英文:
Google Cloud Secret hunted to Cloud Run Instance Error: "SyntaxError: Unexpected token ':'"
问题
以下是翻译好的部分:
Secret code:
{
"type": "service_account",
"project_id": "video-ipod",
"private_key_id": "cc***********72",
"private_key": "-----BEGIN PRIVATE KEY-----\nMI****************kFPye\n-----END PRIVATE KEY-----\n",
"client_email": "fire*************nt.com",
"client_id": "1*************50",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/o*****erts",
"client_x509_cert_url": "https://www.googl*************sdk-wnvid%40video-ip********unt.com"
}
However, the deploy fails and I get this error:
SyntaxError: Unexpected token '':'
at Object.compileFunction (node:vm:360:18)
at wrapSafe (node:internal/modules/cjs/loader:1088:15)
at Module._compile (node:internal/modules/cjs/loader:1123:27)
at Module._extensions..js (node:internal/modules/cjs/loader:1213:10)
at Module.load (node:internal/modules/cjs/loader:1037:32)
at Module._load (node:internal/modules/cjs/loader:878:12)
at Module.require (node:internal/modules/cjs/loader:1061:19)
at require (node:internal/modules/cjs/helpers:103:18)
at Object.<anonymous> (/index.js:6:22)
at Module._compile (node:internal/modules/cjs/loader:1159:14)
At this line:
"type": "service_account",
And this is the code where I import the secret file and use it:
var serviceAccount = require("./secrets/video-ipod-firebase-adminsdk-wnvid-cc7ced9a5a.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount)
});
And here is the configuration where it is mounted:
英文:
I have a json config file with secure values that I have in a google cloud secret that follows (some of the values have been removed or reduced for security):
Secret code:
{
"type": "service_account",
"project_id": "video-ipod",
"private_key_id": "cc***********72",
"private_key": "-----BEGIN PRIVATE KEY-----\nMI****************kFPye\n-----END PRIVATE KEY-----\n",
"client_email": "fire*************nt.com",
"client_id": "1*************50",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/o*****erts",
"client_x509_cert_url": "https://www.googl*************sdk-wnvid%40video-ip********unt.com"
}
However, the deploy fails and I get this error:
SyntaxError: Unexpected token ':'
at Object.compileFunction (node:vm:360:18)
at wrapSafe (node:internal/modules/cjs/loader:1088:15)
at Module._compile (node:internal/modules/cjs/loader:1123:27)
at Module._extensions..js (node:internal/modules/cjs/loader:1213:10)
at Module.load (node:internal/modules/cjs/loader:1037:32)
at Module._load (node:internal/modules/cjs/loader:878:12)
at Module.require (node:internal/modules/cjs/loader:1061:19)
at require (node:internal/modules/cjs/helpers:103:18)
at Object.<anonymous> (/index.js:6:22)
at Module._compile (node:internal/modules/cjs/loader:1159:14)
At this line:
"type": "service_account",
And this is the code where I import the secret file and use it:
var serviceAccount = require("./secrets/video-ipod-firebase-adminsdk-wnvid-cc7ced9a5a.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount)
});
And here is the configuration where it is mounted:
This does appear to be correct JSON syntax and it was uploaded directly from the json file on my local machine that works during development, so I'm not sure how this is incorrect syntax.
答案1
得分: 1
你目前遇到的错误基本上是变量值的解析错误,这些值存储在配置文件中,并在部署 Cloud 实例时调用。
官方文档《为生产应用设置身份验证》1 提到,如果环境变量未设置,ADC 将使用 Compute Engine、Google Kubernetes Engine、Cloud Run、App Engine 和 Cloud Functions 提供的默认服务帐户,用于在这些服务上运行的应用程序。因此,要从 Cloud Run 访问 Secret Manager,Application Default Credentials(ADC)将使用 Cloud Run 的默认服务帐户。
我建议您将 JSON 文件放在与 index.js 相同的文件夹中,然后按照下面的方式引用它,然后初始化应用程序。
var serviceAccount = require("./myfirebaseapp-firebase-adminsdk-my-secret-key.json");
在部署到 Cloud Run 的代码中,关于路径和相对路径的引用在本地机器上将不起作用,因此可能会导致解析参数错误。如果可能的话,只使用默认服务帐户,并根据需要授予其执行所需操作的权限,这也是一个好方法。
还要检查以下类似的示例:
英文:
The error that you are getting is basically a parsing error for variable values,which are stored in a configuration file and being called when the Cloud Instance is deployed.
The official document Setting Up Authentication for Production Applications mentions that if the environment variable isn't set, ADC uses the default service account that Compute Engine, Google Kubernetes Engine, Cloud Run, App Engine, and Cloud Functions provide, for applications that run on those services.Therefore to access the Secret Manager from Cloud Run, Application Default Credentials (ADC) will use the default service account of Cloud Run.
I would suggest you put the json in the same folder as your index.js and try the reference as below and after that you initialize the app.
var serviceAccount = require("./myfirebaseapp-firebase-adminsdk-my-secret-key.json");
The references for path and relative path on your local machine in the code deployed to Cloud Run will not work and thus may resulting in parsing parameter error.It's even worth if you just use the default service account if possible, and give it the necessary permissions to do what it needs to do if necessary.
Also check these similar examples:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论