Add a setting to allow/disallow duplicate Terraform modules
Context
You can publish Terraform modules to your GitLab project. And you can install them from your group or sub-group.
Problem to solve
The problem is that a Developer in Project A may create a module called foo and this prevents Developers in other projects from using the name foo. And if they try they'll receive an error but have no way of knowing which project originally created foo.
Proposal
In some cases, organizations may want to allow duplicate package name/version combinations. GitLab offers a setting for this for Maven and generic packages. We will do the same for Terraform modules.
Activity
changed milestone to %Backlog
added to epic &3221
@10io FYI
mentioned in epic &3221
added sectionops label
added [deprecated] Accepting merge requests label
A customer came accross "{message":"Access Denied"}" error when trying to publish a terraform module to a project with the name that already existed under a different project.
Internal customer ticket: https://gitlab.zendesk.com/agent/tickets/308122
I believe we could also work on better error messaging.
added customer label
Another customer reported that they would have wanted to use this functionality. They assume that this was the default behavior so we had to learn from experiments that it doesn't work
@trizzi would it be a good idea to do a docs MR to make that clearer until this issue is resolved?
Internal customer ticket: https://gitlab.zendesk.com/agent/tickets/301894
would it be a good idea to do a docs MR to make that clearer until this issue is resolved?
@vstoianovici If the documentation update will make the situation clearer, I woudl say go for it. We could even reference this issue in the documentation.
-
@10io or @trizzi care to vet !96352 (merged) to make sure I am capturing the message we actually want out there?
Thank!
mentioned in merge request !96350 (closed)
mentioned in merge request !96352 (merged)
added groupenvironments label and removed groupconfigure [DEPRECATED] label
added devopsdeploy label and removed devopsconfigure [DEPRECATED] label
Is there a way to find if this is the issue when receiving 403's in module push. I'm getting it in just one registry with a matching configuration to all others. I suspect this is the issue, but I don't know how to be sure.
Is there a way to list all module registries on a gitlab host, or anything above the individual project level?
-
@theherk You can use the GitLab API to list all of the packages within a group: https://docs.gitlab.com/ee/api/packages.html#within-a-group.
The 403 error could be due to duplicate names. At least that's what I've seen for the npm registry. Let me know what you find.
@trizzi According to the docs for that API endpoint, the types returned by this endpoint are:
Filter the returned packages by type. One of conan, maven, npm, pypi, composer, nuget, helm, or golang. (Introduced in GitLab 12.9)
Nevertheless, I have access now to the API so I made an authenticated endpoint to this endpoint, and the packages for the whole group is empty, which seems inline with this endpoint not returning any terraform modules.
I'm still facing this issue on several repositories receiving access denied with their own CI token. I have no idea why, but I'm fairly confident is isn't a name collision. Any other ideas on how to sort out what is causing the issue?
-
Sorry for the late reply on this one, but I commented and asked for some additional triage help in the new issue you created. #415061 (closed)
mentioned in issue #415061 (closed)
Another customer reported that they got the following error when they tried to push a Terraform module that already existed in another project:
curl: (22) The requested URL returned error: 403 {"message":"Access Denied"}Once they deleted the module in the other project, they were able to push.
assigned to @mkhalifa3
