![](/img/trans.png)
[英]gcloud app deploy is failing with Failed to create cloud build: Permission denied on 'locations/xyz' (or it may not exist)
[英]Permission denied during gcloud app deploy using Google Cloud SDK
使用 Google Cloud SDK 将应用程序部署到 Google App Engine 非常困难。
我曾尝试过以下 2 个命令
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud config set project jstock-android
Updated property [core/project].
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud app deploy app.yaml --log-http --verbosity=debug
DEBUG: Running [gcloud.app.deploy] with arguments: [--log-http: "true", --verbosity: "debug", DEPLOYABLES:1: "['app.yaml']"]
DEBUG: No staging command found for runtime [python27] and environment [STANDARD].
DEBUG: API endpoint: [https://appengine.googleapis.com/], API version: [v1]
=======================
==== request start ====
uri: https://appengine.googleapis.com/v1/apps/jstock-android?alt=json
method: GET
== headers start ==
Authorization: Bearer ya29.GlxEBb1XVP1JK93-ARiaN_ZgiMbvZmw5KWfvJVfibDJ4FK_ZaMRoU1jVDTiWzsY606GSduJKJd9Nm8zA-_Iql5mGn4AMk4QVl8mPRycfekeZnOOHtbUvpkBMgOLOQA
accept: application/json
accept-encoding: gzip, deflate
content-length: 0
user-agent: google-cloud-sdk x_Tw5K8nnjoRAqULM9PFAC2b gcloud/184.0.0 command/gcloud.app.deploy invocation-id/c9ae232d33b346d787b95a36e28c38c0 environment/None environment-version/None interactive/True python/2.7.13 (Windows NT 10.0.16299)
== headers end ==
== body start ==
== body end ==
==== request end ====
---- response start ----
-- headers start --
-content-encoding: gzip
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
cache-control: private
content-length: 335
content-type: application/json; charset=UTF-8
date: Tue, 16 Jan 2018 19:16:21 GMT
server: ESF
status: 403
transfer-encoding: chunked
vary: Origin, X-Origin, Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
-- headers end --
-- body start --
{
"error": {
"code": 403,
"message": "Operation not allowed",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ResourceInfo",
"resourceType": "gae.api",
"description": "The \"appengine.applications.get\" permission is required."
}
]
}
}
-- body end --
total round trip time (request+response): 1.796 secs
---- response end ----
----------------------
DEBUG: (gcloud.app.deploy) Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
Traceback (most recent call last):
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\calliope\cli.py", line 797, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\calliope\backend.py", line 757, in Run
resources = command_instance.Run(args)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\surface\app\deploy.py", line 65, in Run
parallel_build=False)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 543, in RunDeploy
app = _PossiblyCreateApp(api_client, project)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 703, in _PossiblyCreateApp
api_client._FormatApp()))) # pylint: disable=protected-access
HttpException: Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
ERROR: (gcloud.app.deploy) Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
C:\Users\yccheok\Desktop\jstock-android-appengine>
然后,我浏览了https://cloud.google.com/appengine/docs/admin-api/accessing-the-api ,它提到我需要使用Admin API 。 所以,我一步一步地小心翼翼地做。
它提到启用了管理 API 。 现在我需要凭据。
好的。 现在他们提到我不需要创建新凭证。 我可以使用应用程序默认凭据?!
所以,我去了https://developers.google.com/identity/protocols/application-default-credentials?hl=en_GB 。 我知道我需要跑步
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud auth application-default login
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8085%2F&prompt=select_account&response_type=code&client_id=764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform&access_type=offline
Credentials saved to file: [C:\Users\yccheok\AppData\Roaming\gcloud\application_default_credentials.json]
These credentials will be used by any library that requests
Application Default Credentials.
尽管如此,在完成上述 7 个步骤后,当我尝试运行时,我仍然收到完全相同的错误消息
gcloud app deploy app.yaml --log-http --verbosity=debug
谁能告诉我,为了使用 Google Cloud SDK 将我的 Python 应用程序部署到 Google App Engine,我还需要什么步骤?
Admin API 用于以编程方式部署应用程序,而不是使用gcloud app deploy
进行gcloud app deploy
,您甚至不需要为您的应用程序启用 Admin API。
要以编程方式部署您的应用程序,请使用Admin API 。
开始之前
在部署应用程序之前:
GCP 项目的所有者必须创建App Engine 应用程序。
确保您的用户帐户包括所需的权限。
(但我可以看到上述内容如何被误解为使用 Admin API 的邀请)
很可能gcloud app deploy
实际使用的帐户丢失或没有所需的权限。
您可以检查与gcloud auth list
一起使用的gcloud auth list
。 在我的情况下,帐户是我的电子邮件地址,而不是服务帐户(我不确定是否可以使用服务帐户)。
如果您需要其他帐户,请使用gcloud auth login
(也可能使用gcloud auth revoke
)。
您可以在 IAM 页面上的项目/应用程序上检查帐户的权限(如果有)。
关于这一点的附加说明,当您启用 App Engine API 和云构建器 API 时,请确保云构建服务帐户也可以访问该项目。
启用正确的apis后我遇到了这个问题。
这是使用构建触发器。 我可以从命令行在本地部署,因为我已通过身份验证。 但是,如果您使用构建触发器,它将使用需要访问权限的构建服务帐户。
希望这会有所帮助。
我有这个问题。 在我的情况下,它是通过使用项目 ID 而不是项目名称设置项目来解决的。 看到这个答案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.