action-hosting-deploy
action-hosting-deploy copied to clipboard
FirebaseExtended
[BUG] Hiding failed auto-discover of region for rewrites in firebase.json
Action config
- uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: '${{ secrets.GITHUB_TOKEN }}'
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_FICTIVE_V3 }}'
channelId: live
projectId: fictive-v3
target: fictivefront
Error message
No error message.
Expected behavior
In firebase.json I have a rewrite to a function that looks like this:
"rewrites": [
{
"source": "/testingtesting",
"function": "testingFunc"
}]
I run several evironments, some with different region. According to the rewrite docs, while you'd normally hardcode a "region" property here, if left out (as I do) it will be attempted to be automatically discovered anyway by firebase-tools CLI. And when I run firebase deploy locally, it will find the correct region for testingFunc whichs means the rewrite works. This is what I expect to happen also when we we auto-deploy using this action.
Actual behavior
When I let this GitHub action do the deploy, everything else being the same as from local deploy, the rewrite ends up being routed to the wrong region. My hypothesis was that this is because some permission difference, which I managed to confirm by forking this action and turning on debug and saw this when running the deploy command with --debug.
projects/fictive-v3/locations/-/functions'","status":"PERMISSION_DENIED"***
[debug] [2022-12-14T19:10:07.945Z] Deploying hosting site fictive-v3, did not have permissions to check for backends: HTTP Error: 403, Permission 'cloudfunctions.functions.list' denied on 'projects/fictive-v3/locations/-/functions' ***"name":"FirebaseError","children":[],"context":***"body":***"error":***"code":403,"message":"Permission 'cloudfunctions.functions.list' denied on 'projects/fictive-v3/locations/-/functions'","status":"PERMISSION_DENIED"***,"response":***"statusCode":403***,"exit":1,"message":"HTTP Error: 403, Permission 'cloudfunctions.functions.list' denied on 'projects/fictive-v3/locations/-/functions'","status":403***
[warn] ⚠ hosting[fictive-v3]: Unable to find a valid endpoint for function `testingFuc`, but still including it in the config
But my issue is that this action fails silently, instead it should fail or at least give a warning into the action log to show that it had permission issues looking up region on a function.
Note: the permission issue is solved by granting Cloud Functions Viewer to the service account used by the GitHub Action.
