Trying this out for the first time, tried following the tutorial, that failed. Tried using some known working packer code that also failed.
I keep getting:
Error: HCP: populating iteration failed
Failed to create client connection to artifact registry: status 1: err unable to
fetch project id: [GET /resource-manager/2019-12-10/projects][403]
ProjectService_List default &{Code:7 Details: Error: Message:}
I read here that someone who had the same issue created the service principal at the company level rather than project, so I tried that, but then I get:
[PUT
/packer/2021-04-30/organizations/{location.organization_id}/projects/{location.project_id}/images][404]
PackerService_CreateBucket default &{Code:5 Details: Message:No HCP Packer
registry was found for this organization and project. To create a registry,
please visit the HCP Packer tab in HashiCorp Cloud Platform}
As the user is not associated with a project.
Am I just misunderstanding how this works?
Any help would be great.
Hi @jason.gillette1 thanks for reaching out. There is an open issue with project level service principles and Packer that we are looking to fix. At this present time, the preferred service principle to use is at the org level. The first error being returned is due to Packer’s reliance on the upstream API, which a project level service principle just doesn’t have the permissions to access. That said, the org level service principle should work as documented with a small caveat.
Does the HCP organization have one project with an active registry?
The error seems to imply that the default project, which will be the first created project for the org does not have an active registry. If you create a registry for the project and try again you should get pass the initial error. If the org has multiple project you must set the project id via HCP_PROJECT_ID environment variable to push an image to the correct project.
I’m able to reproduce the issues you mentioned above and took the steps I provided to resolve (Started with an empty project, activated registry, and used an org level service principle) to push my first image.
Please give these suggested changes a try and let me know if you still run into issues.
Hi, that fixed my issue, thanks for your help.
I’m assuming this means the packer registry can only go into the default project?
As I could not see how to select a project when reading the hcp_packer_registry man page.
Thanks
Jason
1 Like
Apologies for the delayed response. Glad to hear that you were able to get passed the initial issue using an Org-level service principal. I have a pull-request open to fix the issue for project-level principals.
I’m assuming this means the packer registry can only go into the default project?
Using an org-level principal you are able to select which project to publish to by setting the HCP_PROJECT_ID env variable.
HCP_PROJECT_ID=1234567890 packer build .
As I could not see how to select a project when reading the hcp_packer_registry man page.
There is currently no support for setting the project id within the hcp_packer_registry block. This is work we will start looking into once we have a better idea on expected usage. The environment variable is the way to go for now.
1 Like