I have been continually deploying, deleting, and re-deploying a GCP Cloud function. This function is really complicated to set up in the browser. It takes 5 secrets, and runs through a service account (It’s crucial that this function is only allowed to be run with this 1 particular service account). I also limited the maxInstances to 10. Since this takes so long to continuously re-deploy from the browser, is there a way to set this up through the command line with a gcloud command? Or maybe a Docker command or something like that?
This is the output of gcloud functions describe <MY GCP CLOUD FUNCTION NAME>:
availableMemoryMb: 256
buildId: <BUILD ID HERE (LOOKS LIKE A GUID)>
buildName: projects/<PROJECT ID HERE>/locations/us-central1/builds/<BUILD ID HERE>
dockerRegistry: CONTAINER_REGISTRY
entryPoint: <ENTRY POINT FUNCTION NAME HERE>
httpsTrigger:
securityLevel: SECURE_ALWAYS
url: https://us-central1-<PROJECT ID NAME HERE>.cloudfunctions.net/<CLOUD FUNCTION NAME HERE>
ingressSettings: ALLOW_ALL
labels:
deployment-tool: console-cloud
maxInstances: 10
name: projects/<PROJECT ID NAME HERE>/locations/us-central1/functions/<CLOUD FUNCTION NAME HERE>
runtime: python39
secretEnvironmentVariables:
- key: CONSUMER_KEY
projectId: '<PROJECT ID HERE>'
secret: <CONSUMER_KEY SECRET NAME HERE>
version: '1'
- key: CONSUMER_SECRET
projectId: '<PROJECT ID HERE>'
secret: <CONSUMER_SECRET SECRET NAME HERE>
version: '1'
- key: ACCESS_TOKEN_PART_ONE
projectId: '<PROJECT ID HERE>'
secret: <ACCESS_TOKEN_PART_ONE SECRET NAME HERE>
version: '1'
- key: ACCESS_TOKEN_PART_TWO
projectId: '<PROJECT ID HERE>'
secret: <ACCESS_TOKEN_PART_TWO SECRET NAME HERE>
version: '1'
- key: ACCESS_TOKEN_SECRET
projectId: '<PROJECT ID HERE>'
secret: <ACCESS_TOKEN_SECRET SECRET NAME HERE>
version: '1'
serviceAccountEmail: <SERVICE ACCOUNT NAME HERE>@<PROJECT ID NAME HERE>.iam.gserviceaccount.com
sourceUploadUrl: https://storage.googleapis.com/uploads-<RANDOM LOOKING NUMBER THAT I DON'T RECOGNIZE>.us-central1.cloudfunctions.appspot.com/<RANDOM GUID LOOKING VALUE THAT I DON'T RECOGNIZE>.zip
status: ACTIVE
timeout: 60s
updateTime: '<TIMECODE HERE>'
versionId: '1'
I tried to create a deploy command for a basic python function in a main.py file that simply prints Hello World to the terminal.
gcloud functions --account=<SERVICE ACCOUNT NAME>@<PROJECT NAME>.iam.gserviceaccount.com deploy <NEW FUNCTION NAME>
--memory=256MB
--runtime=python39
--trigger-http
--security-level=secure-always
--entry-point=hello_world
--max-instances=10
--service-account=<SERVICE ACCOUNT NAME>@<PROJECT NAME>.iam.gserviceaccount.com
--source=/path/to/main/py/file/dir
And I got this error: ERROR: (gcloud.functions.deploy) PERMISSION_DENIED: Permission 'cloudfunctions.functions.sourceCodeSet' denied on resource 'projects/<MY PROJECT NAME>/locations/us-central1' (or resource may not exist).
Btw I already tried setting Cloud Build Settings > Cloud Functions > Cloud Functions Developer to enabled. It still gives me the same error…
What am I doing wrong? How can I get the function to deploy?
2
Answers
This worked:
P.S. don't forget to put your
requirements.txtin the same folder as yourmain.pyAccording to the error message, you’d have to assign role
roles/cloudfunctions.developer, which provides permissioncloudfunctions.functions.sourceCodeSet.