【Cloud Functions】Functions Framework for Rubyを試す（GitHub Actionsからデプロイ編）

$ mkdir .github/workflows
$ vim .github/workflows/deploy.yml

name: Deploy

on:
  push:
    branches: [ main ]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: google-github-actions/deploy-cloud-functions@main
      with:
        credentials: ${{ secrets.GCP_SA_KEY }}
        name: hello
        runtime: ruby27

 require "functions_framework"
 
 FunctionsFramework.http("hello") do |request|
-  "Hello, world!\n"
+  "Hello, world! (Deploy from GitHub Actions)\n"
 end

$ git push
$ gh run watch

Refreshing run status every 3 seconds. Press Ctrl+C to quit.

✓ main Deploy · 1246588184
Triggered via push about 20 hours ago

JOBS
✓ deploy in 1m6s (ID 3640768767)
  ✓ Set up job
  ✓ Run actions/checkout@v2
  ✓ Run google-github-actions/deploy-cloud-functions@main
  ✓ Post Run actions/checkout@v2
  ✓ Complete job

✓ Run Deploy (1246588184) completed with 'success'

$ curl https://us-central1-masamune-287217.cloudfunctions.net/hello
Hello, world! (Deploy from GitHub Actions)

[Missing necessary permission iam.serviceAccounts.actAs for  on the service account [email protected]. 
Ensure that service account [email protected] is a member of the project PROJECT_ID, and then grant  the roles/iam.serviceAccountUser role. 
You can do that by running 'gcloud iam service-accounts add-iam-policy-binding [email protected] --member=$member --role=roles/iam.serviceAccountUser' 
In case the member is a service account please use the prefix 'serviceAccount:' instead of 'user:'.]

$ gcloud iam service-accounts add-iam-policy-binding [email protected] \
    --member='serviceAccount:deploy-account@PROJECT_ID.iam.gserviceaccount.com' \
    --role=roles/iam.serviceAccountUser