Using a private registry in same project is not working

[chrislovecnm]

I have added the missing oauth scope in https://github.com/GoogleCloudPlatform/gke-terraform-generator/pull/21 and for some reason it is not working :(

I am getting docker login issues on the nodes. Here is my yaml in order to recreate:

kind: gke-cluster
metadata:
  name: "test-cluster"
spec:
  region: "us-west2"
  private: "false"
  regional: "false"
  zones: 
    - "us-west2-c"
  addons:
    istio: false
    binaryAuth: false
  network:
    metadata:
      name: my-network
    spec:
      subnetName: my-subnet
      subnetRange: "10.0.0.0/24"
      podSubnetRange: "10.1.0.0/16"
      serviceSubnetRange: "10.2.0.0/20"
      masterIPV4CIDRBlock: "172.16.0.16/28"
  nodePools:
    - metadata:
        name: my-node-pool
      spec:
        minCount: 2
        maxCount: 2
        initialNodeCount: 2
        machineType: n1-standard-2
        preemptible: true

This is a public cluster and needs my other PR merged for the cluster to even launch.

[chrislovecnm]

@bgeesaman I remember that you had the same issue during training. Was the cluster created with gke-tf?

[bgeesaman]

My “fix” was to grant the missing IAM storage viewer in the demo

[chrislovecnm]

What oauth role?

[bgeesaman]

I added an IAM role with storage viewer. Devstorage.read_only oauth was fine.

On Mon, Sep 9, 2019 at 11:35 AM Chris Love notifications@github.com wrote:

What oauth role?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/GoogleCloudPlatform/gke-terraform-generator/issues/23?email_source=notifications&email_token=AA4YKCNWU76QF4BAPVO24GLQI2JOZA5CNFSM4IUUVGNKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6ITL2Q#issuecomment-529610218, or mute the thread https://github.com/notifications/unsubscribe-auth/AA4YKCPNNIFZS7YAJH3ZYJTQI2JOZANCNFSM4IUUVGNA .