Closed brancengregory closed 2 years ago
MarkEdmondson1234
commented
2 years ago Perhaps it was too quick, if you rerun does it work? If not, please repeat the process but with options(googleAuthR.verbose = 2) to get a bit more logging information to put here.
MarkEdmondson1234
commented
2 years ago You do need to be an Owner of the project to be able to provision it.
brancengregory
commented
2 years ago I verified that I am the project Owner.
Using verbose I've received this info:
ℹ Creating service account googlecloudrunner ✓ Setting client.id from /Users/brancengregory/Documents/okpolicy/cjac-dashboard/googlecloudrunner-client.json ℹ 2021-11-15 11:24:43 > options(googleAuthR.scopes.selected=c(' https://www.googleapis.com/auth/cloud-platform ')) options(googleAuthR.client_id='
') options(googleAuthR.client_secret=' ') options(googleAuthR.webapp.client_id=' ') options(googleAuthR.webapp.client_secret=' ') ℹ 2021-11-15 11:24:43 > Token exists. ℹ 2021-11-15 11:24:43 > Request: https://iam.googleapis.com/v1/projects/cjac-332215/serviceAccounts/googlecloudrunner@cjac-332215.iam.gserviceaccount.com/ ℹ 2021-11-15 11:24:43 > Request Status Code: 404 ℹ 2021-11-15 11:24:43 > API returned error: Unknown service account ℹ 2021-11-15 11:24:43 > No retry attempted: Unknown service account Error in value[3L] : API returned: Unknown service account
brancengregory
commented
2 years ago I removed the googleAuthR.client_id and googleAuthR.client_secret myself. The webapp.client_id and webapp.client_secret were already blank in the console output.
brancengregory
commented
2 years ago I tried using googleAuthR's gar_service_create function directly and it says I have a valid local token and then returns:
ℹ 2021-11-15 11:39:42 > Request Status Code: 400 ℹ 2021-11-15 11:39:42 > API returned error: Unknown error. ℹ 2021-11-15 11:39:42 > No retry attempted: Unknown error. Error in value[3L] : API returned: Unknown error.
brancengregory
commented
2 years ago Hmmm, gar_service_list() on my project-id returns:
ℹ 2021-11-15 11:51:40 > Request Status Code: 403 ℹ 2021-11-15 11:51:40 > API returned error: The caller does not have permission ℹ 2021-11-15 11:51:40 > No retry attempted: The caller does not have permission Error: API returned: The caller does not have permission
So maybe it is a permissions issue after all?
MarkEdmondson1234
commented
2 years ago Ok thanks not your fault, its a bug in googleAuthR::gar_service_create()
https://github.com/MarkEdmondson1234/googleAuthR/issues/197
brancengregory
commented
2 years ago Gotcha, good to know. Through the process I learned enough to get everything provisioned manually and all tests are running, so I'll close in favor of the referenced issue. Thanks for your help!
MarkEdmondson1234
commented
2 years ago This should be fixed now if you install github version of googleAuthR 👍
remotes::install_github("MarkEdmondson1234/googleAuthR")
Hello again,
I'm repeating the process I went through yesterday, this time through my organizational Google account.
I've gotten to the step where I am provisioning a service account, however I receive the following:
I have verified that I am on the latest CRAN version of the package and that I have the needed APIs enabled.
If you have the time, any advice would be appreciated.
My intuition is to create a service account and then let the package assign it permissions, but following your setup video I see that you were able to have OAuth launch and then create the service account from within cr_setup(). That's a nice feature, so I'm hoping I can get it working.