Giters

google-github-actions / deploy-appengine

A GitHub Action that deploys source code to Google App Engine.

Home Page:https://cloud.google.com/appengine

Repository from Github https://github.comgoogle-github-actions/deploy-appengineRepository from Github https://github.comgoogle-github-actions/deploy-appengine

Error: google-github-actions/deploy-appengine failed

selfagency opened this issue · comments

commented

TL;DR

same issue as #197

Expected behavior

to not fail or to provide some helpful indication as to why it failed

Observed behavior

errors out with unhelpful error message

Action YAML

name: Deploy devops-stats

on:
  workflow_dispatch:
  push:
    branches:
      - main
    paths:
      - stats/**/*

jobs:
  deploy:
    runs-on: ubuntu-latest

    permissions:
      contents: read
      id-token: write

    steps:
      - id: checkout
        name: Checkout repo
        uses: actions/checkout@v2

      - id: auth
        name: Authenticate to GCP
        uses: google-github-actions/auth@v0
        with:
          workload_identity_provider: ${{ secrets.WORKLOAD_ID_PROVIDER }}
          service_account: ${{ secrets.SERVICE_ACCOUNT }}

      - id: deploy
        uses: google-github-actions/deploy-appengine@v0
        with:
          working_directory: stats
          deliverables: devops-stats.yaml
          promote: true

Log output

Run google-github-actions/deploy-appengine@v0
  with:
    working_directory: stats
    deliverables: devops-stats.yaml
    promote: true
  env:
    CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/unstoppable-devops/unstoppable-devops/dae1be6781b2aba8925bf11a
    GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/unstoppable-devops/unstoppable-devops/dae1be6781b2aba8925bf11a
    GOOGLE_GHA_CREDS_PATH: /home/runner/work/unstoppable-devops/unstoppable-devops/dae1be6781b2aba8925bf11a
    CLOUDSDK_PROJECT: unstoppable-domains-staging
    CLOUDSDK_CORE_PROJECT: unstoppable-domains-staging
    GCP_PROJECT: unstoppable-domains-staging
    GCLOUD_PROJECT: unstoppable-domains-staging
    GOOGLE_CLOUD_PROJECT: unstoppable-domains-staging
/usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /home/runner/work/_temp/36b347b1-be09-4712-b194-e964949ca294 -f /home/runner/work/_temp/1045cbff-da1d-41a7-8384-ed0f50eac1cd
Error: google-github-actions/deploy-appengine failed with: The process '/opt/hostedtoolcache/gcloud/369.0.0/x64/bin/gcloud' failed with exit code 1

Additional information

No response

commented

It turns out this is an issue with Workload Identity Federation not properly updating IAM permissions, but the error message here is worthless and should be improved upon.