-
Notifications
You must be signed in to change notification settings - Fork 950
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot deploy with Gitlab CI: No OAuth tokens found #7854
Comments
Hey @thoriqadillah - this I'll pass this along to the folks maintaining web frameworks to verify/take a closer look at. |
Hi,
Wondering if the issues are related and how to solve it. |
Hello, I'm encountering the same issue with the Context: I’m using a GitHub Action to deploy my app to Firebase Hosting, with a service account configured in my GitHub secrets.
{
"firestore": {
"rules": "firestore.rules",
"indexes": "firestore.indexes.json"
},
"emulators": {
"firestore": {
"port": 8080
},
"ui": {
"enabled": true,
"port": 10001
},
"singleProjectMode": true,
"auth": {
"port": 9099
}
},
"hosting": {
"source": ".",
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
],
"frameworksBackend": {
"region": "europe-west1",
"maxInstances": 1,
"memory": "1GiB"
}
},
"storage": {
"rules": "storage.rules"
}
}
# This file was auto-generated by the Firebase CLI
# https://github.com/firebase/firebase-tools
name: Deploy to Firebase Hosting on PR
on: pull_request
permissions:
checks: write
contents: read
pull-requests: write
jobs:
build_and_preview:
environment: production
if: ${{ github.event.pull_request.head.repo.full_name == github.repository }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci && npm run build
- uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: ${{ secrets.GITHUB_TOKEN }}
firebaseServiceAccount: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_ADFINITAS_POWERFORM }}
projectId: adfinitas-powerform
env:
FIREBASE_CLI_EXPERIMENTS: webframeworks
[2024-11-12T10:27:34.032Z] Building nodejs source
i functions: Loading and analyzing source code for codebase firebase-frameworks-adfinitas-powerform to determine what to deploy
[2024-11-12T10:27:34.033Z] Could not find functions.yaml. Must use http discovery
[2024-11-12T10:27:34.038Z] Found firebase-functions binary at '/home/runner/work/Powerform/Powerform/.firebase/adfinitas-powerform/functions/node_modules/.bin/firebase-functions'
Serving at port 8290
[2024-11-12T10:27:34.419Z] Got response from /__/functions.yaml ***"endpoints":***"ssradfinitaspowerform":***"availableMemoryMb":1024,"timeoutSeconds":null,"minInstances":null,"maxInstances":1,"ingressSettings":null,"concurrency":null,"serviceAccountEmail":null,"vpc":null,"platform":"gcfv2","region":["europe-west1"],"labels":***,"httpsTrigger":***,"entryPoint":"ssradfinitaspowerform"***,"specVersion":"v1alpha1","requiredAPIs":[],"extensions":***
i extensions: ensuring required API firebaseextensions.googleapis.com is enabled...
[2024-11-12T10:27:34.459Z] No OAuth tokens found
[2024-11-12T10:27:34.459Z] >>> [apiv2][query] GET https://serviceusage.googleapis.com/v1/projects/adfinitas-powerform/services/firebaseextensions.googleapis.com [none]
[2024-11-12T10:27:34.459Z] >>> [apiv2][(partial)header] GET https://serviceusage.googleapis.com/v1/projects/adfinitas-powerform/services/firebaseextensions.googleapis.com x-goog-quota-user=projects/adfinitas-powerform
[2024-11-12T10:27:34.641Z] <<< [apiv2][status] GET https://serviceusage.googleapis.com/v1/projects/adfinitas-powerform/services/firebaseextensions.googleapis.com 200
[2024-11-12T10:27:34.641Z] <<< [apiv2][body] GET https://serviceusage.googleapis.com/v1/projects/adfinitas-powerform/services/firebaseextensions.googleapis.com [omitted]
✔ extensions: required API firebaseextensions.googleapis.com is enabled
[2024-11-12T10:27:34.642Z] > command requires scopes: ["email","openid","https://www.googleapis.com/auth/cloudplatformprojects.readonly","https://www.googleapis.com/auth/firebase","https://www.googleapis.com/auth/cloud-platform"]
[2024-11-12T10:27:34.642Z] [iam] checking project adfinitas-powerform for permissions ["firebase.projects.get","firebaseextensions.instances.list"]
[2024-11-12T10:27:34.643Z] No OAuth tokens found
[2024-11-12T10:27:34.643Z] >>> [apiv2][query] POST https://cloudresourcemanager.googleapis.com/v1/projects/adfinitas-powerform:testIamPermissions [none]
[2024-11-12T10:27:34.643Z] >>> [apiv2][(partial)header] POST https://cloudresourcemanager.googleapis.com/v1/projects/adfinitas-powerform:testIamPermissions x-goog-quota-user=projects/adfinitas-powerform
[2024-11-12T10:27:34.644Z] >>> [apiv2][body] POST https://cloudresourcemanager.googleapis.com/v1/projects/adfinitas-powerform:testIamPermissions ***"permissions":["firebase.projects.get","firebaseextensions.instances.list"]***
[2024-11-12T10:27:34.944Z] <<< [apiv2][status] POST https://cloudresourcemanager.googleapis.com/v1/projects/adfinitas-powerform:testIamPermissions 200
[2024-11-12T10:27:34.944Z] <<< [apiv2][body] POST https://cloudresourcemanager.googleapis.com/v1/projects/adfinitas-powerform:testIamPermissions ***"permissions":["firebase.projects.get"]***
[2024-11-12T10:27:34.944Z] [iam] error while checking permissions, command may fail: FirebaseError: Authorization failed. This account is missing the following required permissions on project adfinitas-powerform:
firebaseextensions.instances.list
[2024-11-12T10:27:34.945Z] No OAuth tokens found
[2024-11-12T10:27:34.945Z] >>> [apiv2][query] GET https://firebaseextensions.googleapis.com/v1beta/projects/adfinitas-powerform/instances pageSize=100&pageToken=
[2024-11-12T10:27:35.346Z] <<< [apiv2][status] GET https://firebaseextensions.googleapis.com/v1beta/projects/adfinitas-powerform/instances 403
[2024-11-12T10:27:35.346Z] <<< [apiv2][body] GET https://firebaseextensions.googleapis.com/v1beta/projects/adfinitas-powerform/instances ***"error":***"code":403,"message":"The caller does not have permission","status":"PERMISSION_DENIED"***
Error: Request to https://firebaseextensions.googleapis.com/v1beta/projects/adfinitas-powerform/instances?pageSize=100&pageToken= had HTTP Error: 403, The caller does not have permission
[2024-11-12T10:27:35.348Z] Error Context: ***
"body": ***
"error": ***
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
***
***,
"response": ***
"statusCode": 403
***
***
The process '/usr/local/bin/npx' failed with exit code 1
Error: The process '/usr/local/bin/npx' failed with exit code 1 If there’s any additional information I should provide, or specific settings I might need to review, please let me know. Thank you in advance for your help! |
Solved: Adding the IAM role |
[REQUIRED] Environment info
firebase-tools: 13.8.3
Platform: Fedora 39
[REQUIRED] Test case
No tests
[REQUIRED] Steps to reproduce
Create astro project with SSR enabled
Configure firebase. In
firebase init
, i select the hosting and it was recognizing the astro project, but when the setting up the github action, i prompted no. This is my.firebaserc
and this is my
firebase.json
here is my ci
[REQUIRED] Expected behavior
The CI deployment should be working. I have tested the deployment in my local machine and it works
[REQUIRED] Actual behavior
I have the following error. I'm assuming the
No OAuth tokens found
is the issue, but i don't know what is the problem. Here is the logUPDATE:
i edited my firebase.json with multiple target so that i can deploy
stg
tostaging
andprd
toproduction
, and apparently using npm instead of pnpm can solve the issue, so i also update thegitlab-ci
to use npm. but i still got error. here is the logThe text was updated successfully, but these errors were encountered: