You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am setting up a new IaC code base (Terraform) for Azure, and I created a parent terraform module and my I used the User-Assigned-Managed-Identites for setting the authentication for my GitHub repo and the workflow (reference: here)
When I create local terraform module within my repo, and add it as a source from within the same repo, it worked fine no issues. However when I moved the terraform module to another Git Repo and when I use that as a source (as shown below):
Now my GitHub Action runner is complaining that it can't reach the new Git repo (my source repo):
Downloading git::ssh://[email protected]/MyOrg/terraform-modules/postgres.git?ref=1.0.0 for postgres-server...
╷
│ Error: Failed to download module
│
│ on main.tf line 23:
│ 23: module "postgres-server" {
│
│ Could not download module "postgres-server" (main.tf:23) source code from
│ "git::ssh://[email protected]/MyOrg/terraform-modules/postgres.git?ref=1.0.0":
│ error downloading
│ 'ssh://[email protected]/MyOrg/terraform-modules/postgres.git?ref=1.0.0':
│ /usr/bin/git exited with 128: Cloning into
│ '.terraform/modules/postgres-server'...
│ [email protected]: Permission denied (publickey).
│ fatal: Could not read from remote repository.
│
│ Please make sure you have the correct access rights
│ and the repository exists.
│
╵
Error: Terraform exited with code 1.
Error: Process completed with exit code 1.
I understand my GitHub runner needs permissions to this new source repo. I am trying to understand since I am using the Azure's User-Assigned-Managed-Identity method, how can I provide the runner the necessary permission to be able to download the remote module?
ActionsBuild, test, and automate your deployment pipeline with world-class CI/CDQuestion
1 participant
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
GitHub Community
-
Select Topic Area
Question
Body
Hello,
I am setting up a new IaC code base (Terraform) for Azure, and I created a parent terraform module and my I used the User-Assigned-Managed-Identites for setting the authentication for my GitHub repo and the workflow (reference: here)
When I create local terraform module within my repo, and add it as a source from within the same repo, it worked fine no issues. However when I moved the terraform module to another Git Repo and when I use that as a source (as shown below):
Now my GitHub Action runner is complaining that it can't reach the new Git repo (my source repo):
I understand my GitHub runner needs permissions to this new source repo. I am trying to understand since I am using the Azure's User-Assigned-Managed-Identity method, how can I provide the runner the necessary permission to be able to download the remote module?
Cheers for the help community 🙋🏻♂️🙋🏻♂️
Beta Was this translation helpful? Give feedback.
All reactions