In my case, I had another Cloud Run service with a public URL in the same project (and network), which was accessed by another VM in the network, but then it started failing because it couldn't resolve the URL anymore after creating the Cloud DNS zone.
Please consider adding a warning or setting --dns-name="$SERVICE_URL_WITHOUT_HTTPS_PREFIX.".
Just a small problem I had:
At https://codelabs.developers.google.com/codelabs/how-to-access-internal-only-service-while-retaining-internet#4, subsection "Create Cloud DNS zone for run.app URLs" the DNS zone is created with
--dns-name="a.run.app."
, which works fine in isolation, but affects all Cloud Run services that may exist in the project (while the DNS record set is only created for the internal Cloud Run that we are trying to connect to).In my case, I had another Cloud Run service with a public URL in the same project (and network), which was accessed by another VM in the network, but then it started failing because it couldn't resolve the URL anymore after creating the Cloud DNS zone.
Please consider adding a warning or setting
--dns-name="$SERVICE_URL_WITHOUT_HTTPS_PREFIX."
.