Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

google-github-actions/auth failed with: retry function failed after 4 attempts: failed to generate Google Cloud access token for *** #1237

Closed
arivictor opened this issue May 15, 2024 · 4 comments
Closed

google-github-actions/auth failed with: retry function failed after 4 attempts: failed to generate Google Cloud access token for *** #1237

arivictor opened this issue May 15, 2024 · 4 comments
Assignees
@daniel-cit
Labels
backlog bug Something isn't working Stale

Comments

@arivictor
Copy link

arivictor commented May 15, 2024
edited
Loading

TL;DR

  • Github action workflow job run is failing with the above.
  • Successfully deploy step 0 - Bootstrap
  • At stage now where I have a PR open on a "plan" branch against "production"

Expected behavior

Pull request GHA runs terraform plan successfully, authenticating to the project using the provided secrets/credentials in GH.

Observed behavior

Error: google-github-actions/auth failed with: retry function failed after 4 attempts: failed to generate Google Cloud access token for ***: (403) {
  "error": {
    "code": 403,
    "message": "Permission 'iam.serviceAccounts.getAccessToken' denied on resource (or it may not exist).",
    "status": "PERMISSION_DENIED",
    "details": [
      {
        "@type": "type.googleapis.com/google.rpc.ErrorInfo",
        "reason": "IAM_PERMISSION_DENIED",
        "domain": "iam.googleapis.com",
        "metadata": {
          "permission": "iam.serviceAccounts.getAccessToken"
        }
      }
    ]
  }
}

The workload identity federation is created, I don't know if it's configured right as it doesn't show any connected service accounts.

Terraform Configuration

As per the repo

Terraform Version

Terraform v1.8.3
on darwin_arm64
+ provider registry.terraform.io/hashicorp/google v4.84.0
+ provider registry.terraform.io/hashicorp/google-beta v4.84.0
+ provider registry.terraform.io/hashicorp/null v3.2.2
+ provider registry.terraform.io/hashicorp/random v3.6.1
+ provider registry.terraform.io/hashicorp/time v0.11.1
+ provider registry.terraform.io/integrations/github v5.34.0

Additional information

Terraform plans and applies locally fine.
@arivictor arivictor added the bug Something isn't working label May 15, 2024
@aalldridge
Copy link

I am observing the same behaviour with GitLab.

@sleighton2022
Copy link
Collaborator

Will try and reproduce

@daniel-cit daniel-cit self-assigned this Jun 28, 2024
@github-actions GitHub Actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Aug 27, 2024
@daniel-cit daniel-cit removed the Stale label Aug 28, 2024
@github-actions GitHub Actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Oct 27, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Nov 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daniel-cit daniel-cit

Labels
backlog bug Something isn't working Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aalldridge @arivictor @daniel-cit @sleighton2022