OS Login doesn't work with service account impersonation.
Error Log
REDACTED MCW0CDP3YY ~ Desktop Git REDACTED-image-pipeline-ccoe linux main 1✎ $ PACKER_LOG=1 packer build --var-file ubuntu.pkrvars.hcl image.pkr.hcl 2021/12/13 14:09:36 [INFO] Packer version: 1.7.8 [go1.17.2 darwin amd64]
2021/12/13 14:09:36 Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:36 [TRACE] discovering plugins in /usr/local/bin
2021/12/13 14:09:36 Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:36 [TRACE] discovering plugins in /Users/REDACTED/.packer.d/plugins
2021/12/13 14:09:36 [TRACE] discovering plugins in .
2021/12/13 14:09:36 [INFO] PACKER_CONFIG env var not set; checking the default config file path
2021/12/13 14:09:36 [INFO] PACKER_CONFIG env var set; attempting to open config file: /Users/REDACTED/.packerconfig
2021/12/13 14:09:36 [WARN] Config file doesn't exist: /Users/REDACTED/.packerconfig
2021/12/13 14:09:36 Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:36 [INFO] Setting cache directory: /Users/REDACTED/.cache/packer
2021/12/13 14:09:36 Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:36 [TRACE] listing potential installations for "github.com/hashicorp/googlecompute" that match ">= 1.0.0". plugingetter.ListInstallationsOptions{FromFolders:[]string{"/usr/local/bin/packer", ".", "/Users/REDACTED/.packer.d/plugins"}, BinaryInstallationOptions:plugingetter.BinaryInstallationOptions{APIVersionMajor:"5", APIVersionMinor:"0", OS:"darwin", ARCH:"amd64", Ext:"", Checksummers:[]plugingetter.Checksummer{plugingetter.Checksummer{Type:"sha256", Hash:(*sha256.digest)(0xc00020a080)}}}}
2021/12/13 14:09:36 [TRACE] Found the following "github.com/hashicorp/googlecompute" installations: [{/Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 v1.0.8}]
2021/12/13 14:09:37 [INFO] found external [-packer-default-plugin-name-] builders from googlecompute plugin
2021/12/13 14:09:37 [INFO] found external [export import] post-processors from googlecompute plugin
2021/12/13 14:09:37 [TRACE] validateValue: not active for zone, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for project_id, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for script, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for network_project, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for ssh_user, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for region, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for image_name_prefix, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for ssh_key_file, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for labels, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for impersonate_service_account, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for subnetwork, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for environment, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for image_description, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for image_family, so skipping
2021/12/13 14:09:37 [TRACE] validateValue: not active for source_image_family, so skipping
2021/12/13 14:09:37 [TRACE] Starting external plugin /Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 start builder -packer-default-plugin-name-
2021/12/13 14:09:37 Starting plugin: /Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 []string{"/Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64", "start", "builder", "-packer-default-plugin-name-"}
2021/12/13 14:09:37 Waiting for RPC address for: /Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 Plugin address: unix /var/folders/b1/dthn83bs2qbcrg38qszm22440000gn/T/packer-plugin803328759
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 Waiting for connection...
2021/12/13 14:09:37 Received unix RPC address for /Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64: addr is /var/folders/b1/dthn83bs2qbcrg38qszm22440000gn/T/packer-plugin803328759
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 Serving a plugin connection...
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 [TRACE] starting builder -packer-default-plugin-name-
2021/12/13 14:09:37 [TRACE] Starting internal plugin packer-provisioner-shell
2021/12/13 14:09:37 Starting plugin: /usr/local/bin/packer []string{"/usr/local/bin/packer", "plugin", "packer-provisioner-shell"}
2021/12/13 14:09:37 Waiting for RPC address for: /usr/local/bin/packer
2021/12/13 14:09:37 packer-provisioner-shell plugin: [INFO] Packer version: 1.7.8 [go1.17.2 darwin amd64]
2021/12/13 14:09:37 packer-provisioner-shell plugin: Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:37 packer-provisioner-shell plugin: [INFO] PACKER_CONFIG env var not set; checking the default config file path
2021/12/13 14:09:37 packer-provisioner-shell plugin: [INFO] PACKER_CONFIG env var set; attempting to open config file: /Users/REDACTED/.packerconfig
2021/12/13 14:09:37 packer-provisioner-shell plugin: [WARN] Config file doesn't exist: /Users/REDACTED/.packerconfig
2021/12/13 14:09:37 packer-provisioner-shell plugin: Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:37 packer-provisioner-shell plugin: [INFO] Setting cache directory: /Users/REDACTED/.cache/packer
2021/12/13 14:09:37 packer-provisioner-shell plugin: args: []string{"packer-provisioner-shell"}
2021/12/13 14:09:37 packer-provisioner-shell plugin: Old default config directory found: /Users/REDACTED/.packer.d
2021/12/13 14:09:37 packer-provisioner-shell plugin: Plugin address: unix /var/folders/b1/dthn83bs2qbcrg38qszm22440000gn/T/packer-plugin726205717
2021/12/13 14:09:37 packer-provisioner-shell plugin: Waiting for connection...
2021/12/13 14:09:37 Received unix RPC address for /usr/local/bin/packer: addr is /var/folders/b1/dthn83bs2qbcrg38qszm22440000gn/T/packer-plugin726205717
2021/12/13 14:09:37 packer-provisioner-shell plugin: Serving a plugin connection...
2021/12/13 14:09:37 Build debug mode: false
2021/12/13 14:09:37 Force build: false
2021/12/13 14:09:37 On error:
2021/12/13 14:09:37 Waiting on builds to complete...
googlecompute.packer: output will be in this color.
2021/12/13 14:09:37 Starting build run: googlecompute.packer
2021/12/13 14:09:37 Running builder:
2021/12/13 14:09:37 [INFO] (telemetry) Starting builder googlecompute.packer
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 [INFO] Instantiating GCE client...
2021/12/13 14:09:37 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:37 [INFO] Instantiating OS Login client...
==> googlecompute.packer: Checking image does not exist...
==> googlecompute.packer: Creating temporary RSA SSH key for instance...
==> googlecompute.packer: Importing SSH public key for OSLogin...
2021/12/13 14:09:44 packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64 plugin: 2021/12/13 14:09:44 [INFO] OSLogin: Could not derive a GCE service account from google metadata server after 5s
==> googlecompute.packer: Error importing SSH public key for OSLogin: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden
==> googlecompute.packer: Deleting SSH public key for OSLogin...
==> googlecompute.packer:
==> googlecompute.packer: Error: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden
==> googlecompute.packer: Error deleting SSH public key for OSLogin. Please delete it manually.
==> googlecompute.packer:
2021/12/13 14:09:44 [INFO] (telemetry) ending googlecompute.packer
==> googlecompute.packer: Error: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden
==> Wait completed after 7 seconds 586 milliseconds
2021/12/13 14:09:44 machine readable: error-count []string{"1"}
==> Some builds didn't complete successfully and had errors:
2021/12/13 14:09:44 machine readable: googlecompute.packer,error []string{"Error importing SSH public key for OSLogin: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden"}
==> Builds finished but no artifacts were created.
2021/12/13 14:09:44 [INFO] (telemetry) Finalizing.
Build 'googlecompute.packer' errored after 7 seconds 586 milliseconds: Error importing SSH public key for OSLogin: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden
==> Wait completed after 7 seconds 586 milliseconds
==> Some builds didn't complete successfully and had errors:
--> googlecompute.packer: Error importing SSH public key for OSLogin: googleapi: Error 403: End user credentials must match the user specified in the request., forbidden
==> Builds finished but no artifacts were created.
2021/12/13 14:09:45 waiting for all plugin processes to complete...
2021/12/13 14:09:45 /Users/REDACTED/.packer.d/plugins/github.com/hashicorp/googlecompute/packer-plugin-googlecompute_v1.0.8_x5.0_darwin_amd64: plugin process exited
2021/12/13 14:09:45 /usr/local/bin/packer: plugin process exited
OS Login doesn't work with service account impersonation.
Error Log
Packer version
Config