I Have a ServiceAccount that has permissions to do all sort of things on my GCP project, and a Jenkins pipeline that runs on nightly basis and shutdown one of my GKE environments.
Few days ago i've started noticing random failures on fetching credentials for the cluster, while running the same pipeline again works.
i have the following block of code:
gcloud auth activate-service-account --key-file=****
gcloud container clusters get-credentials integration-cluster --zone europe-west1-c --project integration-project
the thing is, on nights it failed i see the following error:
00:00:45 Activated service account credentials for: [jenkins-user@integration-project.iam.gserviceaccount.com]
00:00:46 Fetching cluster endpoint and auth data.
00:00:46 ERROR: (gcloud.container.clusters.get-credentials) ResponseError: code=403, message=Required "container.clusters.get" permission(s) for "projects/integration-project/zones/europe-west1-c/clusters/integration-cluster".
like the serviceAccount if lack of permissions on the project, but nothing has changed and rerun works.
what can be the reason for this? it looks like a bug but....where? i'm using now Google Cloud SDK 319.0.0.
10x