action-hosting-deploy: [BUG] Permission 'cloudfunctions.functions.list' denied

Still seems to be a problem 😔

@teebu How did you add the cloudfunctions.functions.list permission to the service account? Did you have to add the whole roles/cloudfunctions.viewer role?

In cloud.google.com click ‘IAM & Admin’, then look for the principal with ‘github-action’, hit the pencil to edit, click ‘add another role’ and add ‘cloud functions viewer’. BTW, make sure you’re in the right project (i have multiple)

I couldn’t wait for the fix, so I ended up adding the cloudfunctions.viewer role (aka Cloud Functions Viewer) to the service account and deployment worked

@mustafaradheyy sorry for the late reply, Github Action didn’t print firebase-tools version for me but I will try to lock the version by adding it to my package.json and see if I get different results from 11.13.0 and 11.14.0.

Since I didn’t want to give the service account more permissions I tried pinning the version to 11.13.0 (using npm install --save-dev firebase-tools@11.13.0 for the project).

So far the best workaround for me.

In my case adding “Cloud Functions Viewer” role to the GitHub actions service account helped. The service account name looks something like github-action-<some-number>@<project-id>.iam.gserviceaccount.com

Why hosting need functions permission. Please fix.

What worked for us was adding Cloud Functions Viewer role to all the associated github service accounts and enabled the Cloud Functions API.

Google’s policy was changed? Yesterday, everything was good, but today I faced such issue. Why this happen?

Same here. enabling cloudfunctions.googleapis.com in the project and adding roles/cloudfunctions.viewer to the service account works for me

same situation, yesterday it was good but seeing this error now. I am using FirebaseExtended/action-hosting-deploy@v0 Adding Cloud Function Viewer role didn’t solve my problem.

This just cropped up for us as well, including --only hosting

Same here. Looks like firebase-tools introduced some issues ~24h ago with release 10.9.0, and have put out a couple of release fixes since then. Am hoping the problem resolves itself with these fixes. https://github.com/firebase/firebase-tools/releases

Adding Cloud Function Viewer role didn’t solve my problem.

Same here. Adding Cloud Function Viewer role didn’t solve the issue.

same situation, yesterday all good, today this error and also adding the Cloud Function Viewer role did not solve the issue

In my case adding just a role didn’t do anything. I had to open the link which was suggested in error message which redirected me to API and services section of that project in GCP and I searched and added a new service named google cloud functions

And are you using firebase-tools@11.14.0?

where could I check the version of it?

I think if you have it installed via package.json it will be listed there, otherwise Github Actions would automatically install it for you and therefore it would probably install the latest version automatically.

Which would be listed under “Run FirebaseExtended/action-hosting-deploy@v0” > “Deploying to Firebase preview channel”.

Yes, I have the same issue when try to deploy angular with server-side rendering function.

You can follow this to get resolved

https://github.com/FirebaseExtended/action-hosting-deploy/issues/203#issuecomment-1129053273

It worked for me as well 🎉