google-app-engine - 无法使用 Github 操作部署到 Google App Engine

问题描述

尝试使用 GitHub 操作将我的应用从 Github 部署到 Google App Engine 时，我不断收到相同的错误。

我试过同时使用deploy-appengine操作，以及单独使用setup-gcloud，两者都给我提供了同样的错误。

这是动作 yaml：

# This is the CI action for the repo. The build must succeed and all tests must pass before any pull requests can be made.

name: Deploy
on:
  pull_request:
    types: closed
    branches:
      - develop
      - master

  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [12.x]

    steps:

      - uses: actions/checkout@v2

      - name: Cache node modules
        uses: actions/cache@v1
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-
      - name: Node ${{ matrix.node-version }}
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node-version }}

      - name: Install dependencies
        run: npm install

      - name: Configure environments
        run: npm run configure:ci

      - name: Build
        run: npm run build:ci
        env:
          API_URL:                   ${{ secrets.API_URL }}
          FIREBASE_API_KEY:          ${{ secrets.FIREBASE_API_KEY }}
          FIREBASE_AUTH_DOMAIN:      ${{ secrets.FIREBASE_AUTH_DOMAIN }}
          FIREBASE_DATABASE_URL:     ${{ secrets.FIREBASE_DATABASE_URL }}
          PROJECT_ID:                ${{ secrets.PROJECT_ID }}
          STORAGE_BUCKET:            ${{ secrets.STORAGE_BUCKET }}
          FIREBASE_SENDER_ID:        ${{ secrets.FIREBASE_SENDER_ID }}
          FIREBASE_APP_ID:           ${{ secrets.FIREBASE_APP_ID }}
          FIREBASE_MEASUREMENT_ID:   ${{ secrets.FIREBASE_MEASUREMENT_ID }}
          ANGULAR_FIRE_EMAIL:        ${{ secrets.ANGULAR_FIRE_EMAIL }}
          ANGULAR_FIRE_PASSWORD:     ${{ secrets.ANGULAR_FIRE_PASSWORD }}

      - name: Configure app.yaml
        run: npm run app-config:ci
        
      - id: Deploy
        uses: google-github-actions/deploy-appengine@main
        with:
          credentials: ${{ secrets.GCP_SA_KEY }}
          deliverables: dist/app.yaml
          promote: true

这是我的凭证文件的样子，它只是普通的 JSON，而不是 BASE64，它由 secrets.GCP_SA_KEY 秘密存储，并带有一个用于开发的分支规则，这就是我要执行此操作的地方：

{
  "type": "service_account",
  "project_id": "REDACTED",
  "private_key_id": "REDACTED",
  "private_key": "-----BEGIN PRIVATE pm57A==\n-----END PRIVATE KEY-----\n",
  "client_email": "REDACTED@REDACTED.iam.gserviceaccount.com",
  "client_id": "REDACTED",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/REDACTED.iam.gserviceaccount.com"
}

我已授予服务帐户适当的权限：

App Engine Admin
Cloud Build Editor
Compute Storage Admin
Service Account User

每次我尝试运行该操作时，我都会得到以下输出：

Run google-github-actions/deploy-appengine@main
/usr/bin/tar --version
tar (GNU tar) 1.30
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by John Gilmore and Jay Fenlason.
/usr/bin/tar xz --warning=no-unknown-keyword -C /home/runner/work/_temp/14543984-d6e2-47c0-a6eb-a2a41a371468 -f /home/runner/work/_temp/8a247beb-4bc1-4157-b43f-f27c0f71ba36
/opt/hostedtoolcache/gcloud/333.0.0/x64/bin/gcloud config get-value project
(unset)
Error: No project Id provided.
/opt/hostedtoolcache/gcloud/333.0.0/x64/bin/gcloud auth list

No credentialed accounts.

To login, run:
  $ gcloud auth login `ACCOUNT`

/opt/hostedtoolcache/gcloud/333.0.0/x64/bin/gcloud app deploy --quiet dist/app.yaml --promote
ERROR: (gcloud.app.deploy) You do not currently have an active account selected.
Please run:

  $ gcloud auth login

to obtain new credentials.

If you have already logged in with a different account:

    $ gcloud config set account ACCOUNT

to select an already authenticated account to use.
Error: The process '/opt/hostedtoolcache/gcloud/333.0.0/x64/bin/gcloud' failed with exit code 1

当我同时提供 project_id 和 SA 密钥时，也会发生同样的事情。根据我不需要做任何登录的文档，我可以只传递我的服务帐户凭据，其余的应该自己处理。我在哪里错了？

标签： google-app-enginedeploymentcontinuous-deploymentgithub-actions

google-app-engine - 无法使用 Github 操作部署到 Google App Engine - 未提供凭据

问题描述

解决方案

推荐阅读