Docker 无法将图像推送到 Google Cloud Registry

Question

我正在尝试通过 GitLab ci 管道将 Docker 图像推送到 Google Cloud Registry。

映像已构建，但在推送到注册表时出现以下错误。

denied: Token exchange failed for project 'xxx-dev01-xxxxx'. Org Policy Violated: 'eu' violates constraint 'constraints/gcp.resourceLocations'

.gitlab.yaml

deploy:dev:
  allow_failure: true
  extends:
    - .prod
  stage: Deploy
  image: google/cloud-sdk
  services:
    - docker:dind
  variables:
    IMAGE_TAG: "eu.gcr.io/$PROJECT_ID/testapp"
  before_script:
    - echo $GCLOUD_SERVICE_KEY > ${HOME}/gcloud-service-key.json
    - gcloud auth activate-service-account --key-file=${HOME}/gcloud-service-key.json
    - gcloud config set project $DEV_PROJECT_ID
    - gcloud auth configure-docker
    - gcloud services enable containerregistry.googleapis.com
    - docker login -u _json_key --password-stdin https://eu.gcr.io < ${HOME}/gcloud-service-key.json
  script:
    - docker build . -t "$IMAGE_TAG" 
    - docker push $IMAGE_TAG:latest
  when: manual

Answer 1

这似乎违反了您的组织政策之一，即“资源位置”政策。

根据文档，您的公司似乎阻止您将数据存储到此位置（区域）。

https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations

您可能想尝试用此列表中的另一个更改 eu.gcr.io。

https://cloud.google.com/container-registry/docs/pushing-and-pulling#add-registry

Docker 无法将图像推送到 Google Cloud Registry

Docker fails to push images to Google Cloud Registry

docker

google-cloud-platform

gitlab-ci

google-cloud-registry