I’m currently evaluating a Cloud transition for my organization, specifically Google Cloud, we currently use Octopus Server on premisis, and would like to continue using it in the cloud. I spun up Octopus Cloud and attempted to integrate with Google, with no luck. The primary use case would be Google Kubernetes Engine (GKE), but when I tried to get connected to Google Cloud’s container registry, the only authentication method available in Octopus for a container registry is a username and password, which is not an authentication method offered by Google Cloud for its container registries.
In their documentation, they support command line utiilies like gcloud credential helper, but they also support access tokens and JSON key files. Am I missing something obvious about how to connect them up, or is it just not an option? If not, is it anywhere on the roadmap to properly integrate with Google Cloud’s Container/Kubernetes services like it already does with Azure and AWS? I would really hate to stop using Octopus as we move to cloud.
I believe you can use Octopus with Google Cloud’s Container Registry.
As you have seen, we don’t currently have support for Google service accounts, so you’re correct, you can’t use the gcloud authentication method.
If you follow the json key file procedure from Google’s documentation, you should be able to configure a docker feed in Octopus using _json_key as the username and the key from the file contents as the password.
We are hoping to add first-class support for Google Cloud authentication in the future, so hopefully this story looks a little nicer soon.
If you have any issues getting that working, or there’s anything else we can help with, please don’t hesitate to ask.
Micheal, I found out it wasn’t an authentication issue, it does look like your suggestion should work. What we’re actually running into is Octopus can’t seem to properly identify a feed API. I turned off authentication for testing purposes, and just can’t seem to hit the right spot.
And when I test I get: Feed endpoint https://gcr.io/my-project-1234 does not appear to expose a valid Docker API.
I’ve been messing with it for a bit, trying every possible URL (google does some redirects if you try to browse to the feed, and I’ve tried those URLs as well.). I can pull just fine from the feed from command line, but Octopus can’t seem to locate the v2 api. I’ve read documentation on how the v2 API tries to hit the v2/_catalog endpoint, and I can hit that from browser, but Octopus doesn’t like it.
I’ve been looking at Google’s deployment tools (Spinnaker), and they don’t come close to my needs like Octopus does, I’d really like to figure this out so I can make sure we keep using Octopus in cloud.
I must admit I wrestled with this for a while and couldn’t get it to work. This was frustrating, as I knew Octopus can work with GCR as we used GKE for much of our initial testing while developing the k8s functionality in Octopus (we use AKS for our production workloads).
I’m going to add some docs for this. Thanks for reporting back
@marut.singh GKE clusters and GCR feeds both work. The missing piece currently is support for Google service accounts (you currently have to use this approach to authenticate with GCR, as discussed above). This is definitely on our radar, but we haven’t got to it yet.
Similar to @c.jonathan.archer’s question, I would also be interested to know which factors were involved in your organization chosing GKE? Do you use Google Cloud exclusively, or alongside other clouds?
