https://pulumi.com logo
#general
Title
# general
j

jolly-lifeguard-22556

02/27/2019, 5:43 PM
Has anything changed recently in terms of how
@pulumi/docker
interacts with GCP container registry based on your credentials? I'm using a service account with full project permissions but am unable to push docker images:
Caller does not have permission 'storage.buckets.create'. To configure permissions, follow instructions at: <https://cloud.google.com/container-registry/docs/access-control>
. In the past this just worked and I didn't have to go through any extra steps or set up to be able to push up images
w

white-balloon-205

02/27/2019, 6:19 PM
I'm not aware of anything changing on our side. Certainly nothing has changed in
@pulumi/docker
. Are you relying on ambient credentials configured via
gcloud
, or are you passing credentials through expciitly (I seem to recall the GCR only supports the former?)?
j

jolly-lifeguard-22556

02/27/2019, 7:11 PM
Yeah thanks for the hint I figured it out. Had some stuff left over in my local .docker/config.json that was attempting to pull
gcloud
into the picture
Is there a way with Pulumi to be able to access the $GOOGLE_CREDENTIALS that are being used by the program to authenticate with the Container Registry? I want to avoid having to explicitly read in the key file and pass it through with the docker image registry configuration in Pulumi since I'm already using a Service Account for deployments that has the right permissions