Я пытаюсь развернуть приложение Google App Engine через конвейеры Bitbucket.Однако я получаю следующую ошибку разрешения при попытке развертывания.
Это мой скрипт bitbucket-pipelines.yml:
script:
# Install Google App Engine SDK
- curl -o /tmp/google-cloud-sdk.tar.gz https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-155.0.0-linux-x86_64.tar.gz
- tar -xvf /tmp/google-cloud-sdk.tar.gz -C /tmp/
- /tmp/google-cloud-sdk/install.sh -q
- source /tmp/google-cloud-sdk/path.bash.inc
# Authenticating with the service account key file
- echo $GOOGLE_CLIENT_SECRET > ./gcloud-api-key.json
- gcloud auth activate-service-account --key-file gcloud-api-key.json
# Linking to the Google Cloud project
- gcloud config list
- gcloud config set project $CLOUDSDK_CORE_PROJECT
- gcloud app deploy --log-http --verbosity=debug app.yaml
Пожалуйста, найдите журнал отладки ниже.
DEBUG: API endpoint: [https://appengine.googleapis.com/], API version: [v1]
=======================
==== request start ====
uri: https://appengine.googleapis.com/v1/apps/my-app?alt=json
method: GET
== headers start ==
Authorization: Bearer [hidden]
accept: application/json
accept-encoding: gzip, deflate
content-length: 0
user-agent: google-cloud-sdk x_Tw5K8nnjoRAqULM9PFAC2b gcloud/155.0.0 command/gcloud.app.deploy invocation-id/234e7fc5072e448aaa6870de17b900f2 environment/None environment-version/None interactive/False python/2.7.13 (Linux 4.19.43-coreos)
== headers end ==
== body start ==
== body end ==
==== request end ====
---- response start ----
-- headers start --
-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private
content-length: 126
content-type: application/json; charset=UTF-8
date: Sun, 09 Jun 2019 22:39:11 GMT
server: ESF
status: 403
transfer-encoding: chunked
vary: Origin, X-Origin, Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
-- headers end --
-- body start --
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
-- body end --
total round trip time (request+response): 0.389 secs
---- response end ----
----------------------
DEBUG: HttpError accessing <https://appengine.googleapis.com/v1/apps/my-app?alt=json>: response: <{'status': '403', 'content-length': '126', 'x-xss-protection': '0', 'x-content-type-options': 'nosniff', 'transfer-encoding': 'chunked', 'vary': 'Origin, X-Origin, Referer', 'server': 'ESF', '-content-encoding': 'gzip', 'cache-control': 'private', 'date': 'Sun, 09 Jun 2019 22:39:11 GMT', 'x-frame-options': 'SAMEORIGIN', 'alt-svc': 'quic=":443"; ma=2592000; v="46,44,43,39"', 'content-type': 'application/json; charset=UTF-8'}>, content <{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
>
DEBUG: (gcloud.app.deploy) You do not have permission to access app [my-app] (or it may not exist): The caller does not have permission
Traceback (most recent call last):
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line 712, in Execute
resources = args.calliope_command.Run(cli=self, args=args)
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py", line 784, in Run
resources = command_instance.Run(args)
File "/tmp/google-cloud-sdk/lib/surface/app/deploy.py", line 61, in Run
args, runtime_builder_strategy=runtime_builder_strategy)
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py", line 369, in RunDeploy
app = _PossiblyCreateApp(api_client, project)
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py", line 499, in _PossiblyCreateApp
return api_client.GetApplication()
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/api_lib/app/appengine_api_client.py", line 48, in GetApplication
return requests.MakeRequest(self.client.apps.Get, request)
File "/tmp/google-cloud-sdk/lib/googlecloudsdk/api_lib/app/api/requests.py", line 85, in MakeRequest
raise api_lib_exceptions.HttpException(error, error_message=error_message)
HttpException: You do not have permission to access app [my-app] (or it may not exist): The caller does not have permission
ERROR: (gcloud.app.deploy) You do not have permission to access app [my-app] (or it may not exist): The caller does not have permission
Я уже установил большой список разрешений для своей учетной записи службы, и у меня продолжает появляться та же ошибка:
- Администратор App Engine
- Развертыватель App Engine
- Администратор службы App Engine
- Гибкая среда App Engine Service Agent
- Браузер
- Редактор облачной сборки
- Агент службы облачной сборки
- Администратор объектов среды и хранилища
- Администратор вычислительных систем
- Администратор вычислительных экземпляров (v1)
- Администратор вычислительных хранилищ
- Администратор служебных учетных записей
- ХранилищеAdmin
- Storage Object Admin Viewer