Google Cloud error 400 Invalid resource field value in the request. #14854
Description
Describe the bug
Trying to set up algo on Google Cloud following the Google Cloud Platform setup guide throws a 400 error Invalid resource field value in the request.
To Reproduce
- Follow the Google Cloud Platform setup guide.
Expected behavior
It works.
Additional context
Full log
> ./algo -e "provider=gce" -e "gce_credentials_file=$(pwd)/configs/gce.json"
PLAY [Algo VPN Setup] ************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [localhost]
TASK [Playbook dir stat] *********************************************************************************************************
ok: [localhost]
TASK [Ensure Ansible is not being run in a world writable directory] *************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [Ensure the requirements installed] *****************************************************************************************
ok: [localhost]
TASK [Extract ansible version from pyproject.toml] *******************************************************************************
ok: [localhost]
TASK [Parse ansible version requirement] *****************************************************************************************
ok: [localhost]
TASK [Get current ansible package version] ***************************************************************************************
ok: [localhost]
TASK [Extract ansible version from uv package list] ******************************************************************************
ok: [localhost]
TASK [Verify Python meets Algo VPN requirements] *********************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [Verify Ansible meets Algo VPN requirements] ********************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
PLAY [Ask user for the input] ****************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] **********************************************************************************************
ok: [localhost]
[VPN server name prompt]
Name the vpn server
[algo]
:
TASK [VPN server name prompt] ****************************************************************************************************
ok: [localhost]
[Cellular On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to cellular networks?
[y/N]
:
TASK [Cellular On Demand prompt] *************************************************************************************************
ok: [localhost]
[Wi-Fi On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to Wi-Fi?
[y/N]
:
TASK [Wi-Fi On Demand prompt] ****************************************************************************************************
ok: [localhost]
[Retain the PKI prompt]
Do you want to retain the keys (PKI)? (required to add users in the future, but less secure)
[y/N]
:
TASK [Retain the PKI prompt] *****************************************************************************************************
ok: [localhost]
[DNS adblocking prompt]
Do you want to enable DNS ad blocking on this VPN server?
[y/N]
:
TASK [DNS adblocking prompt] *****************************************************************************************************
ok: [localhost]
[SSH tunneling prompt]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:
TASK [SSH tunneling prompt] ******************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] **********************************************************************************************
ok: [localhost]
PLAY [Provision the server] ******************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [localhost]
TASK [Display the invocation environment] ****************************************************************************************
changed: [localhost]
TASK [Install cloud provider dependencies] ***************************************************************************************
ok: [localhost]
TASK [Generate the SSH private key] **********************************************************************************************
changed: [localhost]
TASK [Generate the SSH public key] ***********************************************************************************************
changed: [localhost]
TASK [Copy the private SSH key to /tmp] ******************************************************************************************
changed: [localhost]
TASK [Include a provisioning role] ***********************************************************************************************
[WARNING]: file /path/to/algo/roles/cloud-gce/tasks/venv.yml is empty and had no tasks to include
included: cloud-gce for localhost
TASK [cloud-gce : set_fact] ******************************************************************************************************
ok: [localhost]
TASK [cloud-gce : set_fact] ******************************************************************************************************
ok: [localhost]
TASK [cloud-gce : set_fact] ******************************************************************************************************
ok: [localhost]
TASK [cloud-gce : Get regions] ***************************************************************************************************
[ERROR]: Task failed: Module failed: GCP returned error: {'error': {'code': 400, 'message': 'Invalid resource field value in the request.', 'errors': [{'message': 'Invalid resource field value in the request.', 'domain': 'global', 'reason': 'invalidParameter'}], 'status': 'INVALID_ARGUMENT', 'details': [{'@type': 'type.googleapis.com/google.rpc.ErrorInfo', 'reason': 'RESOURCE_PROJECT_INVALID', 'domain': 'googleapis.com', 'metadata': {'service': 'compute.googleapis.com', 'method': 'compute.v1.RegionsService.List'}}]}}
Origin: /path/to/algo/roles/cloud-gce/tasks/prompts.yml:29:7
27
28 - block:
29 - name: Get regions
^ column 7
fatal: [localhost]: FAILED! => {"changed": false, "msg": "GCP returned error: {'error': {'code': 400, 'message': 'Invalid resource field value in the request.', 'errors': [{'message': 'Invalid resource field value in the request.', 'domain': 'global', 'reason': 'invalidParameter'}], 'status': 'INVALID_ARGUMENT', 'details': [{'@type': 'type.googleapis.com/google.rpc.ErrorInfo', 'reason': 'RESOURCE_PROJECT_INVALID', 'domain': 'googleapis.com', 'metadata': {'service': 'compute.googleapis.com', 'method': 'compute.v1.RegionsService.List'}}]}}", "request": {"body": null, "method": "GET", "url": "https://www.googleapis.com/compute/v1/projects//regions?filter=status%3DUP"}}
TASK [include_tasks] *************************************************************************************************************
included: /path/to/algo/playbooks/rescue.yml for localhost
TASK [debug] *********************************************************************************************************************
ok: [localhost] => {
"fail_hint": [
"Sorry, but something went wrong!",
"Please check the troubleshooting guide.",
"https://trailofbits.github.io/algo/troubleshooting.html"
]
}
TASK [Fail the installation] *****************************************************************************************************
[ERROR]: Task failed: Action failed: Failed as requested from task
Origin: /path/to/algo/playbooks/rescue.yml:5:3
3 var: fail_hint
4
5 - name: Fail the installation
^ column 3
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}
PLAY RECAP ***********************************************************************************************************************
localhost : ok=31 changed=4 unreachable=0 failed=1 skipped=3 rescued=1 ignored=0