What is the best way to deploy your Google service account credentials inside a CentOS Docker custom container to run in the Google Container Engine or in their vm container? This happens automatically in the google / cloud-sdk container, which launches debian and includes something that I donβt use, for example app-eng / java / php. Ideally, I try to access non-public resources within my project, for example, Google Cloud Storage, without registration and authorization every time a large number of these containers are launched.
For example, on a Centos base container running on GCE with installed code and gcloud / gsutil, at startup:
docker run --rm -ti custom-container gsutil ls
You will be prompted to run "gsutil config" to get the authorization that I expect.
However, pulling the google / cloud-sdk container into the same GCE and executing the same command, he seems to have skillfully configured credential inheritance (perhaps from host-vm-host credentials?). It seems that he circumvented the launch of "gsutil config" when starting the container in GCE to access private resources.
I want to reproduce this behavior in a minimal Centos container for mass deployment.
source share