chmstimoteo
commented
1 month ago After second apply
╷ │ Error: Error waiting to create function: Error waiting for Creating function: Error code 13, message: Build failed with status: FAILURE and message: failed to Fetch: failed to download archive gs://gcf-v2-sources-71577557085-us-central1/activation-trigger/function-source.zip: Access to bucket gcf-v2-sources-71577557085-us-central1 denied. You must grant Storage Object Viewer permission to 71577557085-compute@developer.gserviceaccount.com. If you are using VPC Service Controls, you must also grant it access to your service perimeter. │ . For more details see the logs at https://console.cloud.google.com/cloud-build/builds;region=us-central1/1a97db7d-c85b-499a-b677-97d1af267048?project=71577557085. │ │ with module.activation[0].google_cloudfunctions2_function.activation_trigger_cf, │ on modules/activation/main.tf line 635, in resource "google_cloudfunctions2_function" "activation_trigger_cf": │ 635: resource "google_cloudfunctions2_function" "activation_trigger_cf" { │ ╵ ╷ │ Error: local-exec provisioner error │ │ with module.activation[0].module.activation_pipeline_container.null_resource.run_command[0], │ on .terraform/modules/activation.activation_pipeline_container/main.tf line 231, in resource "null_resource" "run_command": │ 231: provisioner "local-exec" { │ │ Error running command 'PATH=/google-cloud-sdk/bin:$PATH │ gcloud builds submit --project=maj-uat1 --tag us-central1-docker.pkg.dev/maj-uat1/activation-docker-repo/dataflow/activation-pipeline:latest ../../python/activation │ ': exit status 1. Output: Creating temporary archive of 3 file(s) totalling 21.8 KiB before compression. │ Uploading tarball of [../../python/activation] to [gs://maj-uat1_cloudbuild/source/1721357103.368917-92d2764691f546c68462ba51dcc7b5db.tgz] │ Created [https://cloudbuild.googleapis.com/v1/projects/maj-uat1/locations/global/builds/7003d723-fd5c-4f58-ac6a-9b248340299b]. │ Logs are available at [ https://console.cloud.google.com/cloud-build/builds/7003d723-fd5c-4f58-ac6a-9b248340299b?project=71577557085 ]. │ Waiting for build to complete. Polling interval: 1 second(s). │ │ INFO: The service account running this build does not have permission to write logs. To fix this, grant the Logs Writer (roles/logging.logWriter) role to the service │ account. │ │ 1 message(s) issued. │ ERROR: (gcloud.builds.submit) build 7003d723-fd5c-4f58-ac6a-9b248340299b completed with status "FAILURE" │ ---------------------------------------------------------------------------- REMOTE BUILD OUTPUT │ ----------------------------------------------------------------------------- │ starting build "7003d723-fd5c-4f58-ac6a-9b248340299b" │ │ FETCHSOURCE │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721357103.368917-92d2764691f546c68462ba51dcc7b5db.tgz#1721357104415146 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721357103.368917-92d2764691f546c68462ba51dcc7b5db.tgz#1721357104415146 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721357103.368917-92d2764691f546c68462ba51dcc7b5db.tgz#1721357104415146 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ ERROR │ ERROR: error fetching storage source: generic::unknown: retry budget exhausted (3 attempts): fetching gcs source: fetching object from gcs: source fetch container exited │ with non-zero status: 1 │ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ │ ╵
╷ │ Error: Error waiting to create function: Error waiting for Creating function: Error code 13, message: Build failed with status: FAILURE and message: failed to Fetch: failed to download archive gs://gcf-v2-sources-71577557085-us-central1/activation-trigger/function-source.zip: Access to bucket gcf-v2-sources-71577557085-us-central1 denied. You must grant Storage Object Viewer permission to 71577557085-compute@developer.gserviceaccount.com. If you are using VPC Service Controls, you must also grant it access to your service perimeter. │ . For more details see the logs at https://console.cloud.google.com/cloud-build/builds;region=us-central1/8a62be53-0afc-4e9b-a68a-07c9e2819fa4?project=71577557085. │ │ with module.activation[0].google_cloudfunctions2_function.activation_trigger_cf, │ on modules/activation/main.tf line 635, in resource "google_cloudfunctions2_function" "activation_trigger_cf": │ 635: resource "google_cloudfunctions2_function" "activation_trigger_cf" { │ ╵ ╷ │ Error: local-exec provisioner error │ │ with module.feature_store[0].null_resource.create_gemini_model, │ on modules/feature-store/bigquery-procedures.tf line 1470, in resource "null_resource" "create_gemini_model": │ 1470: provisioner "local-exec" { │ │ Error running command 'poetry run bq query --use_legacy_sql=false --max_rows=100 --maximum_bytes_billed=10000000 < ../../sql/query/create_gemini_model.sql │ ': exit status 2. Output: BigQuery error in query operation: Error processing job 'maj- │ uat1:bqjob_r62b2b20679a0ede0_00000190c8be8fde_1': Not found: Dataset maj- │ uat1:gemini_insights was not found in location US │ Failure details: │ - Not found: Dataset maj-uat1:gemini_insights was not found in │ location US │ ╵ ╷ │ Error: local-exec provisioner error │ │ with module.activation[0].module.activation_pipeline_container.null_resource.run_command[0], │ on .terraform/modules/activation.activation_pipeline_container/main.tf line 231, in resource "null_resource" "run_command": │ 231: provisioner "local-exec" { │ │ Error running command 'PATH=/google-cloud-sdk/bin:$PATH │ gcloud builds submit --project=maj-uat1 --tag us-central1-docker.pkg.dev/maj-uat1/activation-docker-repo/dataflow/activation-pipeline:latest ../../python/activation │ ': exit status 1. Output: Creating temporary archive of 3 file(s) totalling 21.8 KiB before compression. │ Uploading tarball of [../../python/activation] to [gs://maj-uat1_cloudbuild/source/1721354814.730974-46b852c3c4e34046b20e09a09b3d3d92.tgz] │ Created [https://cloudbuild.googleapis.com/v1/projects/maj-uat1/locations/global/builds/751cbaca-8dde-4136-b0ad-57cc97554d15]. │ Logs are available at [ https://console.cloud.google.com/cloud-build/builds/751cbaca-8dde-4136-b0ad-57cc97554d15?project=71577557085 ]. │ Waiting for build to complete. Polling interval: 1 second(s). │ │ INFO: The service account running this build does not have permission to write logs. To fix this, grant the Logs Writer (roles/logging.logWriter) role to the service │ account. │ │ 1 message(s) issued. │ ERROR: (gcloud.builds.submit) build 751cbaca-8dde-4136-b0ad-57cc97554d15 completed with status "FAILURE" │ ---------------------------------------------------------------------------- REMOTE BUILD OUTPUT │ ----------------------------------------------------------------------------- │ starting build "751cbaca-8dde-4136-b0ad-57cc97554d15" │ │ FETCHSOURCE │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721354814.730974-46b852c3c4e34046b20e09a09b3d3d92.tgz#1721354816958121 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721354814.730974-46b852c3c4e34046b20e09a09b3d3d92.tgz#1721354816958121 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ Fetching storage object: gs://maj-uat1_cloudbuild/source/1721354814.730974-46b852c3c4e34046b20e09a09b3d3d92.tgz#1721354816958121 │ AccessDeniedException: 403 71577557085-compute@developer.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket. Permission │ 'storage.objects.list' denied on resource (or it may not exist). │ ERROR │ ERROR: error fetching storage source: generic::unknown: retry budget exhausted (3 attempts): fetching gcs source: fetching object from gcs: source fetch container exited │ with non-zero status: 1 │ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ │ ╵