Secured Cron Job for Google App Engine fails to start (Node js)

Question

I am struggling with a cron job with secured URL in google app engine. As soon as I add login:admin in the app.yaml , the job fails to start (otherwise it works like a charm).

Here is my code:

• app.js

   const express = require('express'); const app = express(); app.get('/', (req, res) => { res.status(200).send('Hello, world!').end(); }); app.get('/admin', function(req, res){ res.status(200).send('Hello, admin!').end(); }); // Start the server const PORT = process.env.PORT || 8080; app.listen(PORT, () => { console.log(`App listening on port ${PORT}`); console.log('Press Ctrl+C to quit.'); }); 

• app.yaml

   runtime: nodejs env: flex handlers: - url: / script: app.js - url: /admin login: admin script: app.js 

• cron.yaml

   cron: - description: daily summary job url: /admin schedule: every 12 mins target: default 

And the result: cron failure

Any hint on what I am missing?

Thanks a lot in advance

Answer 1

The login setting under handlers is now deprecated for the App Engine flexible environment. https://cloud.google.com/appengine/docs/flexible/nodejs/upgrading

login: admin should be removed from your app.yaml.

You can still secure the url by checking for the X-Appengine-Cron header in your code.

app.get('/admin', function(req, res){
    if (req.get('X-Appengine-Cron') !== 'true') {
         return res.status(401).end();
    }
    res.status(200).send('Hello, admin!');
});

Per the docs

The X-Appengine-Cron header is set internally by Google App Engine. If your request handler finds this header it can trust that the request is a cron request. If the header is present in an external user request to your app, it is stripped, except for requests from logged in administrators of the application, who are allowed to set the header for testing purposes.