Prequisites
-
Enable necessary APIs refer
-
Delivery pipeline defined and registered.
gcloud deploy apply --file=clouddeploy.yaml --region=australia-southeast1
-
Enable APIs doco
-
Register your cluser with workload identity (recommended) docs
gcloud container fleet memberships register ap-private-cluster \
--gke-cluster="australia-southeast1/ap-private-cluster" \
--enable-workload-identity
- Grant IAM roles to users/SA refer docs
gcloud projects add-iam-policy-binding gke-demo-347012 \
--member=serviceAccount:my-build-sa@gke-demo-347012.iam.gserviceaccount.com \
--role=roles/gkehub.gatewayEditor
gcloud projects add-iam-policy-binding gke-demo-347012 \
--member=serviceAccount:my-build-sa@gke-demo-347012.iam.gserviceaccount.com \
--role=roles/gkehub.viewer