Error creating source or destination with Google Secret Manager

Summary

User is facing an error while creating a source or destination in Airbyte related to Google Secret Manager configuration on a GCE Linux VM.


Question

Hello!
I’m having trouble creating any sort of source or destination. I keep getting the error shown in the image.

I believe I’ve just switched over to using the Google Secret Manager but I’m having trouble confirming that everything is configured correctly. Could this be the cause of the error?
I’ve deployed Airbyte on a GCE Linux VM using abctl.



This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. Click here if you want
to access the original thread.

Join the conversation on Slack

["error", "source-destination", "google-secret-manager", "abctl", "gce-linux-vm"]

Hello Sean, are you migrating from a previous Docker Compose deployment or is a fresh install?

It’s a fresh install

If you open the network tab of the browser devtools, can you see any details about the error?

Ah thank you for your suggestion to check there <@U07FH2Y34A1>
It looks like a PERMISSION_DENIED for secretmanager.secrets.create

I setup a service account with the permissions listed https://docs.airbyte.com/deploying-airbyte/infrastructure/gcp|here. Maybe I didn’t setup the values.yaml or secret.yaml correctly?

You might check that the various pods are running with your service account in kubectl. And/or, you might restart all the pods, in case they aren’t using the latest version of the service account (which I think I’ve run into before).

Note, I usually access the k8s cluster with something like
docker exec -it airbyte-abctl-control-plane kubectl -n airbyte-abctl get pods

Oh gosh so I figured out the permission issue.
I had wrapped the service account json with single quotes. But I needed to use double quotes and escape all the existing double quotes in the json data. I’m sure there is a better way to do that but I don’t know it.

Now however I have an issue with the secret creation. It is trying to create a global secret but my org policies require a location. Is that possible to set for airbyte?