[REQUIRED] Environment info

firebase-tools:
12.9.1

Platform:
Ubuntu

[REQUIRED] Test case

https://github.com/TomTasche/firebase-nextjs-bug-report

[REQUIRED] Steps to reproduce

1. Configure the above project (a basic next.js setup) for your own Firebase project
2. Run "firebase deploy" locally, wait for initial deployment
3. Create pull request to trigger the CI

[REQUIRED] Expected behavior

CI should deploy a preview channel for the next.js project.

[REQUIRED] Actual behavior

CI fails with the following error log: https://gist.github.com/TomTasche/aa3dc43070223f8688d36d2acb399f95

2023-11-18T20:07:00.0218951Z "message": "Caller is missing permission 'iam.serviceaccounts.actAs' on service account projects/-/serviceAccounts/1022768502098-compute@developer.gserviceaccount.com.Grant the role 'roles/iam.serviceAccountUser' to the caller on the service account projects/-/serviceAccounts/1022768502098-compute@developer.gserviceaccount.com.You can do that by running 'gcloud iam service-accounts add-iam-policy-binding projects/-/serviceAccounts/1022768502098-compute@developer.gserviceaccount.com --member MEMBER --role roles/iam.serviceAccountUser'where MEMBER has a prefix like 'user:' or 'serviceAccount:'.Details and instructions for the Cloud Console can be found at https://cloud.google.com/functions/docs/reference/iam/roles#additional-configuration.",

There are a few problems with that error message:

1. the link to the documentation is wrong, should be https://cloud.google.com/functions/docs/reference/iam/roles#additional-configuration (trailing dot)
2. it does not actually tell me what to do: what am I supposed to replace "MEMBER" with?
3. it does not work: I did assign the "Service Account User" role to the mentioned service account, but I'm still experiencing the same issue:
   

In the best case, the next.js Firebase documentation should guide me through this step, since it seems to be mandatory for all projects anyway.