Because of deficiencies in the encrypted-PEM format, it's not always possible to detect an incorrect
password. In these cases no error will be returned but the decrypted DER bytes will be random noise.
this closes#3337
There were 5 different formats for the Packer useragent string. This
fixes that and unifies it into a helper package.
I did not touch oracle's user-agent, because it looked kinda special.
This change requires 'disable_default_service_account=false' in order to
set 'service_account_email'.
This is a guard against an incorrect assumption
that disabling the default service account would mean that no service
account would be used.
The ability to use a service account other than the default was
introduced in #5928. This change adds to that by introducing the
'disable_default_service_account' config option. If true - and
'service_account_email' is not set - Packer will create a GCE VM
with no service account.
This commit allows user to specify the service account they want
to associate with the virtual machine provisionned by setting
the service_account_email field in the config.
It allows to manage permissions of the instantiated VM properly,
using a service account that can be tied up to IAM roles and
permissions.
Run now takes a context as well as a statebag. We'll assign the context
to the blank identifier to prevent namespace collisions. We'll let the
step authors opt-in to using the context.
`find . -iname "step_*.go" -exec gsed -i'' 's/func \(.*\)Run(/func \1Run(_ context.Context, /' {} \;`
This change constructs partial URLs for networks and subnetworks if they
are not already partial or full URLs (i.e., they do not contain a '/' in
their name). Network and subnetwork self-links are no longer retrieved
from the API.
Previously, if a user did not provide the network or subnetwork as a
fully-qualified URL (i.e., self-link), the builder would make
compute.(sub)networks.get API calls with the provided identifier to
discover the self-link. This requires the user or service account Packer
is using to have permission to describe those network resources, which
is becoming less common as IAM is used more. Specifically, a user may
have permission to launch a VM into a network/subnetwork, but will not
have permission to call APIs to describe network resources.
Mikhail Ushanov
Matthew Aynalem
Adrien Delorme
Megan Marsh
deepuashokan85
DanHam
Richard Nienaber
Seth Vargo
Josh Soref
Evan Brown
Christophe Courtaut
Petr Hosek
Matthew Hooker
Daniel Hess
Atsushi Ishibashi