Deploying Firebase Extension from GitHub action results in an error that Mobile SDK API is disabled #5074
Comments
|
@westarle might be able to add some info here too. |
|
Hey @itsikbelson-spotlight, I'm looking into this. 2 questions: |
|
1 - See relevant part of debug log below. |
|
Could you verify that the project number in the error message "Mobile SDK API has not been used in project <PROJECT_NUM> " matches your project? If not, it might be 563584335869 instead? One possible cause of this is calls being pointed at the CLIs default project instead of your project. |
The <PROJECT_NUM> matches my project number. |
|
So, after digging through the code a bit, that API is used during extension deploy. When deploying extensions that use Firebase Auth, we make a call to that API to check if Auth has been provisioned on that project correctly (https://github.com/firebase/firebase-tools/blob/master/src/extensions/provisioningHelper.ts#L134). However, we're missing a call to ensure that it is enabled before we call it. I'll make a PR to do so shortly. For now, you can work around this by enabling that API by clicking the link in the error message. |
Thanks @joehan . |
|
Talked to some folks who know more about that API, and realized that we shouldn't actually enable it on the user project - that call is meant to go to the CLI consumer project. I'll update my PR to make this a best effort call, but I'd still like to understand why its working in one environment but not Github Actions. @itsikbelson-spotlight Could you share a little more about the Github action that you are using to deploy this? Is it a publicly available action, or something custom that you can share a minimal viable repro of? |
|
I can share some of the action code and relevnat scripts. It's not a public action. Action relevant code: Relevant npm scripts: |
|
@itsikbelson-spotlight Thanks for the GH action code. I set that up on a test repo (https://github.com/joehan/gh-action-test/actions/runs/3277388571/jobs/5394597350), but I haven't been able to reproduce the issue. My best guess at this point is that the issue is related to how the GH action is authorizing. I did not run into this when using a token from |
|
I'm setting |
|
Changed these checks to be best effort, which should resolve this issue. Unfortunately, I wasn't able to repro the issue you were facing, even using |
|
Hi, Error when checking App Developer TOS for xxx. This is expected if authenticated via a service account: FirebaseError: HTTP Error: 403, Firebase Extensions Terms of Service Private API has not been used in project xxx before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/firebaseextensionstos-pa.googleapis.com/overview?project=xxx then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
...
Error: HTTP Error: 403, Mobile SDK API has not been used in project xxx before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/mobilesdk-pa.googleapis.com/overview?project=xxx then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
[2023-08-24T07:51:19.965Z] Error Context: {
"body": {
"error": {
"code": 403,
"message": "Mobile SDK API has not been used in project xxx before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/mobilesdk-pa.googleapis.com/overview?project=xxx then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.Help",
"links": [
{
"description": "Google developers console API activation",
"url": "https://console.developers.google.com/apis/api/mobilesdk-pa.googleapis.com/overview?project=xxx"
}
]
},
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "SERVICE_DISABLED",
"domain": "googleapis.com",
"metadata": {
"consumer": "projects/xxx",
"service": "mobilesdk-pa.googleapis.com"
}
}
]
}
},
"response": {
"statusCode": 403
}
}when deploying via github actions: - name: Decode Google Cloud Service Account key
env:
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
run: |
echo "$GCP_SA_KEY" | base64 -d > /tmp/creds.json
echo "GOOGLE_APPLICATION_CREDENTIALS=/tmp/creds.json" >>"$GITHUB_ENV"
- name: Deploy Firebase - functions
run: |
echo \"N\n\" | firebase deploy --only functions --interactive
- name: Deploy Firebase except hosting
run: |
firebase deploy \
--except functions,hosting \
--project "$GOOGLE_CLOUD_PROJECT" \
--debugThe project number matches the real project. We started to have this problem the moment we added the extension Additional info:
Any suggestions? Thanks UpdateIf I run the steps of the workflow locally logged as the same service account I get the same error. If I run the steps of the workflow up to the $ firebase deploy --only extensions --debug
...
? Do you accept the Firebase Extensions User Terms of Service? (Y/n) Running CI after the extension has been deployed leads to the same issue. |
[REQUIRED] Environment info
firebase-tools: 11.13.0
Platform: Ubuntu
[REQUIRED] Test case
N/A
[REQUIRED] Steps to reproduce
We're started using GitHub actions to deploy our extensions:
firebase deploy --debug --only extensionsWe're using
firebase-tools@11.13.0Our extensions (configured using manifests) include:
[REQUIRED] Expected behavior
Firebase extensions deploy complete successfully.
[REQUIRED] Actual behavior
We get the following error upon deployment:
Mobile SDK API has not been used in project <PROJECT_ID> before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/mobilesdk-pa.googleapis.com/overview?project=<PROJECT_ID> then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.When I click the link I get a "Failed to load." error.
From reading a bit, I understand that Mobile SDK API is internal.
None of the extensions seems to rely on the Mobile SDK API.
The text was updated successfully, but these errors were encountered: