6

My terraform module is in a private bitbucket repo accessed via an ssh key.

I don't know what git command terraform runs or how to change auth, but it seems to be using a different ssh config.

this is my .tf file:

module "sdfsdfs" {
  source = "git::ssh://bitbucket.org/mycomp/my-module-root//submodule"
}

I'm running this in a jenkins pipeline and I am editing the ssh config to use a specific key. I have proven this works:

sshagent (credentials: ['my-ssh-key']) {
    bat 'git clone git@bitbucket.org:mycomp/my-module.git'
}

The ssh config is modified correctly and uses my key store in jenkins.

I don't know what terraform is actually running to pull from git repo but it's not respecting the ssh config:

sshagent (credentials: ['my-ssh-key']) {
    bat 'terraform init'
}

I get this error:

C:\Program Files\Git\cmd\git.exe exited with 128: Cloning into 
'.terraform\modules\c760b746e09bd59ba86aae13dc9e9959'...

Permission denied (publickey).

fatal: Could not read from remote repository.

What is terraform doing or failing to do here? I want to configure this for this session only, so setting a global ssh config for my jenkins server is not possible.

seg
  • 1,398
  • 1
  • 11
  • 18
red888
  • 27,709
  • 55
  • 204
  • 392

2 Answers2

6

This is partly a bitbucket limitation, partly me not reading the docs thoroughly.

The bitbucket api seems to not support ssh or something because, terraform docs only have examples https with bitbucket.

Treating this like a generic git repo works:

  source = "git::ssh://git@bitbucket.org/mycomp/myrepo.git//my-sub-module"
red888
  • 27,709
  • 55
  • 204
  • 392
0

I know that this question is really old but I might help other people who might encounter this problem. What helped me out in Windows was setting the environment variable GIT_SSH_COMMAND to the path of the ssh.exe. In cmd, run:

setx GIT_SSH_COMMAND C:\\Windows\\System32\\OpenSSH\\ssh.exe
Saarett
  • 61
  • 1
  • 4