从 Google 构建部署 Google 云函数
Deploying Google Cloud function from a Google Build
在尝试部署一个简单的函数时,我 运行 遇到了 403 错误。这是我的完整 yaml:
steps:
# Install Dependencies
- name: 'python'
id: Pip install
args: ['pip3', 'install', '-r', 'requirements.txt', '--user']
# Run Tests
- name: 'python'
args: ['python3', '-m', 'pytest', 'functions/folder_a/test/']
# Deploy Cloud Functions
- name: 'gcr.io/cloud-builders/gcloud'
id: 'helloFunction'
args: ['functions', 'deploy', 'hello', '--source' , 'functions/folder_a/main.py',
'--runtime' , 'python37' ,'--trigger-http']
第一步完成得很好,但第二步在这里出错。
$ gcloud info
Account: [projectname@appspot.gserviceaccount.com]
Project: [projectname]
Current Properties:
[core]
project: [projectname]
account: [projectname@appspot.gserviceaccount.com]
disable_usage_reporting: [True]
我尝试在 IAM 中为上述帐户添加以下权限:
- 云构建服务代理
- 云函数开发人员
- 云函数服务代理
- 编辑器
当 Google Build 为 运行 时,它使用的是哪个服务帐户?如何更改权限以允许自动部署功能?
https://cloud.google.com/functions/docs/bestpractices/testing#continuous_testing_and_deployment
中记录了使用 Cloud Build 部署 Cloud Functions
该页面的指导是:
- To deploy Cloud Functions, you might want to assign the Cloud Functions Developer role to the Cloud Build service account (PROJECT_NUMBER@cloudbuild.gserviceaccount.com).
- If you use the Cloud Functions Developer role, you also need to grant the Cloud Functions Runtime service account (PROJECT_ID@appspot.gserviceaccount.com) the IAM Service Account User role.
Cloud Build 服务帐户是 PROJECT_NUMBER@cloudbuild.gserviceaccount.com,如果您在控制台中查找它,只会有一个服务帐户 *@cloudbuild*
在尝试部署一个简单的函数时,我 运行 遇到了 403 错误。这是我的完整 yaml:
steps:
# Install Dependencies
- name: 'python'
id: Pip install
args: ['pip3', 'install', '-r', 'requirements.txt', '--user']
# Run Tests
- name: 'python'
args: ['python3', '-m', 'pytest', 'functions/folder_a/test/']
# Deploy Cloud Functions
- name: 'gcr.io/cloud-builders/gcloud'
id: 'helloFunction'
args: ['functions', 'deploy', 'hello', '--source' , 'functions/folder_a/main.py',
'--runtime' , 'python37' ,'--trigger-http']
第一步完成得很好,但第二步在这里出错。
$ gcloud info
Account: [projectname@appspot.gserviceaccount.com]
Project: [projectname]
Current Properties:
[core]
project: [projectname]
account: [projectname@appspot.gserviceaccount.com]
disable_usage_reporting: [True]
我尝试在 IAM 中为上述帐户添加以下权限:
- 云构建服务代理
- 云函数开发人员
- 云函数服务代理
- 编辑器
当 Google Build 为 运行 时,它使用的是哪个服务帐户?如何更改权限以允许自动部署功能?
https://cloud.google.com/functions/docs/bestpractices/testing#continuous_testing_and_deployment
中记录了使用 Cloud Build 部署 Cloud Functions该页面的指导是:
- To deploy Cloud Functions, you might want to assign the Cloud Functions Developer role to the Cloud Build service account (PROJECT_NUMBER@cloudbuild.gserviceaccount.com).
- If you use the Cloud Functions Developer role, you also need to grant the Cloud Functions Runtime service account (PROJECT_ID@appspot.gserviceaccount.com) the IAM Service Account User role.
Cloud Build 服务帐户是 PROJECT_NUMBER@cloudbuild.gserviceaccount.com,如果您在控制台中查找它,只会有一个服务帐户 *@cloudbuild*