We are setting up Terraform Cloud with a git repo (repo-a) that has two git submodules in it (repo-b and repo-c). I know the key works, because the submodule statements below are correct and have clearly been read from the .gitmodules
file inside of repo-a. So we can read one repo at least. But there seems to be a problem with reading the submodules.
We did the following:
- We created a fresh RSA SSH key
- Attached the key to BitBucket in our account where repo-a, repo-b and repo-c are stored
- Attached the key to our Terraform Cloud account under OrganizationSettings/Security/SSH Keys
- Created a workspace and attached it to repo-a for the directory with the TF stack in it
- Set the SSH Key in the Workspace under WorkspaceSettings/SSH Key so that it pointed to the same key installed above
- Set the “Include submodules on clone” option to true under WorkspaceSettings/VersionControl
- Ran Action/StartNewRun and we get this message:
Error: failed to retrieve configuration
Retrieving the configuration version failed with the error: Internal error: SIC-001.
Failed to ingress slug: Failed to clone: Failed updating submodules: exit status 1
Output: Submodule 'repo-b' (git@bitbucket.org:my-company/repo-b.git) registered for path 'repo-b'
Submodule 'repo-c' (git@bitbucket.org:my-company/repo-c.git) registered for path 'repo-c'
Cloning into '/local/slug-ingress3554444444/clone/repo-b'...
Warning: Permanently added 'bitbucket.org' (RSA) to the list of known hosts.
git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
fatal: clone of 'git@bitbucket.org:my-company/repo-b.git' into submodule path '/local/slug-ingress3554497898/clone/repo-b' failed
Failed to clone 'repo-b'. Retry scheduled
Cloning into '/local/slug-ingress3554444444/clone/repo-c'...
Warning: Permanently added 'bitbucket.org' (RSA) to the list of known hosts.
git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
The .gitmodules
file is:
[submodule "repo-c"]
path = repo-c
url = git@bitbucket.org:my-company/repo-c.git
[submodule "repo-b"]
path = repo-b
url = git@bitbucket.org:my-company/repo-b.git
It seems that there is a problem using the SSH key with the submodules.
Any recommendations?