Unable to configure pull mirroring for github
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Bug Report
While creating a new project and configuring pull mirroring, sometimes the call returns 422 "Unable to access repository with the URL and credentials provided" randomly. This happens to ~1 in 100 repos that we are syncing. We did not discover anything special about those repos where this fails. Access credentials and access is correct and has been tested.
The issue seems to be related to how pull mirroring is enabled. Gitlab seems to offer two ways: a) directly during project creation or b) using a dedicated REST endpoint.
The terraform provider is only using option a) (which to my understanding is deprecated). Option b) seems to work reliably.
This fails:
curl -X POST "https://gitlab.example.com/api/v4/projects" -H "PRIVATE-TOKEN: xxx" -H "Content-Type: application/json" -d '{
"name": "xxx",
"namespace_id": 190,
"mirror": true,
"import_url": "https://xxx:xxx@github.com/xxx/xxx.git"
}'
{"message":"Unable to access repository with the URL and credentials provided"}
This works:
curl -X POST "https://gitlab.example.com/api/v4/projects" -H "PRIVATE-TOKEN: xxx" -H "Content-Type: application/json" -d '{ "name": "xxx", "namespace_id": 190 }' curl -X PUT "https://gitlab.example.com/api/v4/projects/375/mirror/pull" -H "PRIVATE-TOKEN: xxx" -H "Content-Type: application/json" -d '{ "enabled":true, "auth_user":"xxx", "auth_password": "xxx", "url": "https://github.com/xxx/xxx.git" }'
Relevant Terraform Configuration
This uses the terraform provider to create a new project with pull mirroring enabled:
module "xxx" {
source = "./modules/gitlab-project"
name = "xxx"
namespace_id = module.github_group.id
default_branch = "master"
mirror = "pull-github"
remote_repository_url = "https://github.com/xxx/xxx.git"
}
# Create GitLab project
resource "gitlab_project" "this" {
name = var.name
path = local.project_path
description = local.project_description
namespace_id = var.namespace_id
visibility_level = var.visibility_level
default_branch = var.default_branch
# Project features
issues_enabled = var.issues_enabled
merge_requests_enabled = var.merge_requests_enabled
wiki_enabled = var.wiki_enabled
snippets_enabled = var.snippets_enabled
container_registry_access_level = var.container_registry_enabled ? "enabled" : "disabled"
# Pull mirroring configuration (only when pull mirroring is enabled)
import_url = local.pull_enabled ? var.remote_repository_url : null
import_url_username = local.pull_enabled ? data.aws_secretsmanager_secret_version.mirror_username[0].secret_string : null
import_url_password = local.pull_enabled ? data.aws_secretsmanager_secret_version.mirror_password[0].secret_string : null
mirror = local.pull_enabled ? true : null
mirror_trigger_builds = local.pull_enabled ? var.mirror_trigger_builds : null
mirror_overwrites_diverged_branches = local.pull_enabled ? var.mirror_overwrites_diverged_branches : null
}
Relevant Terraform Command
terraform applyRelevant Log Output
│ Error: POST https://gitlab.xxx/api/v4/projects: 422 {message: Unable to access repository with the URL and credentials provided}
│
│ with module.xxx.gitlab_project.this,
│ on modules/gitlab-project/main.tf line 45, in resource "gitlab_project" "this":
│ 45: resource "gitlab_project" "this" {Additional Details
It seems the underlying issue is a bug in Gitlab itself. But the issue would be solved if the terraform provider uses the new proper REST endpoint as for push mirroring.