Cloud Build fails with resource location constraint
up vote
0
down vote
favorite
We have a policy in place which restricts resources to EU regions.
When I try to execute a cloud build, gcloud wants to create a bucket (gs://[PROJECT_ID]_cloudbuild) to store staging sources. This step fails, because the default bucket location ('us') is used:
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
As a workaround I tried to pass an existing bucket located in a valid region (using --gcs-source-staging-dir), but I got the same error.
How can this be solved?
Here the HTTP logs:
$ gcloud --log-http builds submit --gcs-source-staging-dir gs://my-custom-bucket/staging
--tag gcr.io/xxxxxxxxxx/quickstart-image .
=======================
==== request start ====
uri: https://www.googleapis.com/storage/v1/b?project=xxxxxxxxxx&alt=json
method: POST
== headers start ==
accept: application/json
content-type: application/json
== headers end ==
== body start ==
{"name": "my-custom-bucket"}
== body end ==
==== request end ====
---- response start ----
-- headers start --
server: UploadServer
status: 412
-- headers end --
-- body start --
{
"error": {
"errors": [
{
"domain": "global",
"reason": "conditionNotMet",
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’",
"locationType": "header",
"location": "If-Match"
}
],
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
}
}
-- body end --
---- response end ----
----------------------
ERROR: (gcloud.builds.submit) HTTPError 412: 'us' violates constraint ‘constraints/gcp.resourceLocations’
google-cloud-platform asked Nov 8 at 11:17
Black
738
add a comment |
up vote
0
down vote
favorite
We have a policy in place which restricts resources to EU regions.
When I try to execute a cloud build, gcloud wants to create a bucket (gs://[PROJECT_ID]_cloudbuild) to store staging sources. This step fails, because the default bucket location ('us') is used:
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
As a workaround I tried to pass an existing bucket located in a valid region (using --gcs-source-staging-dir), but I got the same error.
How can this be solved?
Here the HTTP logs:
$ gcloud --log-http builds submit --gcs-source-staging-dir gs://my-custom-bucket/staging
--tag gcr.io/xxxxxxxxxx/quickstart-image .
=======================
==== request start ====
uri: https://www.googleapis.com/storage/v1/b?project=xxxxxxxxxx&alt=json
method: POST
== headers start ==
accept: application/json
content-type: application/json
== headers end ==
== body start ==
{"name": "my-custom-bucket"}
== body end ==
==== request end ====
---- response start ----
-- headers start --
server: UploadServer
status: 412
-- headers end --
-- body start --
{
"error": {
"errors": [
{
"domain": "global",
"reason": "conditionNotMet",
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’",
"locationType": "header",
"location": "If-Match"
}
],
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
}
}
-- body end --
---- response end ----
----------------------
ERROR: (gcloud.builds.submit) HTTPError 412: 'us' violates constraint ‘constraints/gcp.resourceLocations’
asked Nov 8 at 11:17
Black
738
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
We have a policy in place which restricts resources to EU regions.
When I try to execute a cloud build, gcloud wants to create a bucket (gs://[PROJECT_ID]_cloudbuild) to store staging sources. This step fails, because the default bucket location ('us') is used:
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
As a workaround I tried to pass an existing bucket located in a valid region (using --gcs-source-staging-dir), but I got the same error.
How can this be solved?
Here the HTTP logs:
$ gcloud --log-http builds submit --gcs-source-staging-dir gs://my-custom-bucket/staging
--tag gcr.io/xxxxxxxxxx/quickstart-image .
=======================
==== request start ====
uri: https://www.googleapis.com/storage/v1/b?project=xxxxxxxxxx&alt=json
method: POST
== headers start ==
accept: application/json
content-type: application/json
== headers end ==
== body start ==
{"name": "my-custom-bucket"}
== body end ==
==== request end ====
---- response start ----
-- headers start --
server: UploadServer
status: 412
-- headers end --
-- body start --
{
"error": {
"errors": [
{
"domain": "global",
"reason": "conditionNotMet",
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’",
"locationType": "header",
"location": "If-Match"
}
],
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
}
}
-- body end --
---- response end ----
----------------------
ERROR: (gcloud.builds.submit) HTTPError 412: 'us' violates constraint ‘constraints/gcp.resourceLocations’
asked Nov 8 at 11:17
Black
738
We have a policy in place which restricts resources to EU regions.
When I try to execute a cloud build, gcloud wants to create a bucket (gs://[PROJECT_ID]_cloudbuild) to store staging sources. This step fails, because the default bucket location ('us') is used:
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
As a workaround I tried to pass an existing bucket located in a valid region (using --gcs-source-staging-dir), but I got the same error.
How can this be solved?
Here the HTTP logs:
$ gcloud --log-http builds submit --gcs-source-staging-dir gs://my-custom-bucket/staging
--tag gcr.io/xxxxxxxxxx/quickstart-image .
=======================
==== request start ====
uri: https://www.googleapis.com/storage/v1/b?project=xxxxxxxxxx&alt=json
method: POST
== headers start ==
accept: application/json
content-type: application/json
== headers end ==
== body start ==
{"name": "my-custom-bucket"}
== body end ==
==== request end ====
---- response start ----
-- headers start --
server: UploadServer
status: 412
-- headers end --
-- body start --
{
"error": {
"errors": [
{
"domain": "global",
"reason": "conditionNotMet",
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’",
"locationType": "header",
"location": "If-Match"
}
],
"code": 412,
"message": "'us' violates constraint ‘constraints/gcp.resourceLocations’"
}
}
-- body end --
---- response end ----
----------------------
ERROR: (gcloud.builds.submit) HTTPError 412: 'us' violates constraint ‘constraints/gcp.resourceLocations’
asked Nov 8 at 11:17
Black
738
asked Nov 8 at 11:17
Black
738
edited Nov 8 at 12:46
asked Nov 8 at 11:17
Black
738
asked Nov 8 at 11:17
Black
738
asked Nov 8 at 11:17
Black
738
738
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
Cloud Build will use a default bucket to store logs. You can try to add logsBucket field to the build config file with a specific bucket like in the snippet:
steps:
- name: 'gcr.io/cloud-builders/go'
args: ['install', '.']
logsBucket: 'gs://mybucket'
You can find detailed information about the build configuration file here
answered Nov 8 at 12:18
dhauptman
1055
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Cloud Build will use a default bucket to store logs. You can try to add logsBucket field to the build config file with a specific bucket like in the snippet:
steps:
- name: 'gcr.io/cloud-builders/go'
args: ['install', '.']
logsBucket: 'gs://mybucket'
You can find detailed information about the build configuration file here
answered Nov 8 at 12:18
dhauptman
1055
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
add a comment |
up vote
0
down vote
Cloud Build will use a default bucket to store logs. You can try to add logsBucket field to the build config file with a specific bucket like in the snippet:
steps:
- name: 'gcr.io/cloud-builders/go'
args: ['install', '.']
logsBucket: 'gs://mybucket'
You can find detailed information about the build configuration file here
answered Nov 8 at 12:18
dhauptman
1055
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
add a comment |
up vote
0
down vote
up vote
0
down vote
Cloud Build will use a default bucket to store logs. You can try to add logsBucket field to the build config file with a specific bucket like in the snippet:
steps:
- name: 'gcr.io/cloud-builders/go'
args: ['install', '.']
logsBucket: 'gs://mybucket'
You can find detailed information about the build configuration file here
answered Nov 8 at 12:18
dhauptman
1055
Cloud Build will use a default bucket to store logs. You can try to add logsBucket field to the build config file with a specific bucket like in the snippet:
steps:
- name: 'gcr.io/cloud-builders/go'
args: ['install', '.']
logsBucket: 'gs://mybucket'
You can find detailed information about the build configuration file here
answered Nov 8 at 12:18
dhauptman
1055
answered Nov 8 at 12:18
dhauptman
1055
answered Nov 8 at 12:18
dhauptman
1055
answered Nov 8 at 12:18
dhauptman
1055
1055
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
add a comment |
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
The problem is not the logs dir but the staging dir.
– Black
Nov 8 at 12:44
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Sorry Black, I misunderstood your question at a first glance. Since you are using "Resource Location Restriction", the way to go is --gcs-source-staging-dir as you have done. Did you check if the user/service account gcloud is logged in has write access to the custom bucket location?
– dhauptman
Nov 8 at 14:34
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Permissions are fine. As you can see in the logs the API for bucket creation is called without location property (which defaults to 'us' location as per API documentation: https://cloud.google.com/storage/docs/json_api/v1/buckets/insert ).
– Black
Nov 8 at 15:08
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
Maybe is worth to change the location of the Container Registry where the image is hosted. 'gcr.io' hosts the images in the United States. You can tag your image with 'eu.gcr.io' host name for example. In this documentation you can find more options.
– dhauptman
Nov 8 at 15:58
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
This was one of the things I tried, without success.
– Black
Nov 8 at 16:09
add a comment |
draft saved
draft discarded
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53206667%2fcloud-build-fails-with-resource-location-constraint%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
