terraform-provider-github: Unable to create a repository in an organisation

Hello,

I’m trying to create a repository in an organisation using my personal access token. My config is something like this:


terraform {
  required_version = "=1.0.3"
  required_providers {
    aws = {
      version = "=3.52.0"
      source = "hashicorp/aws"
    }
    tls = {
      source = "hashicorp/tls"
      version = "=3.1.0"
    }
    github = {
      source  = "integrations/github"
      version = "=4.13.0"
    }
  }
}
provider "github" {
  owner = "headincloud"
}

resource "github_repository" "app_repo" {
  name        = "cluster-apps"
  description = "App repository"

  visibility = "private"
  delete_branch_on_merge = "true"
}

I have set the GITHUB_TOKEN to my PAT (which I granted all the permissions for now), but the repo still gets created under my own user-name, not onder my organisation.

Now, maybe creating organisation repos doesn’t work with PAT’s, and I should use OAuth? But I have no clue on how to proceed with this. When trying to create a new GitHub OAuth app, it asks for a homepage URL and callback URL but I have no clue on what I should put here for TerraForm. The documentation is not clear on this either…

So, what is the correct approach here? I believe the documentation could be improved on this subject.

Terraform version: 1.0.3 Github provider version: 4.13.0

About this issue

Original URL
State: open
Created 3 years ago
Reactions: 7
Comments: 17 (6 by maintainers)

Commits related to this issue

remove variables for GitHub provider and use GitHub env vars There is currently an issue with provider config: https://github.com/integrations/terraform-provider-github/issues/876 — committed to north-kite/repo-manager by dan-hill2802 3 years ago
remove variables for GitHub provider and use GitHub env vars There is currently an issue with provider config: https://github.com/integrations/terraform-provider-github/issues/876 — committed to north-kite/repo-manager by dan-hill2802 3 years ago
Document importance of submodule required_providers block (#1460) Discussed over in #876, using implicit provider inheritance with this provider does not work, because terraform will prefer the `hash... — committed to integrations/terraform-provider-github by RulerOf a year ago

Most upvoted comments

Had this problem, scratched my head on it for an hour or two, but @serain pointed me in the right direction.

The child module didn’t have a required_providers {} block, so when terraform init performed module resolution, it would configure the integrations/github provider in the root module, and then bring up hashicorp/github in the child module.

The child module of course wouldn’t get the provider config because the providers don’t match, leading to it thinking that the owner config was blank.

To fix it, in your root module:

terraform {
  required_providers {
    github = {
      source  = "integrations/github"
    }
  }
}

provider "github" {
  owner = "YourOrgName" 
  token = "YourToken" // Or use ENV
}

Then in the child module:

terraform {
  required_providers {
    github = {
      source  = "integrations/github"
    }
  }
}

RulerOf on Nov 4, 2022

I faced this issue only when trying to create a repo in a child module. It doesn’t pick up the org configuration from the parent module and you have to explicitly pass an aliased provider to the module.

serain on Sep 17, 2021

Seeing the same issue, which appears to be a regression from previous versions

glennpratt on Aug 19, 2021

@kfcampbell I could certainly take a stab at it, you can assign this issue to me if you like.

Out of curiosity, this smells like an issue that should be resolved in core terraform. When terraform tries to guess providers based on resources, it should prioritize providers that are explicitly or implicitly passed from parent modules, and not… whatever it’s doing presently.

RulerOf on Nov 10, 2022

Hi @kfcampbell , thanks for your reply 👋🏻

I just ran your example, changing the owner between my personal account, and an owned organization account, getting it to work in both. Then I tried switching my integrations/github provider back to version 4.17.0 to try to replicate my original setup. However, I could not get the same results as I got when I wrote in this issue 🤔

Perhaps I was confused with another 404 error I got back then (regarding the creation of a branch using a non-existing main branch as the default source), and I thought that 404 error was that Terraform was not able to locate the repository in the first place…

Not sure, but it seems solved.

Sinclert on Nov 18, 2021

I’ve spent some time playing with this recently, and I’m not able to reproduce the issue. Here’s a super pared-down template as an example:

terraform {
  required_providers {
    github = {
      source = "integrations/github"
      version = "4.18.0"
    }
  }
}

provider "github" {
  owner = "kfcampbell-terraform-provider"
  token = "ghp_personal_token_redacted"
}


resource "github_repository" "app_repo" {
  name        = "876-repro"
  description = "App repository"

  visibility = "private"
  delete_branch_on_merge = "true"
}

That repo has been created successfully here in my test organization rather than my personal profile. Can you try that reproduction and let me know if it works for you?

kfcampbell on Nov 18, 2021

I’ve encountered this same problem. Using the owner parameter in the provider block did not work, but setting the GITHUB_OWNER envvar did.

nicksantamaria on Aug 11, 2021