App platform terraform Gitlab user cannot access repo


I work on setting up App platforms static-site instances through the Terraform provider. I use a service account user in GitLab to provide access to the repo to DigitalOcean application (it’s just a regular user account but not tied to a real person hence it doesn’t have any SSH keys). This user is then given access on a per repo basis. I gave it a maintainer access and while connected as that user I authorized the DigitalOcean GitLab app.

When running terraform apply I get an error:

Error: Error creating App: POST 400 GitLab user does not have access to <repo>

Everything seems to be connected properly because I can create an APP through the DO back-office and it properly deploys. I can access the static-site afterwards with no problem.

Does DO clone the repo using SSH and not HTTPS? Am I missing something here? Is there a reason why it works from the back-office but not from Terraform?

Thanks for your help.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

I figured I never came back to give the solution the support found. The problem stemmed from the URI I gave for the repository. I had something like owner/repo.git. Once I removed the .git extension from the URI, it worked.

👋 @jpauthier

When an App is added from a GitLab source, we clone the code in a couple different ways. During the initial detect process we use the linked GitLab account to clone the code using OAuth. During the create process we create a deploy key on the repo so App Platform is not reliant on a single user to build and deploy the app. At that point the deployment is cloned using SSH deploy keys.

I’m not familiar with Terraform, it seems that the user you might have linked may not be able to do the OAuth connection for detection? Maybe check that is the case. If that’s not it submit a support ticket.

Thanks for reaching out!