Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to import installation repository using GH App credentials #815

Closed
gmile opened this issue Jun 11, 2021 · 2 comments
Closed

Unable to import installation repository using GH App credentials #815

gmile opened this issue Jun 11, 2021 · 2 comments
Labels
r/app_installation_repository Type: Bug Something isn't working as documented

Comments

@gmile
Copy link

gmile commented Jun 11, 2021
edited
Loading

Terraform Version

$ terraform --version
Terraform v1.0.0
on darwin_amd64
$

Affected Resource

  • github_app_installation_repository

Terraform Configuration Files

provider "github" {
  owner = "our_org_name"

  app_auth {
    id              = var.github_app_id
    installation_id = var.github_app_installation_id
    pem_file        = file(var.github_app_pem_file)
  }
}

resource "github_app_installation_repository" "file_service" {}

Debug Output

None.

Panic Output

None.

Expected Behavior

Repository installation is imported. Or docs specify that importing installations using app credentials is not possible.

Actual Behavior

An authentication error:

$ terraform import github_app_installation_repository.file_service 12345678:file_service
github_app_installation_repository.file_service: Importing from ID "12345678:file_service"...
github_app_installation_repository.file_service: Import prepared!
  Prepared github_app_installation_repository for import
github_app_installation_repository.file_service: Refreshing state... [id=12345678:file_service]
╷
│ Error: GET https://api.github.com/user/installations/12345678/repositories?per_page=100: 403 Resource not accessible by integration []
$

Steps to Reproduce

  1. Configure GitHub App with the following permissions:

    • Read access to metadata
    • Read and write access to actions and secrets

  2. Configure application ID and installation ID for terraform (see .hcl sample block above),

  3. Attempt to import the resource:

    terraform import github_app_installation_repository.file_service 12345678:file_service

Important Factoids

I am unable to locate the API endpoint corresponding to the error on the "Permissions required for GitHub Apps" page. Is it even possible that the App itself can regulate repos it is installed to?

References
@loozhengyuan
Copy link
Contributor

loozhengyuan commented Jun 12, 2021
edited
Loading

It seems that the endpoint in the error cannot be used with GitHub Apps credentials.

You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.

I've opened #817 separately to track the documentation of incompatibility on the specific data sources or resources.

@jcudit jcudit added Type: Bug Something isn't working as documented r/app_installation_repository labels Jun 15, 2021
@gmile
Copy link
Author

gmile commented Jun 16, 2021

@loozhengyuan thank you! I'm closing this in favor of the one you've opened.

@gmile gmile closed this as completed Jun 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
r/app_installation_repository Type: Bug Something isn't working as documented
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gmile @loozhengyuan @jcudit