This PR is auto-generated from #13059 to be assessed for backporting due to the inclusion of the label backport/1.11.x.
The below text is copied from the body of the original PR.
This PR changes the API calls made by the internal function UpsertBucket, previously this function would call CreateBucket and then if that returned a AlreadyExists/Conflict status code it would call UpdateBucket to set the bucket labels and description on the bucket. This lead to failures with bucket level service principals because the principal would be scoped to only access the existing bucket, and so Packer would error out because of making an unauthorized request.
To handle this I have changed UpsertBucket to call GetBucket first, if GetBucket 404s the method then calls Create, if GetBucket succeeds it calls UpdateBucket, and if GetBucket fails with a non 404 status code Packer exits with the error from GetBucket.
Overview of commits
- 046c8f18692e8a051ca13770973dfe9e08590753 - 96e8421d1d0cbc17adbfdcc09f3ca28fa959342a
Backport
This PR is auto-generated from #13059 to be assessed for backporting due to the inclusion of the label backport/1.11.x.
The below text is copied from the body of the original PR.
This PR changes the API calls made by the internal function
UpsertBucket, previously this function would call CreateBucket and then if that returned a AlreadyExists/Conflict status code it would call UpdateBucket to set the bucket labels and description on the bucket. This lead to failures with bucket level service principals because the principal would be scoped to only access the existing bucket, and so Packer would error out because of making an unauthorized request.To handle this I have changed UpsertBucket to call GetBucket first, if GetBucket 404s the method then calls Create, if GetBucket succeeds it calls UpdateBucket, and if GetBucket fails with a non 404 status code Packer exits with the error from GetBucket.
Overview of commits
- 046c8f18692e8a051ca13770973dfe9e08590753 - 96e8421d1d0cbc17adbfdcc09f3ca28fa959342a