Semaphore includes the gcloud
command for authenticating to the
various Google Container Registry endpoints. You'll need to create a
service account with access to Cloud Storage with an authentication key
to set this up. Download the service account's authentication key to
your computer. Assume it's in key.json
. The key.json
is used to
authenticate to the service account which is used to authenticate to
the registries.
- Base64 encode the
key.json
and save the output:base64 key.json
- Create a new file
secret.yml
and paste in the content:
# secret.yml
apiVersion: v1alpha
kind: Secret
metadata:
name: GCP
data:
files:
- path: .secrets.gcp.json
content: PASTE_BASE64_ENCODED_CONTENT_HERE
- Create the
GCP
secret withsem
:sem create -f secret.yml
.semaphore/semaphore.yml
version: "v1.0"
name: First pipeline example
agent:
machine:
type: e1-standard-2
os_image: ubuntu1804
blocks:
- name: "Push Image"
task:
secrets:
- name: GCP
prologue:
commands:
# Authenticate using the file injected from the secret
- gcloud auth activate-service-account --key-file=.secrets.gcp.json
# Don't forget -q to silence confirmation prompts
- gcloud auth configure-docker -q
- checkout
jobs:
- name: Docker build
commands:
# Replace with your GCP Project ID
- docker build -t "asia.gcr.io/YOUR_GCP_PROJECT_ID/semaphore-example:${SEMAPHORE_GIT_SHA:0:7}" .
- docker push "asia.gcr.io/GCP_PROJECT_ID/semaphore-example:${SEMAPHORE_GIT_SHA:0:7}"