Using build registry with GCP Artifact Registry

I can’t see a way to configure a docker registry in my build step for using Artifact Registry on GCP. Artifact Registry allows json key auth from service account, but the json attributes do not conform with the suggestion in the docs of username, password, and email. Even so, I’m not sure how I’d provide the key file to the build on a remote runner on Kubernetes.

I want to build on Kubernetes and deploy to Kubernetes. The deploy registry seems clear as I can provide the image_secret key name to auth there, but image_secret is not valid config for the build docker registry.

Anyone have suggestions or success with this?

Ok I think I have partially solved the auth issue.

By using the auth json described here

with username as _json_key_base64 and password as the base64 of the service account json key as described here

But now getting error

✓ Building Buildpack with kaniko...
❌ Testing registry and uploading entrypoint layer
! error setting up entrypoint layer to host:
  "", err: Put
  unsupported protocol scheme ""
1 Like

I am having a similar problem did you find a solution?

It seems to be a kaniko issue. This GH issue suggests it might be an oauth scope issue for the cluster Regression: Kaniko 1.7 unstable authentication against GCP Artifact Registry · Issue #1893 · GoogleContainerTools/kaniko · GitHub

Need to verify that. Which means creating new cluster.