calendar-agent service unable to write to firestore:

ayrorg / infra

Common infrastructure as code repository.

Apache License 2.0

3 stars 2 forks source link

calendar-agent service unable to write to firestore: #71

Open braaar opened 1 year ago

braaar commented 1 year ago

PERMISSION_DENIED: Missing or insufficient permissions.

braaar commented 1 year ago

Looking at the rules in Firestore, I see this: You don't have a ruleset and you do not have permission to create one. Missing at least one of: firebaserules.rulesets.create, firebaserules.releases.create

braaar commented 1 year ago

Do we actually need rules?

braaar commented 1 year ago

From the previous cloud environment we had these rules:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if false;
    }
  }
}

Do we need the same? Or is there something else we need to do to, like giving the calendar service some permissions or something? @cobraz – are you knowledgeable about this?

braaar commented 1 year ago

This article presents another solution: https://medium.com/firebase-tips-tricks/how-to-fix-firestore-error-permission-denied-missing-or-insufficient-permissions-777d591f404

braaar commented 1 year ago

The article suggests this:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth != null;
    }
  }
}

braaar commented 1 year ago

This issue is still present for me, at https://calendar-agent-878dcc9-cfdt2bgvka-lz.a.run.app/authorize