specify NONE in the yaml file. 

Additionally, a relevant thread on the GCC forum that might help you. 

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

View solution in original post

Jump to Solution
Reply
2 REPLIES 2

Posted on --/--/---- --:-- AM
francislouie
Staff
Reply posted on --/--/---- --:-- AM

Hi anlex_N,

Welcome to Google Cloud Community!

I tried to follow the tutorial/guide and encountered the same error.

If you're using a user-specified service account, please follow the relevant guide. For legacy service accounts, review the applicable Organization Policies/Organization Policy Constraints. As a best practice, it is recommended that you specify your own service account to run your builds.

As a workaround you have three option:

  1. specify build.logs_bucket
  2. specify CLOUD_LOGGING in the yaml file
  3. specify NONE in the yaml file. 

Additionally, a relevant thread on the GCC forum that might help you. 

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

Jump to Solution
Reply

Posted on --/--/---- --:-- AM
anlex_N
Bronze 1
Bronze 1
In response to francislouie
Reply posted on --/--/---- --:-- AM

@francislouie 

Thanks, you are my friend! Can you give me your email / discord id? I want to add you to my contacts.
Jump to Solution
0 Likes
Reply
Top Labels in this Space
Top Solution Authors
View all