Error: ... virtual machine instance does not have permission scopes specified. #3223
Description
I have a relatively straight forward cloud datastore app, deployed on appengine. I'm using Objectify 6. I am getting this error when running unit tests against the local datastore, on travis-ci.
java.io.IOException: Error code 404 trying to get security access token from Compute Engine metadata for the default service account. This may be because the virtual machine instance does not have permission scopes specified.
A few notes:
- this works fine on my local osx and windows machine
- it also works fine on a digital ocean ubuntu 16 instance
- storage and query ops works fine if I don't use Objectify
- it's not working on a ubuntu 14 instance hosted by travis (on GCE, coincidentally)
I've scraped the web looking for info on the problem, and while the problem seems scarce, the answers are even more scarce. I'm not really sure if this is a google problem, a travis problem, or an objectify problem.
Few questions:
- Why, when running against the local datastore, is it querying a remote google metadata server? Compute Engine? That's not even a service we are currently using. Edit: Actually, turns out the ubuntu 14 instance is itself running on GCE, so maybe that is the link.
- I've given the App Engine default service account all the seemingly relevant roles, to no avail. I do have 8 service accounts though - which one is correct?
- I've also made sure that on the travis instance, I am logged in through gcloud as said default service account, before running
mvn test - Is there a way I can debug using some curl calls to the metadata server? The error is just not very informative.
And finally, any ideas on what I can do to fix this? Thanks.
Metadata
Metadata
Assignees
Labels
No labels