3bd2dfc002
This commit removes legacy App Engine deployment artifacts and updates the Makefile to reflect the successful migration of the `internal-launchpad` service to Cloud Run. The following changes were made: - Deleted obsolete permission scripts: - `fix-appengine-permissions-complete.sh` - `fix-project-level-permissions.sh` - `create-missing-repository.sh` - Removed the `firebase/internal-launchpad/app.yaml` file. - Updated `firebase.json` to remove the `launchpad` hosting configuration. These changes streamline the repository, reduce developer confusion, and prevent the accidental use of outdated deployment logic.
83 lines
3.1 KiB
Bash
Executable File
83 lines
3.1 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
PROJECT_ID="krow-workforce-dev"
|
|
PROJECT_NUMBER="933560802882"
|
|
REGION="us-central1"
|
|
|
|
echo "============================================"
|
|
echo "Fix App Engine + Artifact Registry Issue"
|
|
echo "============================================"
|
|
echo ""
|
|
|
|
# Le problème: App Engine essaie d'accéder à us.gcr.io qui pointe maintenant vers Artifact Registry
|
|
# Mais les permissions ne sont pas correctement configurées sur TOUS les repositories nécessaires
|
|
|
|
echo "1. Activation de l'API Container Registry (legacy GCR)..."
|
|
gcloud services enable containerregistry.googleapis.com --project=${PROJECT_ID}
|
|
|
|
echo ""
|
|
echo "2. Configuration des permissions sur TOUS les repositories Artifact Registry..."
|
|
|
|
# Liste de tous les repositories potentiels
|
|
REPOS=("gcr.io" "app-engine-tmp" "gae-standard")
|
|
|
|
for REPO in "${REPOS[@]}"; do
|
|
echo ""
|
|
echo " → Repository: ${REPO}"
|
|
|
|
# Vérifier si le repo existe
|
|
if gcloud artifacts repositories describe ${REPO} --location=us --project=${PROJECT_ID} &>/dev/null; then
|
|
echo " ✓ Repository existe"
|
|
|
|
# Ajouter les permissions pour Cloud Build SA
|
|
gcloud artifacts repositories add-iam-policy-binding ${REPO} \
|
|
--location=us \
|
|
--member="serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com" \
|
|
--role="roles/artifactregistry.reader" \
|
|
--project=${PROJECT_ID} --quiet 2>/dev/null || true
|
|
|
|
gcloud artifacts repositories add-iam-policy-binding ${REPO} \
|
|
--location=us \
|
|
--member="serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com" \
|
|
--role="roles/artifactregistry.writer" \
|
|
--project=${PROJECT_ID} --quiet 2>/dev/null || true
|
|
|
|
# Ajouter les permissions pour App Engine SA
|
|
gcloud artifacts repositories add-iam-policy-binding ${REPO} \
|
|
--location=us \
|
|
--member="serviceAccount:${PROJECT_ID}@appspot.gserviceaccount.com" \
|
|
--role="roles/artifactregistry.reader" \
|
|
--project=${PROJECT_ID} --quiet 2>/dev/null || true
|
|
|
|
echo " ✓ Permissions configurées"
|
|
else
|
|
echo " ⚠ Repository n'existe pas (normal)"
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
echo "3. Permissions Storage (pour les artefacts de build)..."
|
|
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
|
|
--member="serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com" \
|
|
--role="roles/storage.objectAdmin" \
|
|
--condition=None --quiet
|
|
|
|
echo ""
|
|
echo "4. Permissions Cloud Build spécifiques..."
|
|
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
|
|
--member="serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com" \
|
|
--role="roles/cloudbuild.builds.builder" \
|
|
--condition=None --quiet
|
|
|
|
echo ""
|
|
echo "============================================"
|
|
echo "✅ Configuration terminée!"
|
|
echo "============================================"
|
|
echo ""
|
|
echo "⏱ IMPORTANT: Attends 2-3 minutes pour la propagation des permissions IAM"
|
|
echo ""
|
|
echo "Puis lance:"
|
|
echo " cd firebase/internal-launchpad"
|
|
echo " gcloud app deploy app.yaml --project=${PROJECT_ID} --no-cache"
|
|
echo "" |