Open stephen-soltesz opened 6 years ago
@nkinkade Would we have to create the buckets manually if we targeted a new GCP project? or, are there scripts that do this automatically?
@stephen-soltesz: it is currently a manual process. I guess my question is where this sort of documentation should go, and whether this particular issue is just one small part of the larger issue that nearly all of our GCS buckets, as far as I know, were created manually and had ACLs applied manually.
I'm confident that our "just so" configs of gcp projects are going to bite us one day -- I just don't know which day (could be a long time). The passage of time makes this worse not better. That's the main motivation here. A secondary reason could be making k8s-support re-usable by not-us. That's under specified though.
@stephen-soltesz: Is this still an issue? CloudBuild needs write access to the bucket, as do Operators (when running the bootstrap_platform_cluster.sh script. This almost seems like a part of the larger issue of having adhoc ACLs manually configured throughout each project. Not sure if this issue is still relevant?