I'm working with a local-dev environment of Python GAE. In my code, I'm using the app_identity module to fetch the App ID Token for my project, like this:
scope = "https://www.googleapis.com/auth/userinfo.email"
app_id_token, expiry = app_identity.get_access_token(scope)
But when that pathway is invoked, I get this error thrown from the appengine module. It appears that when my project attempts to fetch an OAuth token to access Google Cloud services it is getting an SSL validation error on the URL used to get that token.
ERROR 2017-01-03 02:41:11,489 api_server.py:272] Exception while handling service_name: "app_identity_service"
method: "GetAccessToken"
request: "\n.https://www.googleapis.com/auth/cloud-platform"
request_id: "MzGyxBKeMe"
Traceback (most recent call last):
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 247, in _handle_POST
api_response = _execute_request(request).Encode()
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 186, in _execute_request
make_request()
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 181, in make_request
request_id)
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/api/apiproxy_stub.py", line 131, in MakeSyncCall
method(request, response)
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/api/app_identity/app_identity_keybased_stub.py", line 223, in _Dynamic_GetAccessToken
headers={'Content-Type': 'application/x-www-form-urlencoded'})
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/api/urlfetch.py", line 271, in fetch
return rpc.get_result()
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/api/apiproxy_stub_map.py", line 613, in get_result
return self.__get_result_hook(self)
File "/opt/google-cloud-sdk/platform/google_appengine/google/appengine/api/urlfetch.py", line 432, in _get_fetch_result
'Invalid and/or missing SSL certificate for URL: ' + url)
SSLCertificateError: Invalid and/or missing SSL certificate for URL: https://accounts.google.com/o/oauth2/token
What confuses me is that this doesn't seem like it should be an environment configuration problem because it is SSL cert validation. However, neither of my teammates see this problem when we work from the same commit in our repository. I've tried re-cloning my repository, rebooting my machine, resetting my Docker setup. None of it has had an effect. Any advice into what's going on would be appreciated. Thank you.
One of my teammates figured out the solution to this. One of the certs bundled with the SDK have an expired cert in their chain... so my setup broke with the New Year.
HTTPException: invalid and/or missing SSL certificate for url: https://accounts.google.com/o/oauth2/token
He removed my certs that were bundled with the SDK, which causes GAE to use the OS's defaults.
Related
I am getting the error
Error Response: [4] App Engine Flexible timed out while configuring
resources, internal operation
while deploying .NetCore application to my App Engine. App Engine is currently in Asia South. I also created another project with App Engine at US East. On that I am getting error
ERROR: (gcloud.app.deploy) INTERNAL: Internal error encountered.
while deploying. Tried to deploy the Hello world application specified in GCP docs. It is also getting same issues while deploying. Am I missing something. I have updated BACKEND_SEVICES quota. After that only I am getting this issue. Also able to see versions as serving. But no Instances are active. I am not able to activate any other versions. It is also showing as Internal error.
This is my app.YAML
runtime: aspnetcore
env: flex
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
beta_settings:
cloud_sql_instances: "#########:#####-api-system=tcp:3306"
It was working fine till yesterday. I am getting this issue from today onwards.
Attaching Verbosity Logs
Updating service [default] (this may take several minutes)...|DEBUG: Operation [apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067] not complete. Waiting to retry.
Updating service [default] (this may take several minutes)...|DEBUG: Operation [apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067] not complete. Waiting to retry.
Updating service [default] (this may take several minutes)...\DEBUG: Operation [apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067] not complete. Waiting to retry.
Updating service [default] (this may take several minutes)...\DEBUG: Operation [apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067] not complete. Waiting to retry.
Updating service [default] (this may take several minutes)...-DEBUG: Operation [apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067] complete. Result: {
"done": true,
"error": {
"code": 4,
"message": "App Engine Flexible timed out while configuring resources, internal operation projects/**projectid**/regions/asia-south1/operations/700238de-3add-4281-80f8-6dc66948a715"
},
"metadata": {
"#type": "type.googleapis.com/google.appengine.v1.OperationMetadataV1",
"createVersionMetadata": {
"cloudBuildId": "38b57f34-3b23-4484-9d69-0c581995947f"
},
"endTime": "2020-04-23T23:40:50.335Z",
"insertTime": "2020-04-23T23:29:10.164Z",
"method": "google.appengine.v1.Versions.CreateVersion",
"target": "apps/**projectid**/services/default/versions/20200424t045856",
"user": "eltuniverse#gmail.com"
},
"name": "apps/**projectid**/operations/c46a17bd-d4a8-468f-b40b-47a7fdd03067"
}
Updating service [default] (this may take several minutes)...failed.
DEBUG: (gcloud.app.deploy) Error Response: [4] App Engine Flexible timed out while configuring resources, internal operation projects/**projectid**/regions/asia-south1/operations/700238de-3add-4281-80f8-6dc66948a715
Traceback (most recent call last):
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\calliope\cli.py", line 983, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\calliope\backend.py", line 807, in Run
resources = command_instance.Run(args)
File "C:\Google\CloudSDK\google-cloud-sdk\lib\surface\app\deploy.py", line 111, in Run
return deploy_util.RunDeploy(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 634, in RunDeploy
deployer.Deploy(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 431, in Deploy
self.api_client.DeployService(new_version.service, new_version.id,
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\app\appengine_api_client.py", line 204, in DeployService
return operations_util.WaitForOperation(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\app\operations_util.py", line 307, in WaitForOperation
completed_operation = waiter.WaitFor(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\util\waiter.py", line 261, in WaitFor
operation = PollUntilDone(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\util\waiter.py", line 322, in PollUntilDone
operation = retryer.RetryOnResult(
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\core\util\retry.py", line 229, in RetryOnResult
if not should_retry(result, state):
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\util\waiter.py", line 320, in _IsNotDone
return not poller.IsDone(operation)
File "C:\Google\CloudSDK\google-cloud-sdk\lib\googlecloudsdk\api_lib\app\operations_util.py", line 182, in IsDone
raise OperationError(requests.ExtractErrorMessage(
googlecloudsdk.api_lib.app.operations_util.OperationError: Error Response: [4] App Engine Flexible timed out while configuring resources, internal operation projects/**projectid**/regions/asia-south1/operations/700238de-3add-4281-80f8-6dc66948a715
ERROR: (gcloud.app.deploy) Error Response: [4] App Engine Flexible timed out while configuring resources, internal operation projects/**projectid**/regions/asia-south1/operations/700238de-3add-4281-80f8-6dc66948a715
App.yaml
runtime: aspnetcore
env: flex
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
beta_settings:
cloud_sql_instances: "***projectid***:asia-south1:***dbname***=tcp:3306"
Thanks.
It is recommended to get more detail in this cases. You can deploy with: gcloud app deploy --verbosity=debug, just to see if you can retrieve more information about this.
It seems this could be due to some reasons. I recommend to check:
In some cases is useful to run this command $ gcloud config set app/trigger_build_server_side false in order to force that the building will be managed on the client side rather than the server side (which could be changed in somehow), before deploying. Try this command and then deploy again.
Possible changes in the configuration of your app. Take a look into your app.yaml, check for different values. Comparing the version of Apr 22 and that the one of today. Is it possible for you to deploy the version of yesterday?
The quotas in your project associated to App Engine and Compute Engine. Remember that, in the end, App Engine Flex runs in VMs. Here is a similar issue, related with the quota: In-use IP addresses. If you see any quota exhausted, you can request a Quota increase.
In some cases, this can also be related to an internal issue, in such case you should create a case in GCP. (lets keep this as final option)
Also, could you pleas share relevant detailed logs about this? Please, be sure of not sharing any sensitive information
Please let me know your findings with this. Also it would be great if you can share the app.yaml of both versions (working and not) in case the aforementioned does not work.
I have inherited a php codebase that uses google appengine, so I have a fully built app locally that I am trying to deploy. But when I run:
gcloud app deploy --project project-name --verbosity=debug
I get the error below. I don't understand the staging command error because in the app.yaml I specify runtime: php55. I don't know what the API endpoint error means, and I also don't understand why no app was found. Any help on any of these errors would be much appreciated.
DEBUG: Running [gcloud.app.deploy] with arguments: [--project:
"project-name", --verbosity: "debug"] DEBUG: No staging command found
for runtime [php55] and environment [STANDARD]. DEBUG: API endpoint:
[https://appengine.googleapis.com/], API version: [v1] DEBUG: No app
found: Traceback (most recent call last): File
"/Users/myname/Downloads/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py",
line 679, in _PossiblyCreateApp
return api_client.GetApplication() File "/Users/myname/Downloads/google-cloud-sdk/lib/googlecloudsdk/api_lib/app/appengine_api_client.py",
line 66, in GetApplication
return self.client.apps.Get(request) File "/Users/myname/Downloads/google-cloud-sdk/lib/googlecloudsdk/third_party/apis/appengine/v1/appengine_v1_client.py",
line 1124, in Get
config, request, global_params=global_params) File "/Users/myname/Downloads/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py",
line 722, in _RunMethod
return self.ProcessHttpResponse(method_config, http_response, request) File
"/Users/myname/Downloads/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py",
line 728, in ProcessHttpResponse
self.__ProcessHttpResponse(method_config, http_response, request)) File
"/Users/myname/Downloads/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py",
line 599, in __ProcessHttpResponse
http_response, method_config=method_config, request=request) HttpNotFoundError: HttpError accessing
https://appengine.googleapis.com/v1/apps/project-name?alt=json:
response: <{'status': '404', 'content-length': '136',
'x-xss-protection': '0', 'x-content-type-options': 'nosniff',
'transfer-encoding': 'chunked', 'vary': 'Origin, X-Origin, Referer',
'server': 'ESF', '-content-encoding': 'gzip', 'cache-control':
'private', 'date': 'Tue, 24 Sep 2019 22:49:44 GMT', 'x-frame-options':
'SAMEORIGIN', 'alt-svc': 'quic=":443"; ma=2592000; v="46,43"',
'content-type': 'application/json; charset=UTF-8'}>, content <{
"error": {
"code": 404,
"message": "Could not find Application \"project-name\".",
"status": "NOT_FOUND" } }
The value for --project must correspond to a Google Cloud Platform project ID.
It's unclear whether you replaced your actual project ID (NB Project IDs and Project names are distinct properties, see link) with project-name when you pasted your question.
One way to verify that the project exists would be to:
gcloud projects describe [[PROJECT]]
Assuming the project exists, a second consideration is that (since you're not specifying deployables), the command assumes the working directory contains an app.yaml (App Engine app configuration) file.
I am trying to deploy a go 1.11 runtime that used to work, but recently I've been getting: ERROR: (gcloud.app.deploy) INVALID_ARGUMENT: unable to resolve source errors.
Nothing in my app.yaml has changed, and the error message isn't helpful to understand what the issue could be. I ran it with the --verbosity=debug flag and get:
Building and pushing image for service [apiv1]
DEBUG: Could not call git with args ('config', '--get-regexp', 'remote\\.(.*)\\.url'): Command '['git', 'config', '--get-regexp', 'remote\\.(.*)\\.url']' returned non-zero exit status 1
INFO: Could not generate [source-context.json]: Could not list remote URLs from source directory: /var/folders/18/k3w6w7f169xg4mypdwj7p4_c0000gn/T/tmp6IkZKx/tmphibUAo
Stackdriver Debugger may not be configured or enabled on this application. See https://cloud.google.com/debugger/ for more information.
INFO: Uploading [/var/folders/18/k3w6w7f169xg4mypdwj7p4_c0000gn/T/tmpVHKXol/src.tgz] to [staging.wildfire-app-backend.appspot.com/asia.gcr.io/wildfire-app-backend/appengine/apiv1.20190506t090359:latest]
DEBUG: Using runtime builder root [gs://runtime-builders/]
DEBUG: Loading runtimes manifest from [gs://runtime-builders/runtimes.yaml]
INFO: Reading [<googlecloudsdk.api_lib.storage.storage_util.ObjectReference object at 0x105ca9b10>]
DEBUG: Resolved runtime [go1.11] as build configuration [gs://runtime-builders/go-1.11-builder-20181217154124.yaml]
INFO: Using runtime builder [gs://runtime-builders/go-1.11-builder-20181217154124.yaml]
INFO: Reading [<googlecloudsdk.api_lib.storage.storage_util.ObjectReference object at 0x105b03b50>]
DEBUG: (gcloud.app.deploy) INVALID_ARGUMENT: unable to resolve source
Traceback (most recent call last):
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line 985, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py", line 795, in Run
resources = command_instance.Run(args)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/surface/app/deploy.py", line 90, in Run
parallel_build=False)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py", line 636, in RunDeploy
flex_image_build_option=flex_image_build_option)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py", line 411, in Deploy
image, code_bucket_ref, gcr_domain, flex_image_build_option)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/command_lib/app/deploy_util.py", line 287, in _PossiblyBuildAndPush
self.deploy_options.parallel_build)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/api_lib/app/deploy_command_util.py", line 450, in BuildAndPushDockerImage
return _SubmitBuild(build, image, project, parallel_build)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/api_lib/app/deploy_command_util.py", line 483, in _SubmitBuild
build, project=project)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/api_lib/cloudbuild/build.py", line 149, in ExecuteCloudBuild
build_op = self.ExecuteCloudBuildAsync(build, project)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/api_lib/cloudbuild/build.py", line 133, in ExecuteCloudBuildAsync
build=build,))
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/googlecloudsdk/third_party/apis/cloudbuild/v1/cloudbuild_v1_client.py", line 205, in Create
config, request, global_params=global_params)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py", line 731, in _RunMethod
return self.ProcessHttpResponse(method_config, http_response, request)
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py", line 737, in ProcessHttpResponse
self.__ProcessHttpResponse(method_config, http_response, request))
File "/usr/local/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/lib/third_party/apitools/base/py/base_api.py", line 604, in __ProcessHttpResponse
http_response, method_config=method_config, request=request)
HttpBadRequestError: HttpError accessing <https://cloudbuild.googleapis.com/v1/projects/wildfire-app-backend/builds?alt=json>: response: <{'status': '400', 'content-length': '114', 'x-xss-protection': '0'
, 'x-content-type-options': 'nosniff', 'transfer-encoding': 'chunked', 'vary': 'Origin, X-Origin, Referer', 'server': 'ESF', '-content-encoding': 'gzip', 'cache-control': 'private', 'date': 'Mon, 06 May 2
019 16:04:41 GMT', 'x-frame-options': 'SAMEORIGIN', 'alt-svc': 'quic=":443"; ma=2592000; v="46,44,43,39"', 'content-type': 'application/json; charset=UTF-8'}>, content <{
"error": {
"code": 400,
"message": "unable to resolve source",
"status": "INVALID_ARGUMENT"
}
}
>
ERROR: (gcloud.app.deploy) INVALID_ARGUMENT: unable to resolve
Any advice would be useful, I also tried it with gcloud beta, I rotated my credentials and was of no use. My user has Owner role, but I added individually all the roles that might be necessary
App Engine Admin
App Engine Code Viewer
App Engine Deployer
App Engine Service Admin
Project Billing Manager
Cloud Build Service Account
Cloud Build Editor
Cloud Build Viewer
Owner
Storage Admin
Try disabling and enabling the Cloud Build API in your project so a new service account is created, then try to deploy again.
This ensures that Cloud Build has permission to start builds (the service account name should look like project-number#cloudbuild.gserviceaccount.com).
I found that it took a while for the API permissions to propagate fully.
I had this error after enabling the App Engine Admin API, but I waited a few minutes and tried again and it worked fine.
Cloud Build uses a service account instead of your user credential, so adding roles to your user won't help in this case.
You should be able to manually add the service account, [project-number]#cloudbuild.gserviceaccount.com, back to your account without re-enabling the API. Some users are known to delete random service accounts they don't recognize, which can sometimes cause this issue.
In summary, check if the service account exists. If so, give it all the roles it needs; if not, then create it and give it all the role it needs.
It is insanely hard, to deploy an app to Google App Engine, using Google Cloud SDK.
I had tried the below 2 commands
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud config set project jstock-android
Updated property [core/project].
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud app deploy app.yaml --log-http --verbosity=debug
DEBUG: Running [gcloud.app.deploy] with arguments: [--log-http: "true", --verbosity: "debug", DEPLOYABLES:1: "['app.yaml']"]
DEBUG: No staging command found for runtime [python27] and environment [STANDARD].
DEBUG: API endpoint: [https://appengine.googleapis.com/], API version: [v1]
=======================
==== request start ====
uri: https://appengine.googleapis.com/v1/apps/jstock-android?alt=json
method: GET
== headers start ==
Authorization: Bearer ya29.GlxEBb1XVP1JK93-ARiaN_ZgiMbvZmw5KWfvJVfibDJ4FK_ZaMRoU1jVDTiWzsY606GSduJKJd9Nm8zA-_Iql5mGn4AMk4QVl8mPRycfekeZnOOHtbUvpkBMgOLOQA
accept: application/json
accept-encoding: gzip, deflate
content-length: 0
user-agent: google-cloud-sdk x_Tw5K8nnjoRAqULM9PFAC2b gcloud/184.0.0 command/gcloud.app.deploy invocation-id/c9ae232d33b346d787b95a36e28c38c0 environment/None environment-version/None interactive/True python/2.7.13 (Windows NT 10.0.16299)
== headers end ==
== body start ==
== body end ==
==== request end ====
---- response start ----
-- headers start --
-content-encoding: gzip
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
cache-control: private
content-length: 335
content-type: application/json; charset=UTF-8
date: Tue, 16 Jan 2018 19:16:21 GMT
server: ESF
status: 403
transfer-encoding: chunked
vary: Origin, X-Origin, Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
-- headers end --
-- body start --
{
"error": {
"code": 403,
"message": "Operation not allowed",
"status": "PERMISSION_DENIED",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ResourceInfo",
"resourceType": "gae.api",
"description": "The \"appengine.applications.get\" permission is required."
}
]
}
}
-- body end --
total round trip time (request+response): 1.796 secs
---- response end ----
----------------------
DEBUG: (gcloud.app.deploy) Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
Traceback (most recent call last):
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\calliope\cli.py", line 797, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\calliope\backend.py", line 757, in Run
resources = command_instance.Run(args)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\surface\app\deploy.py", line 65, in Run
parallel_build=False)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 543, in RunDeploy
app = _PossiblyCreateApp(api_client, project)
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\googlecloudsdk\command_lib\app\deploy_util.py", line 703, in _PossiblyCreateApp
api_client._FormatApp()))) # pylint: disable=protected-access
HttpException: Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
ERROR: (gcloud.app.deploy) Permissions error fetching application [apps/jstock-android]. Please make sure you are using the correct project ID and that you have permission to view applications on the project.
C:\Users\yccheok\Desktop\jstock-android-appengine>
Then, I went through https://cloud.google.com/appengine/docs/admin-api/accessing-the-api , it mentioned I need to use Admin API. So, I do it step by step carefully.
Step 1
Step 2
It mentions Admin API is enabled. Now I need credential.
Step 3
Step 4
OK. Now they mention I don't need create new credential. I can use Application Default Credentials ?!
Step 5
So, I went to https://developers.google.com/identity/protocols/application-default-credentials?hl=en_GB . I learn that I need to run
C:\Users\yccheok\Desktop\jstock-android-appengine>gcloud auth application-default login
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8085%2F&prompt=select_account&response_type=code&client_id=764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform&access_type=offline
Credentials saved to file: [C:\Users\yccheok\AppData\Roaming\gcloud\application_default_credentials.json]
These credentials will be used by any library that requests
Application Default Credentials.
Step 6
Step 7
Still, after completing the above 7 steps, I still get the exact same error message, when trying to run
gcloud app deploy app.yaml --log-http --verbosity=debug
Can anyone let me know, what step I'm still require, in order to deploy my Python app to Google App Engine, using Google Cloud SDK?
The Admin API is for programmatically deploying the app, not for deploying using gcloud app deploy, for which you don't even need the Admin API enabled for your app.
From Deploying a Python App:
To programmatically deploy your apps, use the Admin API.
Before you begin
Before you can deploy your app:
The Owner of the GCP project must create the App Engine application.
Ensure that your user account includes the required privileges.
(but I can see how the above could be mis-intrepreted as an invitation to use the Admin API)
Most likely the account actually used by gcloud app deploy is missing or doesn't have the required permissions.
You can check the acount used with gcloud auth list. In my case the account is my email address, not a service account (I'm not sure if a service account can be used).
Use gcloud auth login (and maybe gcloud auth revoke) if you need a different account.
And you can check the account's privileges (if any) on the project/app on the IAM Page.
One additional note on this,
When you enable the App Engine API and the cloud builder api, make sure the Cloud Build Service Account also has access to the project.
I ran into that problem after enabling the correct apis.
This was using a build trigger. I could deploy locally from a command line because I was authenticated as myself. However, if you are using a build trigger, it will use the build service account, which needs access.
Hope this helps.
I had this issue. In my case it was solved by setting the project using the project ID, rather than the project name. See this answer
gcloud app deploy ERROR: Permissions error fetching application [apps/<PROJECT_NAME>]
I am having an issue where I'm getting a 500 internal error when connecting to my Laravel API.
I had my site originally on GoDaddy using example.com as the main site and api.example.com as the api, but then decided to move it to Google Cloud Platform. I went ahead and set up an instance in the Google Compute Engine using Debian 8. I am using ISPConfig 3 to do all my server stuff. I have my site and my api in two separate repos on Github. I went my server directory to /var/www/example.com/web and cloned my main site into it. Since this create a folder within the root directory of my site, I also went into the vhost and set the default directory to point to the new cloned directory.
I then created another site with ISPConfig for my api and went into the DNS and created a A record and pointed it to the same IP as my main site. I then went into /var/www/api.example.com/web and cloned my api's repo into it, just like my main site. I went into the vhost for my api and pointed the default directory to my new cloned directory.
I can go to example.com just fine, but when I try to log in (this is the first point an api call is made), I get a 500 internal error.
I'm not using CORS and I never have because I use my own JSON web tokens, therefore my CORS is turned off.
Any ideas on how to fix the 500 error?
EDIT
Formatting
Edit 2
These are the last two lines in the error log for apache:
[Sat Sep 24 21:17:17.095798 2016] [core:crit] [pid 17588] (13)Permission denied: AH00529: /var/www/api.example.com/web/api/public/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Sat Sep 24 21:17:17.095875 2016] [authz_core:error] [pid 17588] AH01630: client denied by server configuration: /var/www/api.example.com/web/error/403.html, referer: http://example.com/login
I'm not sure why it's throwing this .htaccess error. It's the .htaccess that Laravel automatically created.
Errors says what is your problem: Permission denied: AH00529: /var/www/api.example.com/web/api/public/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Make htaccess readable using chmod command:
chmod 644 /var/www/api.example.com/web/api/public/.htaccess
Also check this answers if this not help