---
title: ConcourseのDocker Image ResourceでGoogle Container Registryを使う
tags: ["Concourse CI", "GCP", "Docker"]
categories: ["Dev", "CI", "ConcourseCI"]
date: 2017-11-26T16:10:09Z
updated: 2017-11-26T16:10:46Z
---

メモ

Service Account KeyのJSONファイルを作成する。

```
export project_id=$(gcloud config get-value project)
export account=gcr-user
export service_account_email=${account}@${project_id}.iam.gserviceaccount.com

gcloud iam service-accounts create gcr-user
gcloud iam service-accounts keys create ~/gcr.key.json --iam-account ${service_account_email}
gcloud projects add-iam-policy-binding ${project_id} --member serviceAccount:${service_account_email} --role roles/storage.admin
```

`~/gcr.key.json`の内容を`credentials.yml`に設定。


``` yml
gcr-key: |
  {
    "type": "service_account",
    "project_id": "..."
    "...": "..."
  }
```

Resource設定は次のように。

``` yml
  - name: docker
    type: docker-image
    source:
      repository: asia.gcr.io/<project_id>/<repo>
      username: _json_key
      password: ((gcr-key))
```


参考URL

* https://cloud.google.com/container-registry/docs/advanced-authentication
* https://github.com/concourse/docker-image-resource/issues/73
* https://medium.com/google-cloud/using-googles-private-container-registry-with-docker-1b470cf3f50a