Cloud Build does not trigger new pipeline on webhook request

Question

I have set up a Trigger in Google Cloud Build to start a new pipeline when receiving a HTTP POST request.

The last pipeline in Build History has failed because there was problems with volumes in the yaml.

Now, I cannot start new pipelines using this Trigger. The webhook requests does receive HTTP 200 from Google, but no new pipeline is initiated.

How can I start a new pipeline from a webhook request, even when the last build failed? I use the inline-cloudbuild-yaml, to describe the pipeline.

This issue seem to be related to the Yaml description for the pipeline, but the big problem is that it does not show any error message - it just silently fail without initiating a new run.

Here is a simple inline-pipeline that works:

steps:
- name: 'ubuntu'
  entrypoint: 'bash'
  args:
  - '-c'
  - |
        echo "Hello, world!"

and here is one that does not work, it is taken from the Cloud Build documentation for integrating with GitLab, but shortened to only two steps:

steps:
- name: gcr.io/cloud-builders/git
  args:
    - '-c'
    - |
      echo "$$SSHKEY" > /root/.ssh/id_rsa
      chmod 400 /root/.ssh/id_rsa
      ssh-keyscan gitlab.com > /root/.ssh/known_hosts
  entrypoint: bash
  secretEnv:
    - SSHKEY
  volumes:
    - name: ssh
      path: /root/.ssh

- name: gcr.io/cloud-builders/git
  args:
    - clone
    - 'git@gitlab.com/<my-gitlab-repo>'
    - .
  volumes:
    - name: ssh
      path: /root/.ssh

availableSecrets:
  secretManager:
  - versionName: <my-path-to-secret-version>
    env: SSHKEY

And the big problem is that no build is initiated, so no error message is shown.

In both cases, the Webhook request receives HTTP 200.

@RoopaM no repo is "connected". This is a Webhook trigger, with no "source", it should work with a simple `curl` request. It is setup similar to this documentation https://cloud.google.com/build/docs/automating-builds/gitlab/build-repos-from-gitlab — Jonas, Nov 10 '22 at 16:50
I tried to replicate the issue at my end. I was able to get 200 status and cloud build is triggering for other events. but not for pipeline events. Are you able to trigger manually? And can you share Screenshot where you are getting 200 response and pipeline not triggered? — Roopa M, Nov 11 '22 at 09:05
What do you mean with ”trigger manually”? Using curl works, but after a pipeline has failed after changing the inline yaml, no new pipelines are triggered, I have done many curl requests that return 200 but no new pipelines are triggered. — Jonas, Nov 11 '22 at 11:46

Roopa M · Answer 1 · 2022-11-16T08:09:57.043

0

I tried to replicate the issue from my end using curl. But, i can able to trigger the build. And note that the build invocations are independent meaning that the build history makes no difference to future builds. Try using verbose -v flag with curl command to find to display detailed processing information on your screen as below.

As it is working for me it seems to be working as intended. And to resolve your issue i suggest you to, contact google support here as it seems inspection on your project is required.

Update

I tried with the yaml that you shared in the question. Still, I was able to trigger the build.

(Ignore the build error, it was due to some permission error)

If you think many people are facing the same issue. Please report the issue on public issue tracker which is best forum for reporting these kind of issue.

edited Nov 16 '22 at 08:09

answered Nov 15 '22 at 14:52

Roopa M

2,171
4
12

It seems to be related to the inline-pipeline-yaml. In both cases I get http 200 in response. See my two yamls in the updated question. – Jonas Nov 15 '22 at 17:04
As you can see here, more people is experiencing the same problem: https://stackoverflow.com/questions/72433978/connect-a-gcp-cloud-build-trigger-with-gitlab-repository – Jonas Nov 15 '22 at 17:06
@Jonas Can you have a look at my updated answer? – Roopa M Nov 16 '22 at 08:10
Thank you for your effort on this. Unfortunately, I cannot replicate what is stated in this answer. And since the error reporting is bad on Cloud Build, I have decided to use a pipeline service external to GCP - it is too difficult to use this when error messages is not shown. – Jonas Nov 16 '22 at 09:09
As I mentioned in my answer give it a try by raising the issue tracker or contacting google support. you may get any help. – Roopa M Nov 17 '22 at 14:15

score 0 · Answer 2 · answered Apr 24 '23 at 11:16

TL;DR

I had the same problem, and I fixed it by adding the Cloud Build Service Account role to [PROJECT_NUMBER]@cloudbuild.gserviceaccount.com service account.

Longer version

I had the same problem; I managed to trigger a few builds, but for some reason it stopped making new builds afterwards. I tried changing a lot of configurations in the Webhook trigger with no success.

Then I decided to connect a Github repo instead, and try making a webhook trigger with it since there's better support in the UI when you connect one of the supported repository types. I tried running this webhook manually from the UI and it gave me a permission error this time. Turns out my default service account user was missing the "Cloud Build Service Account" role for whatever reason and so it could not make a new build. Adding that role to [PROJECT_NUMBER]@cloudbuild.gserviceaccount.com fixed everything for me.

References:

Troubleshooting build: Build trigger fails due to missing cloudbuild.builds.create permission

Cloud Build does not trigger new pipeline on webhook request

2 Answers2