Skip to content

My GitHub Action runner is failing with permission when I added another Git module as a source in my parent module #1965

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
vikramty opened this issue Nov 3, 2024 · 0 comments
Closed

My GitHub Action runner is failing with permission when I added another Git module as a source in my parent module #1965

vikramty opened this issue Nov 3, 2024 · 0 comments

Comments

@vikramty
Copy link

vikramty commented Nov 3, 2024

Hello,

I am setting up a new IaC code base (Terraform) for Azure, and I created a parent terraform module and my I used the User-Assigned-Managed-Identites for setting the authentication for my GitHub repo and the workflow (reference: here)

When I create local terraform module within my repo, and add it as a source from within the same repo, it worked fine no issues. However when I moved the terraform module to another Git Repo and when I use that as a source (as shown below):

module "postgres-server" {
  source              = "git::git@github.com:MyOrg/terraform-modules/postgres.git?ref=1.0.0"
  location            = var.location
  name                = var.pg_server_name
  resource_group_name = var.pg_resource_group_name
}

Now my GitHub Action runner is complaining that it can't reach the new Git repo (my source repo):

Downloading git::ssh://git@github.com/MyOrg/terraform-modules/postgres.git?ref=1.0.0 for postgres-server...
╷
│ Error: Failed to download module
│ 
│   on main.tf line 23:
│   23: module "postgres-server" {
│ 
│ Could not download module "postgres-server" (main.tf:23) source code from
│ "git::ssh://git@github.com/MyOrg/terraform-modules/postgres.git?ref=1.0.0":
│ error downloading
│ 'ssh://git@github.com/MyOrg/terraform-modules/postgres.git?ref=1.0.0':
│ /usr/bin/git exited with 128: Cloning into
│ '.terraform/modules/postgres-server'...
│ git@github.com: Permission denied (publickey).
│ fatal: Could not read from remote repository.
│ 
│ Please make sure you have the correct access rights
│ and the repository exists.
│ 
╵
Error: Terraform exited with code 1.
Error: Process completed with exit code 1.

I understand my GitHub runner needs permissions to this new source repo. I am trying to understand since I am using the Azure's User-Assigned-Managed-Identity method, how can I provide the runner the necessary permission to be able to download the remote module?

Cheers for the help community 🙋🏻‍♂️🙋🏻‍♂️
@vikramty vikramty closed this as completed Nov 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vikramty