community-platform
community-platform copied to clipboard
ONEARMY
[bug] permissions issue around Project Kamp deployments
Describe the bug
When deploying to the Project Kamp PROD environment, there are permissions issues around cleaning up items in the artifactregistry.
[2022-07-09T19:59:58.403Z] <<< [apiv2][body] DELETE https://artifactregistry.googleapis.com/v1beta2/projects/**********************/locations/us-central1/repositories/gcf-artifacts/packages/integrations--notify_new_event
{
"error": {
"code": 403,
"message": "Permission 'artifactregistry.packages.delete' denied on resource '//artifactregistry.googleapis.com/projects/**********************/locations/us-central1/repositories/gcf-artifacts/packages/integrations--notify_new_event' (or it may not exist).",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "IAM_PERMISSION_DENIED",
"domain": "artifactregistry.googleapis.com",
"metadata": {
"permission": "artifactregistry.packages.delete",
"resource": "projects/**********************/locations/us-central1/repositories/gcf-artifacts/packages/integrations--notify_new_event"
}
}
]
}
}
I think there is a chance this has always been the case, just now firebase is getting better at reporting it.
The artifacts storage size has been well over any reasonable level for months now
I tested manually deleting everything on pp-dev site and redeploying and it seemed to fix for a bit but slowly creeping back up
There's more notes and an agenda item in the maintenance call thread, although I know the firebase-tools cli has been making quite a few updates around these issues so there is a chance they might just go a way or resolve in the near future
@ONEARMY/maintainers I've not personally noticed this recently, has anyone else? Close it?
Marking this as closed for the time being. No logs in current deployment pipelines suggest this is an issue.