Search code examples
google-cloud-platformgoogle-cloud-rungoogle-cloud-buildgoogle-secret-manager

gcloud alpha run deploy --set-secrets flag does not work: "should be either `latest` or a positive integer"

I fail when trying to use injecting my cloud secret to my cloud run services as environment variable. I followed the documentation at https://cloud.google.com/sdk/gcloud/reference/alpha/run/deploy#--set-secrets

Here is the relevant portion of the cloudbuild.yml file:

steps:
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'build', '-t', 'eu.gcr.io/$PROJECT_ID/backend:$BUILD_ID', '.' ]
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'push', 'eu.gcr.io/$PROJECT_ID/backend:$BUILD_ID' ]
  - name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
    entrypoint: gcloud
    args:
      - 'alpha'
      - 'run'
      - 'deploy'
      - 'backend'
      - '--image=eu.gcr.io/$PROJECT_ID/backend:$BUILD_ID'
      - '--concurrency=10'
      - '--cpu=1'
      - '--memory=512Mi'
      - '--region=europe-west4'
      - '--min-instances=1'
      - '--max-instances=2'
      - '--platform=managed'
      - '--port=8080'
      - '--timeout=3000'
      - '--set-env-vars=SQL_CONNECTION=10.0.0.3, SQL_USER=root, SQL_PASSWORD=root, SQL_DATABASE=immobilien'
      - '--set-env-vars=^#^SPRING_PROFILES_ACTIVE=prod'
      - '--set-env-vars=MAIL_SMTP_HOST=smtp.foo.com'
      - '--set-env-vars=MAIL_SMTP_PORT=993'
      - '--set-env-vars=MAIL_SMTP_USER=root'
      - '--set-secrets=[MAIL_SMTP_PASSWORD=mail_smtp_password:1]'
      - '--ingress=internal'
      - '--vpc-connector=cloud-run'
      - '--vpc-egress=private-ranges-only'
      - '--set-cloudsql-instances=abc-binder-3423:europe-west4:data'

This is the error output:

Step #2: Status: Downloaded newer image for gcr.io/google.com/cloudsdktool/cloud-sdk:latest
Step #2: gcr.io/google.com/cloudsdktool/cloud-sdk:latest
Step #2: Skipped validating Cloud SQL API and Cloud SQL Admin API enablement due to an issue contacting the Service Usage  API. Please ensure the Cloud SQL API and Cloud SQL Admin API are activated (see https://console.cloud.google.com/apis/dashboard).
Step #2: Deploying container to Cloud Run service [backend] in project [abc-binder-3423] region [europe-west4]
Step #2: Deploying...
Step #2: failed
Step #2: Deployment failed
Step #2: ERROR: (gcloud.alpha.run.deploy) should be either `latest` or a positive integer
Finished Step #2
ERROR
ERROR: build step 2 "gcr.io/google.com/cloudsdktool/cloud-sdk:latest" failed: step exited with non-zero status: 1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ERROR: (gcloud.builds.submit) build caf4fae8-daae-49d4-9349-6995b1f275e8 completed with status "FAILURE"

I do not understand what is meant by

should be either `latest` or a positive integer
Solution

  • Don't surround the value with brackets.

    --set-secrets=MAIL_SMTP_PASSWORD=mail_smtp_password:1