I have a Spring-boot and docker based micro-service which has database details in GCP secrets manager. I am trying to do the GCP authentication required for secrets manager using gcloud auth activate-service-account. However, when I am debugging the application with docker, it is trying to find the file /root/.config/gcloud/application_default_credentials.json which I am copying at the same location. But it is not able to find this file during the run. My dockerfile looks like following:-
FROM maven:3.8.3-openjdk-17 as maven_builder
WORKDIR /app
COPY up-user-service/pom.xml .
COPY up-user-service/src ./src
RUN mvn clean install
RUN mv target/*.jar target/application.jar
FROM openjdk:17-jdk-alpine as builder
COPY --from=maven_builder /app/target/*.jar up-user-service/target/application.jar
RUN java -Djarmode=layertools -jar up-user-service/target/application.jar extract
FROM ubuntu:22.04
# Install prerequisites
RUN apt-get update && apt-get install -y \
curl
CMD /bin/bash
RUN curl https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz > /tmp/google-cloud-sdk.tar.gz
RUN apt-get update && apt-get install -y python3 python3-pip
RUN mkdir -p /usr/local/gcloud
RUN tar -C /usr/local/gcloud -xvf /tmp/google-cloud-sdk.tar.gz
RUN /usr/local/gcloud/google-cloud-sdk/install.sh
ENV PATH="${PATH}:/usr/local/gcloud/google-cloud-sdk/bin"
COPY key.json /root/.config/gcloud/application_default_credentials.json
RUN gcloud auth activate-service-account --key-file=/root/.config/gcloud/application_default_credentials.json
FROM openjdk:17-jdk-alpine
EXPOSE 8080:8000
COPY --from=builder dependencies/ ./
RUN true
COPY --from=builder snapshot-dependencies/ ./
RUN true
COPY --from=builder spring-boot-loader/ ./
RUN true
COPY --from=builder application/ ./
ENTRYPOINT ["java", "org.springframework.boot.loader.JarLauncher"]
#ENTRYPOINT ["sh", "-c", "java -Xdebug -Xrunjdwp:transport=dt_socket,server=y,address=*:8000 org.springframework.boot.loader.JarLauncher"]
Am I missing something here? Please suggest.
