Hello,
I have:
- main github repo with Terraform12 code
- module in secondary repo which is referred as
source = "git@github.com:user/mod_repo?ref=v1.0.0"
- Jenkins 2.249 (can’t update now)
- a private ssh key in Jenkins to access
mod_repo
When I try to run terraform init in Jenkins pipeline I get
Could not download module "vpc" (main.tf:1) source code from
"git@github.com:user/mod_repo?ref=v1.0.0": error downloading
'ssh://git@github.com/user/mod_repo?ref=v1.0.0': /usr/bin/git exited
with 128: Cloning into '.terraform/modules/vpc'...
Permission denied (publickey).
Locally I can do it without issues.
How should I configure the key in Jenkinsfile (or where else?) to allow access to the secondary repo?
I’ve seen this, this, this and this but cannot figure out how to connect it together.
Could anyone advise, please? Thank you.
As part of your pipeline, can you not download the module i.e. git clone it to a local directory and then in your code reference the module source locally and not via source = git@.
So you can do a checkout stage and specify the key in that via jenkins credentials.
Alternatively you can try the https://plugins.jenkins.io/ssh-agent/ plugin, but I have not done this before so cant comment on how good it is.
I also found this which is relevant https://stackoverflow.com/questions/47820432/terraform-not-respecting-ssh-config-for-git and https://stackoverflow.com/questions/57498518/jenkins-kubernetes-plugin-sshagent-to-git-clone-terraform-module
I would take the lazy option and checkout from git in an earlier stage in the pipeline and reference the module locally. i.e. checkout to mymodules/mod_repo then in source do source = ./mymodules/mod_repo or something along these lines