Solved

IaC Course - Lab 3 - Pull Request Failing

  • 27 January 2023
  • 9 replies
  • 127 views
M
Badge +1

Hi All,


I've run through the Lab3 notes a number of times and I keep getting the same error when I run the Pull Request once the fqdn file is update .


Any help would be greatly appreciated as I don't have a clue where I'm going wrong. Thank you in advance.


Martin


 


When I run the Pull Request I receive the following output :


1    Changes Approved


2    All Check have Failed - 1 Failing Check - Terraform Cloud / Terraform (pull request)


3    The branch has no conflicts with the base branch


 


If I show the details under section 'Update Pull Request' I can see highlighted: 


'Error: Resource not accessible by integration'


also 'status: 403'


Please see below


-----------------------------------


Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/


RequestError [HttpError]: Resource not accessible by integration


Error: Resource not accessible by integration


at /home/runner/work/_actions/actions/github-script/0.9.0/dist/index.js:8705:23


at processTicksAndRejections (internal/process/task_queues.js:97:5) {


status: 403,


headers: {


'access-control-allow-origin': '*',


'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',


connection: 'close',


'content-encoding': 'gzip',


'content-security-policy': "default-src 'none'",


'content-type': 'application/json; charset=utf-8',


date: 'Fri, 27 Jan 2023 15:30:00 GMT',

icon

Best answer by Martin_Davies 2 February 2023, 18:41

View original

9 replies

M
Badge +1
-
1 Attachment
John_Smoker
Userlevel 2
Badge +1

Martin Davies This looks like terraform cloud is not authorized to update the pull request. Perhaps the permissions you gave it were more restrictive than what's described in the `Terraform Cloud` section of LAB1?

M
Badge +1

Thanks for the reply John, I've destroyed all of the infrastructure and started again from scratch. Even redeployed the SST - Still getting the same error at the same place 'Updating Pull Request'

John_Smoker
Userlevel 2
Badge +1

Martin Davies Just from the information provided, I'm not concerned about the infrastructure, but the permissions that terraform cloud has with your github repository. See this screenshot from the lab1 guide. I might have more thoughts if you link me to your repo. Or, feel free to reach out on linkedin if you want to set up call to discuss.


M
Badge +1

Thanks John , I've added you as contributor to the repo

John_Smoker
Userlevel 2
Badge +1

Martin Davies 👍I commented the section of code where terraform cloud tries to update the github pull request. You should now be able to approve your pr and merge (which will apply your changes to your controller). It seems the github token you created doesn't have the right to update the pull request (although it does have permissions to read the repository). We'll look into whether that's something that github changed (we need to update the documentation).

M
Badge +1

John Smoker Many thanks for your help. That's worked and I could complete the workflow and the pull request. Could you please confirm which lines were commented in the 'terraform.yml' file as I've deleted the original when I was backing the changes out :)  Thanks again

John_Smoker
Userlevel 2
Badge +1

Martin Davies No problem. Glad that got you through! I commented lines 49-72 in `.github/workflows/terraform.yml` to keep tfc from trying to update the pull request. The token you created (referenced, here) must not have had the permission needed to write to the pr.

M
Badge +1

John Smoker I've setup the labs successfully again today with the work-around you have suggested. All working as expected. Thanks again John. I'll mark this query as resolved.

Reply


Terms & Conditions