Terraform 不尊重 git 的 ssh 配置 [英] Terraform not respecting ssh config for git
问题描述
我的 terraform 模块位于通过 ssh 密钥访问的私有 bitbucket 存储库中.
My terraform module is in a private bitbucket repo accessed via an ssh key.
我不知道 terraform 运行什么 git 命令或如何更改身份验证,但它似乎使用了不同的 ssh 配置.
I don't know what git command terraform runs or how to change auth, but it seems to be using a different ssh config.
这是我的 .tf 文件:
module "sdfsdfs" {
source = "git::ssh://bitbucket.org/mycomp/my-module-root//submodule"
}
我在 jenkins 管道中运行它,并且我正在编辑 ssh 配置以使用特定密钥.我已经证明这是可行的:
I'm running this in a jenkins pipeline and I am editing the ssh config to use a specific key. I have proven this works:
sshagent (credentials: ['my-ssh-key']) {
bat 'git clone git@bitbucket.org:mycomp/my-module.git'
}
正确修改了 ssh 配置并使用我在 jenkins 中的密钥库.
The ssh config is modified correctly and uses my key store in jenkins.
我不知道 terraform 实际上正在运行从 git repo 中提取什么,但它不尊重 ssh 配置:
I don't know what terraform is actually running to pull from git repo but it's not respecting the ssh config:
sshagent (credentials: ['my-ssh-key']) {
bat 'terraform init'
}
我收到此错误:
C:Program FilesGitcmdgit.exe exited with 128: Cloning into
'.terraformmodulesc760b746e09bd59ba86aae13dc9e9959'...
Permission denied (publickey).
fatal: Could not read from remote repository.
terraform 在这里做什么或不做什么?我只想为此会话进行配置,因此无法为我的 jenkins 服务器设置全局 ssh 配置.
What is terraform doing or failing to do here? I want to configure this for this session only, so setting a global ssh config for my jenkins server is not possible.
推荐答案
这部分是 bitbucket 限制,部分是我没有阅读 文档 彻底.
This is partly a bitbucket limitation, partly me not reading the docs thoroughly.
bitbucket api 似乎不支持 ssh 什么的,因为 terraform 文档只有 https 和 bitbucket 的示例.
The bitbucket api seems to not support ssh or something because, terraform docs only have examples https with bitbucket.
将其视为通用 git repo 有效:
Treating this like a generic git repo works:
source = "git::ssh://git@bitbucket.org/mycomp/myrepo.git//my-sub-module"
这篇关于Terraform 不尊重 git 的 ssh 配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
