从不同项目的存储库中部署云函数时检索函数源代码失败
Posted
技术标签:
【中文标题】从不同项目的存储库中部署云函数时检索函数源代码失败【英文标题】:Failed to retrieve function source code when deploying a cloud function from a repository on a different project 【发布时间】:2021-12-07 06:05:00 【问题描述】:我正在尝试从放置在不同项目中的云源存储库部署云功能,但收到以下错误:Failed to retrieve function source code(请参阅下面的完整原型)。
Project-A 包含下面列出的云功能和服务帐户。 Project-B 包含源代码库。
我已经在Project-B上成功部署了该功能。
我已尝试在云源存储库中为以下服务帐户分配 Source Repository Administrator 角色,但这没有帮助。
我还尝试在 Project-A 上禁用 Cloud Functions API 并重新打开它。
我不确定出了什么问题 - 如果有人知道在哪里可以进一步查看,我将不胜感激 - 提前致谢!
部署会在监控中创建两个条目 - 一个 NOTICE,后跟一个 ERROR:
错误日志:
"protoPayload":
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status":
"code": 5,
"message": "Failed to retrieve function source code"
,
"authenticationInfo":
"principalEmail": "***@***.**"
,
"serviceName": "cloudfunctions.googleapis.com",
"methodName": "google.cloud.functions.v1.CloudFunctionsService.UpdateFunction",
"resourceName": "projects/Project-A/locations/europe-west1/functions/pubsub-to-gcs"
,
"insertId": "-vmfbt4cd54",
"resource":
"type": "cloud_function",
"labels":
"function_name": "pubsub-to-gcs",
"region": "europe-west1",
"project_id": "Project-A"
,
"timestamp": "2021-10-20T12:21:45.352043Z",
"severity": "ERROR",
"logName": "projects/Project-A/logs/cloudaudit.googleapis.com%2Factivity",
"operation":
"id": "operations/cm9ldHotbGlmZS1kYXRhLXRlc3QvZXVyb3BlLXdlc3QxL3B1YnN1Yi10by1nY3MvVEhFbUQtLTZITWM",
"producer": "cloudfunctions.googleapis.com",
"last": true
,
"receiveTimestamp": "2021-10-20T12:21:45.781856467Z"
"protoPayload":
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"authenticationInfo":
"principalEmail": "***@****.**"
,
"requestMetadata":
"callerIp": "35.205.252.75",
"callerSuppliedUserAgent": "google-cloud-sdk gcloud/360.0.0 command/gcloud.functions.deploy invocation-id/917d697431e84b91bfa2bd9f9cc4f302 environment/devshell environment-version/None interactive/True from-script/False python/3.7.3 term/screen (Linux 5.4.144+),gzip(gfe),gzip(gfe)",
"requestAttributes":
"time": "2021-10-20T12:21:44.909430Z",
"auth":
,
"destinationAttributes":
,
"serviceName": "cloudfunctions.googleapis.com",
"methodName": "google.cloud.functions.v1.CloudFunctionsService.UpdateFunction",
"authorizationInfo": [
"resource": "projects/Project-A/locations/europe-west1/functions/pubsub-to-gcs",
"permission": "cloudfunctions.functions.update",
"granted": true,
"resourceAttributes":
],
"resourceName": "projects/Project-A/locations/europe-west1/functions/pubsub-to-gcs",
"request":
"@type": "type.googleapis.com/google.cloud.functions.v1.UpdateFunctionRequest",
"function":
"timeout": "60s",
"status": "UNKNOWN",
"serviceAccountEmail": "Project-A@appspot.gserviceaccount.com",
"availableMemoryMb": 256,
"name": "projects/Project-A/locations/europe-west1/functions/pubsub-to-gcs",
"runtime": "python39",
"labels":
"deployment-tool": "cli-gcloud"
,
"entryPoint": "pubsub-to-gcs",
"updateTime": "2021-10-20T12:21:40.149Z",
"sourceRepository":
"url": "https://source.developers.google.com/projects/Project-B/repos/my-repo/moveable-aliases/master/paths/my-folder"
,
"httpsTrigger": ,
"ingressSettings": "ALLOW_ALL",
"versionId": "1"
,
"updateMask": "eventTrigger,httpsTrigger,runtime,sourceRepository"
,
"resourceLocation":
"currentLocations": [
"europe-west1"
]
,
"insertId": "1xdbim3e16pgu",
"resource":
"type": "cloud_function",
"labels":
"function_name": "pubsub-to-gcs",
"region": "europe-west1",
"project_id": "Project-A"
,
"timestamp": "2021-10-20T12:21:44.650257Z",
"severity": "NOTICE",
"logName": "projects/Project-A/logs/cloudaudit.googleapis.com%2Factivity",
"operation":
"id": "operations/cm9ldHotbGlmZS1kYXRhLXRlc3QvZXVyb3BlLXdlc3QxL3B1YnN1Yi10by1nY3MvVEhFbUQtLTZITWM",
"producer": "cloudfunctions.googleapis.com",
"first": true
,
"receiveTimestamp": "2021-10-20T12:21:45.832588036Z"
【问题讨论】:
【参考方案1】:事实证明这不是 IAM 问题:我尝试从 UI 部署该功能,但从不同项目中的源代码库部署时这是不可能的。
使用gcloud function deploy 部署解决了这个问题。
【讨论】:
以上是关于从不同项目的存储库中部署云函数时检索函数源代码失败的主要内容,如果未能解决你的问题,请参考以下文章
从 Firebase 云函数调用时,OAuth2 访问令牌交换失败
firebase - 从可调用云函数访问数据库时应用检查失败