Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Presigned Storage URLs not used for image generation #86

Open
kuzpactor opened this issue Aug 20, 2023 · 0 comments · May be fixed by #87
Open

Presigned Storage URLs not used for image generation #86

kuzpactor opened this issue Aug 20, 2023 · 0 comments · May be fixed by #87
Labels
bug

Comments

@kuzpactor
Copy link
Contributor

Overview of the Issue

Right now in order to upload an image (like previously brewn qcow2 file) you have to either enable public access on your bucket, or come up with a more-or-less complicated set of ACLs around it.

Without that, image cannot be created because Compute ImageService.Create has no permissions to the object.
One way out of this situation is to use URL Presigning, which BTW is already used in case of importing other artifacts already present in Object Storage.

To be honest, I'm not really sure if this is a bug, but right now it definitely makes working with YC significantly more involved that it potentially could be.

Reproduction Steps

  1. Create an empty bucket with default permissions.
  2. Point packer to that bucket, with whatever file that ends with .qcow2
  3. Receive an error after Compute launches their op: rpc error: code = InvalidArgument desc = url source not found

Plugin and Packer version

From 1.1.2

Simplified Packer Buildfile

source "file" "base" {
    source = "testing.qcow2"
    target =  "testing.qcow2"
}

build {
    sources = ["sources.file.base"]

    post-processors {
        post-processor "yandex-import" {
            service_account_key_file = "key.json"
            folder_id = "b48..."
            service_account_id = "f08..."
            bucket = "kuzpactor-service"
        }
    }
}

Operating system and Environment details

MacOS, 13.4.1 (22F82), on Apple Silicon (M1).
The plugin is launched with patch from #83, because otherwise the file ends up in the wrong installation.

Log Fragments and crash.log files

==> file.base (yandex-import): Uploading file testing.qcow2 to bucket kuzpactor-service/packer-import-1692557311.qcow2...
==> file.base (yandex-import): Source of Image creation: object source, url: https://storage.il.nebius.cloud/kuzpactor-service/packer-import-1692557311.qcow2
==> file.base (yandex-import): Creating Yandex Compute Image test-image-1692557311 within operation "alk9aaj99asv7v41qak6"
==> file.base (yandex-import): Waiting for Yandex Compute Image creation operation to complete...
2023/08/20 20:48:47 packer-plugin-yandex plugin: 2023/08/20 20:48:47 error: failed to create Yandex Compute Image: operation (id=alk9aaj99asv7v41qak6) failed: rpc error: code = InvalidArgument desc = url source not found
2023/08/20 20:48:47 [INFO] (telemetry) ending yandex-import
@kuzpactor kuzpactor added the bug label Aug 20, 2023
@kuzpactor kuzpactor linked a pull request Aug 20, 2023 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use Object Storage URL Presigning for image create kuzpactor/packer-plugin-yandex
1 participant
@kuzpactor