我有一个名为";RnD";(ID为1111111(,所有存储库和CloudBuild触发器都在谷歌云中。现在我想在";RnD";然后部署到Project"中的应用程序引擎的Project;X〃;(ID为99999999(。我在";RnD";在Project";X〃:
- 应用程序引擎管理员
- 服务帐户用户
- 项目浏览器 RnD项目应用程序引擎中的
处于活动状态并已配置。在RnD项目上没有,因为它没有在那里使用。
这是我的cloudbuild.yaml文件:
steps:
- name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
dir: 'api'
entrypoint: 'bash'
args: ['-c', 'gcloud config set project ${_TARGET_PROJECT_NAME} && gcloud config set app/cloud_build_timeout 1600 && gcloud app deploy ']
timeout: '1600s'
_TARGET_PROJECT_NAME是在触发器上配置的替换;X〃;。运行生成将返回以下日志。
starting build "xxxxxxxxxx"
FETCHSOURCE
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint:
hint: git config --global init.defaultBranch <name>
hint:
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint:
hint: git branch -m <name>
Initialized empty Git repository in /workspace/.git/
From https://source.developers.google.com/p/rnd/r/my_reponame
* branch xxxxxxxxxxxx -> FETCH_HEAD
HEAD is now at xxxxxx
BUILD
Pulling image: gcr.io/google.com/cloudsdktool/cloud-sdk
Using default tag: latest
latest: Pulling from google.com/cloudsdktool/cloud-sdk
0bc3020d05f1: Already exists
a5178f1195d4: Pulling fs layer
... blah blah
cc6c9aaa8146: Pull complete
Digest: sha256:xxxxxxxxx
Status: Downloaded newer image for gcr.io/google.com/cloudsdktool/cloud-sdk:latest
gcr.io/google.com/cloudsdktool/cloud-sdk:latest
Updated property [core/project].
WARNING: You do not appear to have access to project [X] or it does not exist.
Updated property [app/cloud_build_timeout].
API [appengine.googleapis.com] not enabled on project [1111111].
Would you like to enable and retry (this will take a few minutes)?
(y/N)?
ERROR: (gcloud.app.deploy) User [1111111@cloudbuild.gserviceaccount.com] does not have permission to access apps instance [X] (or it may not exist): App Engine Admin API has not been used in project 1111111 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/appengine.googleapis.com/overview?project= 1111111 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
- '@type': type.googleapis.com/google.rpc.Help
links:
- description: Google developers console API activation
url: https://console.developers.google.com/apis/api/appengine.googleapis.com/overview?project= 1111111
- '@type': type.googleapis.com/google.rpc.ErrorInfo
domain: googleapis.com
metadata:
consumer: projects/1111111
service: appengine.googleapis.com
reason: SERVICE_DISABLED
ERROR
ERROR: build step 0 "gcr.io/google.com/cloudsdktool/cloud-sdk" failed: step exited with non-zero status: 1
看起来我不得不激活"应用程序引擎";RnD项目。我越想越有道理。
除此之外,我还必须在项目中提供云构建服务帐户";X〃;更多权限。我还没有弄清楚这个服务帐户的最低权限设置。如果我赋予服务帐户项目所有者权利(我不应该知道;(,它就会起作用。