使用--allow-unauthenticated从Cloud Build部署Cloud功能

时间:2019-11-17 05:41:21

标签: google-cloud-platform google-cloud-functions google-cloud-build

我的目标是使用Cloud Build部署Cloud Function。我的cloudbuild.yaml如下所示:

steps:
- name: gcr.io/cloud-builders/gcloud
  args: 
    [
      'functions', 'deploy', 'func3',
      '--region=us-central1',
      '--allow-unauthenticated',
      '--entry-point=helloWorld',
      '--runtime=nodejs8',
      '--source=https://source.developers.google.com/projects/XXX/repos/myfunc',
      '--trigger-http',
      '--service-account=XXX@appspot.gserviceaccount.com'
    ]

提交构建文件时,将记录以下内容:

Created [https://cloudbuild.googleapis.com/v1/projects/XXX/builds/5ba01de5-b4ad-4489-b4b9-687d3a6fd8fa].
Logs are available at [https://console.cloud.google.com/gcr/builds/5ba01de5-b4ad-4489-b4b9-687d3a6fd8fa?project=YYY].
------------------------------------------------------------------------------------ REMOTE BUILD OUTPUT ------------------------------------------------------------------------------------
starting build "5ba01de5-b4ad-4489-b4b9-687d3a6fd8fa"

FETCHSOURCE
BUILD
Already have image (with digest): gcr.io/cloud-builders/gcloud
ERROR: (gcloud.functions.deploy) unrecognized arguments: --allow-unauthenticated 

To search the help text of gcloud commands, run:
  gcloud help -- SEARCH_TERMS
ERROR
ERROR: build step 0 "gcr.io/cloud-builders/gcloud" failed: exit status 2
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

ERROR: (gcloud.builds.submit) build 5ba01de5-b4ad-4489-b4b9-687d3a6fd8fa completed with status "FAILURE"

我们可以看到,我们失败了。如果我删除引用--allow-unauthenticated的行,则所有操作均正确进行。为了完整起见,这里是有效的cloudbuild.yaml

steps:
- name: gcr.io/cloud-builders/gcloud
  args: 
    [
      'functions', 'deploy', 'func3',
      '--region=us-central1',
      '--entry-point=helloWorld',
      '--runtime=nodejs8',
      '--source=https://source.developers.google.com/projects/XXX/repos/myfunc',
      '--trigger-http',
      '--service-account=XXX@appspot.gserviceaccount.com'
    ]

我检查了heregcloud functions deploy的gcloud文档,看不到任何错别字或其他小错误。我一直假设将gcloud作为Cloud Builder步骤运行与手动运行相同。

如果我手动运行命令(包括--allow-unauthenticated),该命令将正常运行而不会出现错误。例如,如果我运行:

#!/bin/bash
gcloud functions deploy func3 \
    --region=us-central1 \
    --allow-unauthenticated \
    --entry-point=helloWorld \
    --runtime=nodejs8 \
    --source=https://source.developers.google.com/projects/XXX/repos/myfunc \
    --trigger-http \
    --service-account=XXX@appspot.gserviceaccount.com

...没有问题。

问题的核心是在Cloud Build上下文中--allow-unauthenticated选项可能是什么问题?

2 个答案:

答案 0 :(得分:0)

该错误消息可能会引起误解:

ERROR: (gcloud.functions.deploy) unrecognized arguments: --allow-unauthenticated

运行gcloud help functions deploy时,它将--allow-unauthenticated列为有效标志:

--allow-unauthenticated
    If set, makes this a public function. This will allow all callers,
    without checking authentication.

正如特拉维斯(Travis)所说的那样……这可能是错误的行为,我认为这不是“不太可能”,因为在更新复杂的分布式系统时,偶尔的故障并没有什么特别的。

答案 1 :(得分:0)

这似乎是由错误的gcloud构建映像引起的暂时性问题。

暂时使用此版本:

gcr.io/cloud-builders/gcloud@sha256:4ea77d19d7336d5a8dc4ae0e609d7f5b45fca067c34b70d7ed6740af229392c6
相关问题
最新问题