Question

App platform terraform Gitlab user cannot access repo

Posted July 16, 2021 238 views
TerraformDigitalOcean App Platform

Hello!

I work on setting up App platforms static-site instances through the Terraform provider. I use a service account user in GitLab to provide access to the repo to DigitalOcean application (it’s just a regular user account but not tied to a real person hence it doesn’t have any SSH keys). This user is then given access on a per repo basis. I gave it a maintainer access and while connected as that user I authorized the DigitalOcean GitLab app.

When running terraform apply I get an error:

Error: Error creating App: POST https://api.digitalocean.com/v2/apps: 400 GitLab user does not have access to <repo>

Everything seems to be connected properly because I can create an APP through the DO back-office and it properly deploys. I can access the static-site afterwards with no problem.

Does DO clone the repo using SSH and not HTTPS? Am I missing something here? Is there a reason why it works from the back-office but not from Terraform?

Thanks for your help.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

👋 @jpauthier

When an App is added from a GitLab source, we clone the code in a couple different ways. During the initial detect process we use the linked GitLab account to clone the code using OAuth. During the create process we create a deploy key on the repo so App Platform is not reliant on a single user to build and deploy the app. At that point the deployment is cloned using SSH deploy keys.

I’m not familiar with Terraform, it seems that the user you might have linked may not be able to do the OAuth connection for detection? Maybe check that is the case. If that’s not it submit a support ticket.

Thanks for reaching out!

  • Oups sorry @crashoverride I forgot to answer you as it was just before my holidays.

    I’m not sure it’s an OAuth problem since when I create an App Platform from the DO console panel, the GitLab connection is effective and in the select for the repo I get the repo Terraform is yelling about.

    I followed your suggested and submitted a support ticket.

    Thank you.