在Cloud雲端Shell命令行中执行以下操作以实现Google Artifact Registry的多个项目访问:
gcloud iam service-accounts create my-sa --display-name "My Service Account"
gcloud projects add-iam-policy-binding project-a \
--member "serviceAccount:my-sa@project-a.iam.gserviceaccount.com" \
--role "roles/artifactregistry.reader"
gcloud iam service-accounts keys create key.json --iam-account=my-sa@project-a.iam.gserviceaccount.com
gcloud auth activate-service-account --key-file=key.json
gcloud services enable artifactregistry.googleapis.com
gcloud artifacts repositories list \
--project=project-a \
--region=us-central1
gcloud projects add-iam-policy-binding project-b \
--member "serviceAccount:my-sa@project-a.iam.gserviceaccount.com" \
--role roles/artifactregistry.reader
现在,您可以在项目B中读取存储在项目A的Artifact Registry库中的Docker映像或Maven库。例如,从项目B中列出项目A中的Maven存储库:
gcloud artifacts repositories list --project=project-a --repository-format=maven --region=us-central1
上一篇:不同项目的单一依赖目录