Cloud Build Issues

Yesterday, I typed out my tiny update, commit the change and pushed it out to github. Confident that I had published, I went to have breakfast.

When I went to check to see if the post had made it out, I found out that the build had broke. It turns out that things can change if you don’t publish for a few months. I’ve documented how I deploy the site in a previous post. Part of the deploy, uses cloud build. When I dove into the console to see what happened, I found the following error: Permission denied (HTTP 403): You do not have permission to act as <******>@appspot.gserviceaccount.com.

As far as I can tell, google changed how iam permissions are used for cloud build in the last few months. I’m still not sure exactly what happened. I had to go in and change permissions for the IAM user associated with the deploy. This stack overflow post was a little helpful but I still ran into errors even after updating permissions to match the recommendation from google. Eventually, I got it to work but not it was pretty frustrating when I was trying to keep the work inside a time box. I’m going to have to update my “how I deploy” post to include more information about these pitfalls. Expanding that post has been on my todo list for a while. Tomorrow will probably be a good day for that.