OCI terraform provider error when running on Jenkins Pipeline

dracozero7 · October 27, 2021, 3:52pm

Hello. I’m using Jenkins to deploy terraform using Pipelines to OCI. The code runs when executed on the Linux Machine that has Jenkins installed, but when I try to execute the same code using Jenkins Pipelines, I get the error message:

e[31m│e[0m e[0me[1me[31mError: e[0me[0me[1mcan not create client, bad configuration: did not find a proper configuration for private keye[0m
e[31m│e[0m e[0m
e[31m│e[0m e[0me[0m with provider[“registry.terraform.io/hashicorp/oci”],
e[31m│e[0m e[0m on main.tf line 15, in provider “oci”:
e[31m│e[0m e[0m 15: provider “oci” e[4m{e[0me[0m
e[31m│e[0m e[0m

I’m fairly new to Jenkins, what could I be missing in the configurations? A few extra things I have done:

I have copied the RSA key to the Jenkins workspace and the private_key_path points there
Configurations are exactly the same as the code running on the VM (Does Jenkins need an extra atribute?)

Here is the current provider code:

provider “oci” {
tenancy_ocid = var.tenancy_ocid
user_ocid = var.user_ocid
fingerprint = var.fingerprint
private_key_path = var.private_key_path
region = var.region
}

Please help.

dduportal · October 29, 2021, 8:23am

Hello and welcome

First important check: Jenkins (controller) and the agent nodes are not sharing their workspace. It means that you pipeline might not see the key as part of the build. To help you on this area, you need to share with us the Jenkinsfile and eventually informations about the agent node setup
When using Terraform private module, it’s important to ensure that the node agent has not only Terraform, but also openssh-client and a recent git version. I got bitten a lot of time when running Terraform inside the default container that was missing these dependencies. (that is why we maintain our own image on the Jenkins Infrastructure: GitHub - jenkins-infra/docker-terraform: A Docker Image to provide a working environment around terraform).
You might want to store the private SSH key as a Jenkins credential (scoped to your job for additional security) and to use an SSH-agent (with the plugin https://plugins.jenkins.io/ssh-agent/ that has a pipelien instruction) so that Jenkins takes care of loading/unloading the key from memory and filesystem (and cleanup) so that this private key is never written
You might want to also check the following Terraform features:
- Running Terraform in Automation | Terraform - HashiCorp Learn
- Reuse the same Terraform init modules with TF_DATA_DIR

Topic		Replies	Views
Jenkins deploying at remote server Using Jenkins	2	3409	March 17, 2023
Jenkins agents not coming up on openshift kubernetes cluster Ask a question kubernetes	0	395	September 30, 2022
Jenkins on OCI architecture Ask a question	2	349	June 16, 2022
AWS Cloud Agent Failed Deployment Ask a question	1	587	April 3, 2023
Missing docker on jenkins openshift slave Ask a question question , docker , pipeline	0	489	August 10, 2023

OCI terraform provider error when running on Jenkins Pipeline

Related Topics