Google 工作流插入查询联合 Google 驱动器 table 的 bigquery 作业
Google Workflow insert a bigquery job that queries a federated Google Drive table
我正在使用工作流处理 ELT。到目前为止非常好。但是,我的一个表是基于 Google sheet 并且该作业在 "Access Denied: BigQuery BigQuery: Permission denied while getting Drive credentials."
上失败
我知道我需要将 https://www.googleapis.com/auth/drive 范围添加到请求中,并且工作流使用的服务帐户需要访问 sheet。访问是正确的,如果我使用 curl 进行经过身份验证的插入,它工作正常。
我的逻辑是我应该添加驱动器作用域。但是我不知道 where/how 添加它。我错过了什么吗?
工作流程中的步骤:
call: googleapis.bigquery.v2.jobs.insert
args:
projectId: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
body:
configuration:
query:
query: select * from `*****.domains_sheet_view`
destinationTable:
projectId: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
datasetId: ***
tableId: domains
create_disposition: CREATE_IF_NEEDED
write_disposition: WRITE_TRUNCATE
allowLargeResults: true
useLegacySql: false```
AFAIK 对于连接器,您不能自定义 scope 参数,但如果您自己组合 HTTP 调用,则可以自定义。
- 在 Google 文档
上将服务帐户添加为查看者
- 然后运行工作流程
这是我的程序
#workflow entrypoint
main:
steps:
- initialize:
assign:
- project: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
- makeBQJob:
call: BQJobsInsertJobWithSheets
args:
project: ${project}
configuration:
query:
query: SELECT * FROM `ndc.autoritati_publice` LIMIT 10
destinationTable:
projectId: ${project}
datasetId: ndc
tableId: autoritati_destination
create_disposition: CREATE_IF_NEEDED
write_disposition: WRITE_TRUNCATE
allowLargeResults: true
useLegacySql: false
result: res
- final:
return: ${res}
#subworkflow definitions
BQJobsInsertJobWithSheets:
params: [project, configuration]
steps:
- runJob:
try:
call: http.post
args:
url: ${"https://bigquery.googleapis.com/bigquery/v2/projects/"+project+"/jobs"}
headers:
Content-type: "application/json"
auth:
type: OAuth2
scope: ["https://www.googleapis.com/auth/drive","https://www.googleapis.com/auth/cloud-platform","https://www.googleapis.com/auth/bigquery"]
body:
configuration: ${configuration}
result: queryResult
except:
as: e
steps:
- UnhandledException:
raise: ${e}
next: queryCompleted
- pageNotFound:
return: "Page not found."
- authError:
return: "Authentication error."
- queryCompleted:
return: ${queryResult.body}
我正在使用工作流处理 ELT。到目前为止非常好。但是,我的一个表是基于 Google sheet 并且该作业在 "Access Denied: BigQuery BigQuery: Permission denied while getting Drive credentials."
我知道我需要将 https://www.googleapis.com/auth/drive 范围添加到请求中,并且工作流使用的服务帐户需要访问 sheet。访问是正确的,如果我使用 curl 进行经过身份验证的插入,它工作正常。
我的逻辑是我应该添加驱动器作用域。但是我不知道 where/how 添加它。我错过了什么吗?
工作流程中的步骤:
call: googleapis.bigquery.v2.jobs.insert
args:
projectId: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
body:
configuration:
query:
query: select * from `*****.domains_sheet_view`
destinationTable:
projectId: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
datasetId: ***
tableId: domains
create_disposition: CREATE_IF_NEEDED
write_disposition: WRITE_TRUNCATE
allowLargeResults: true
useLegacySql: false```
AFAIK 对于连接器,您不能自定义 scope 参数,但如果您自己组合 HTTP 调用,则可以自定义。
- 在 Google 文档 上将服务帐户添加为查看者
- 然后运行工作流程
这是我的程序
#workflow entrypoint
main:
steps:
- initialize:
assign:
- project: ${sys.get_env("GOOGLE_CLOUD_PROJECT_ID")}
- makeBQJob:
call: BQJobsInsertJobWithSheets
args:
project: ${project}
configuration:
query:
query: SELECT * FROM `ndc.autoritati_publice` LIMIT 10
destinationTable:
projectId: ${project}
datasetId: ndc
tableId: autoritati_destination
create_disposition: CREATE_IF_NEEDED
write_disposition: WRITE_TRUNCATE
allowLargeResults: true
useLegacySql: false
result: res
- final:
return: ${res}
#subworkflow definitions
BQJobsInsertJobWithSheets:
params: [project, configuration]
steps:
- runJob:
try:
call: http.post
args:
url: ${"https://bigquery.googleapis.com/bigquery/v2/projects/"+project+"/jobs"}
headers:
Content-type: "application/json"
auth:
type: OAuth2
scope: ["https://www.googleapis.com/auth/drive","https://www.googleapis.com/auth/cloud-platform","https://www.googleapis.com/auth/bigquery"]
body:
configuration: ${configuration}
result: queryResult
except:
as: e
steps:
- UnhandledException:
raise: ${e}
next: queryCompleted
- pageNotFound:
return: "Page not found."
- authError:
return: "Authentication error."
- queryCompleted:
return: ${queryResult.body}