Unable to authenticate to HCP using Vagrant #13575

lnussbaum · 2025-01-13T19:10:53Z

Following https://developer.hashicorp.com/vagrant/vagrant-cloud/hcp-vagrant/post-migration-guide , I do:

export VAGRANT_CLOUD_TOKEN=";$(hcp auth print-access-token)"

but then, I get:

$ vagrant cloud auth login
An unexpected error occurred: Vagrant Cloud request failed - authentication is required

it worked in December.

This is different from issue 13574 : I try to login to HCP, not Vagrant Cloud.

Reproduction information

Vagrant version

Vagrant 2.4.3

Host operating system

Linux Debian 12

The text was updated successfully, but these errors were encountered:

hswong3i · 2025-01-17T07:19:49Z

I am facing a similar issue, too.

My .gitlab-ci.yml logic for pushing Vagrant box to HCP (see https://gitlab.com/alvistack/vagrant-debian/-/blob/develop/.gitlab-ci.yml?ref_type=heads#L128-177):

.script-vagrant-cloud-provider-upload: &script-vagrant-cloud-provider-upload
  - |
    if [[ -n "$CI_COMMIT_TAG" ]] && [[ "$CI_COMMIT_TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then
      export _VERSION="$CI_COMMIT_TAG"
    elif [[ -n "$CI_COMMIT_BRANCH" ]] && [[ "$CI_COMMIT_BRANCH" =~ master ]]; then
      export _VERSION="$(date +%Y%m%d).0.0"
    else
      exit 0
    fi
    sudo -E hcp auth login --client-id=$HCP_CLIENT_ID --client-secret=$HCP_CLIENT_SECRET
    export _VAGRANT_CLOUD_TOKEN=";$(sudo -E hcp auth print-access-token)"
    cd $CI_PROJECT_DIR/packer/$_BOX-$_PROVIDER
    export _ORG="$CI_PROJECT_NAMESPACE"
    export _CHECKSUM="$(sha256sum output-vagrant/package.box | awk '{ print $1 }')"
    curl -skL \
      --request POST \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      --data "{ \"box\": { \"username\": \"$_ORG\", \"name\": \"$_BOX\", \"is_private\": false } }" \
      https://app.vagrantup.com/api/v2/boxes | jq .
    curl -skL \
      --request POST \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      --data "{ \"version\": { \"version\": \"$_VERSION\" } }" \
      https://app.vagrantup.com/api/v2/box/$_ORG/$_BOX/versions | jq .
    curl -skL \
      --request DELETE \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      https://app.vagrantup.com/api/v2/box/$_ORG/$_BOX/version/$_VERSION/provider/$_PROVIDER/$_ARCHITECTURE | jq .
    curl -skL \
      --request POST \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      --data "{ \"provider\": { \"name\": \"$_PROVIDER\", \"checksum_type\": \"sha256\", \"checksum\": \"$_CHECKSUM\", \"architecture\": \"$_ARCHITECTURE\", \"default_architecture\": true } }" \
      https://app.vagrantup.com/api/v2/box/$_ORG/$_BOX/version/$_VERSION/providers | jq .
    _UPLOAD_PATH=$(curl -skL \
      --request GET \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      https://app.vagrantup.com/api/v2/box/$_ORG/$_BOX/version/$_VERSION/provider/$_PROVIDER/$_ARCHITECTURE/upload | jq -r .upload_path)
    curl -skL \
      --request PUT \
      --header "Connection: keep-alive" \
      --upload-file output-vagrant/package.box \
      $_UPLOAD_PATH | jq .
    curl -skL \
      --request PUT \
      --header "Authorization: Bearer $_VAGRANT_CLOUD_TOKEN" \
      https://app.vagrantup.com/api/v2/box/$_ORG/$_BOX/version/$_VERSION/release | jq .

My GitLab CI pipeline (see https://gitlab.com/alvistack/vagrant-debian/-/jobs/8877821966#L146):

$ if [[ -n "$CI_COMMIT_TAG" ]] && [[ "$CI_COMMIT_TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then # collapsed multi-line command
Successfully logged in!
{
  "code": 16,
  "message": "authentication is required",
  "errors": [
    "authentication is required"
  ]
}
{
  "code": 16,
  "message": "authentication is required",
  "errors": [
    "authentication is required"
  ]
}
{
  "code": 16,
  "message": "authentication is required",
  "errors": [
    "authentication is required"
  ]
}
{
  "code": 16,
  "message": "authentication is required",
  "errors": [
    "authentication is required"
  ]
}

As <hashicorp#13571 (comment)> mentioned: > After further debug, this looks like a change introduced in HCP > Vagrant Registry after 2025-01-09, that broke Vagrant versions before > 2.4.0. I could confirm that everything works fine with Vagrant 2.4.0 > (and later), but fails to work with Vagrant 2.3.7 (and earlier). The > root cause is that Vagrant 2.3.7 uses the equivalent of curl > --location --verbose -H "Accept: application/json" > <https://vagrantcloud.com/debian/bookworm64> to fetch the box > metadata, but this no longer returns a JSON document. Vagrant 2.4.0 > uses <https://vagrantcloud.com/api/v2/vagrant/debian/bookworm64> > instead. This PR replace most <https://developer.hashicorp.com/vagrant/vagrant-cloud/api/v2> URL from existing <https://app.vagrantup.com> to <https://vagrantcloud.com>. Fixes <hashicorp#13571> Fixes <hashicorp#13574> Fixes <hashicorp#13575> Signed-off-by: Wong Hoi Sing Edison <[email protected]>

lnussbaum added the waiting-intake label Jan 13, 2025

hswong3i linked a pull request Jan 18, 2025 that will close this issue

Update from app.vagrantup.com to vagrantcloud.com #13580

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Unable to authenticate to HCP using Vagrant #13575

Unable to authenticate to HCP using Vagrant #13575

lnussbaum commented Jan 13, 2025 •

edited

Loading

hswong3i commented Jan 17, 2025

Unable to authenticate to HCP using Vagrant #13575

Unable to authenticate to HCP using Vagrant #13575

Comments

lnussbaum commented Jan 13, 2025 • edited Loading

Reproduction information

Vagrant version

Host operating system

hswong3i commented Jan 17, 2025

lnussbaum commented Jan 13, 2025 •

edited

Loading