gcloud - ERROR: (gcloud.app.deploy) Permissions error fetching application

蓝咒 提交于 2020-11-30 12:01:07

问题


I am trying to deploy node js app on google cloud but getting following error -

Step #1: ERROR: (gcloud.app.deploy) Permissions error fetching application [apps
/mytest-240512]. Please make sure you are using the correct project ID and that
you have permission to view applications on the project.

I am running following command -

gcloud builds submit . --config cloudbuild.yaml

My cloudbuild.yaml file looks like -

steps:
  #install
  - name: 'gcr.io/cloud-builders/npm'
    args: ['install']

   #deploy
  - name: 'gcr.io/cloud-builders/gcloud'
    args: ['app', 'deploy']

回答1:


The default Cloud Build service account does not allow access to deploy App Engine. You need to enable the Cloud Build service account to perform actions such as deploy.

The Cloud Build service account is formatted like this:

[PROJECT_NUMBER]@cloudbuild.gserviceaccount.com
  • Go to the Google Cloud Console -> IAM & admin -> IAM.
  • Locate the service account and click the pencil icon.
  • Add the role "App Engine Deployer" to the service account.

Wait a couple of minutes for the service account to update globally and then try again.




回答2:


The most common way to deploy an app to App Engine is to use gcloud app deploy ....

When you use gcloud app deploy against App Engine Flex, the service uses Cloud Build.

It's entirely possible|reasonable to use Cloud Build to do your deployments too, it's just more involved.

I've not tried this but I think that, if you wish to use Cloud Build to perform the deployment, you will need to ensure that the Cloud Build service account has permissions to deploy to App Engine.

Here's an example of what you would need to do, specifically granting Cloud Build's service account the correct role.




回答3:


Two commands can handle the perms needed (run in your terminal if you have gcloud sdk installed and authenticated or run in cloud shell for your project):

export PROJECT_ID=[[put your project id here]]
export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)")

gcloud iam service-accounts add-iam-policy-binding ${PROJECT_ID}@appspot.gserviceaccount.com \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/iam.serviceAccountUser \
--project=${PROJECT_ID}
```
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/appengine.appAdmin 



回答4:


I had this same error today and the way I resolve it was by running: $ gcloud auth login on the console.

This will open a new browser tab for you to login with the credentials that has access to the project you're trying to deploy.

I was able to deploy to gcloud after that.

ps.: I'm not sure this is the best approach, but I'm leaving this as a possible solution as this is how I usually go around this problem. Worst case, I'll stand corrected and learn something new.



来源:https://stackoverflow.com/questions/56126481/gcloud-error-gcloud-app-deploy-permissions-error-fetching-application

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!