Open aefruswg opened 1 month ago
If check-service-account is passing then you should be all set. create-project is failing because you already have a project and GYB doesn't want to overwrite it.
What happens when you actually try to use the service account to backup/restore?
Please show the FULL output of your GYB commands.
But that output doesn't confirm or deny that the service account is working. The wording is confusing because I'm telling it to check a service account and the output is telling me to create one rather than confirming one is already configured. There's no affirmation; it's basically saying "task failed successfully". I understand that create-project
is throwing an error because there's already an existing one, hence my confusion as to why check-service-account
is seemingly going in circles
I initially didn't try using a service account given this ambiguity and was able to do a backup/restore by logging into both the account being backed up and the one receiving the restore. I just tried and here's the output.
gyb --email user@domain.com --action backup --local-folder C:\EmailBackups\Test\ --service-account
Traceback (most recent call last):
File "gyb.py", line 2817, in <module>
File "gyb.py", line 2045, in main
File "gyb.py", line 697, in buildGAPIServiceObject
File "gyb.py", line 1360, in getSvcAcctCredentials
File "google\oauth2\service_account.py", line 445, in refresh
File "google\oauth2\_client.py", line 308, in jwt_grant
File "google\oauth2\_client.py", line 279, in _token_endpoint_request
File "google\oauth2\_client.py", line 72, in _handle_error_response
google.auth.exceptions.RefreshError: ('unauthorized_client: Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested.', {'error': 'unauthorized_client', 'error_description': 'Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested.'})
[10008] Failed to execute script 'gyb' due to unhandled exception!
The scopes were added and approved 2 days ago when I first opened this issue.
The client ID and secret in the automatically generated client_secrets.json
match the information from Google Admin
The issue tracker is for reporting product deficiencies. How do I questions should be posted to the discussion forum at https://groups.google.com/group/got-your-back. When in doubt, start at the discussion forum and return here only when instructed to do so.
Please confirm the following:
Full steps to reproduce the issue:
check-service-account
outside of setupExpected outcome (what are you trying to do?): Use a service account
Actual outcome (what errors or bad behavior do you see instead?):