GKE access permission error to GCR

[leandromoreirati]

Hello!
I used the terraform module to deploy the kubernets cluster in GKE that I'm using to study Jenkins X, when deploying a test application the pod is not going up and in the error in the log I came across the following message:

Warning Failed 23m (x4 over 25m) kubelet, gke-jenkins-x-nap-n1-standard-1-1rdtb-c8b23bb3-ftbz Failed to pull image "gcr.io/lab-jenkins-x/hello-4-1: 0.0.1 ": rpc error: code = Unknown desc = Error response from daemon: unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials. To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication

The deployment of terraform and Jenkins X was successfully executed, all users were properly created in IAM, but I'm not able to identify what I'm doing wrong, can they help me to find out what I'm doing wrong.

To test I went to the same node that is having a problem and executed a docker pull manually and returned the same error message, I'm using the vault as storage for the secrets, do I have to configure something in the cluster so that it can authenticate with the GCR ?

[leandromoreirati]

Hello!

I discovered the problem, the GCR repository was configured as a bypass action, I configured it as public and solved it.

Can you give me some documentation on how to set up a secret in GKE so that the cluster can authenticate itself in a private repository?

In my scenario, I'm using the vault to keep secrets.