Tools image doesn't work on macOS

thomassuedbroecker commented 2 years ago

FYI: @triceam @csantanapr @timroster

Problems:

When executing following command inside the tools image I get several problems

sh apply.sh

Problem 1: I need to redefine already defined variable values

Define in the custom-bom.yaml

        - name: gitops_repo_repo
          value: "iascable-gitops"

Request for input:

> Provide a value for 'gitops_repo_repo':
  The short name of the repository (i.e. the part after the org/group name)
> iascable-gitops

Problem 2: The token can't be inserted:

Provide a value for 'gitops_repo_token':
  The personal access token used to access the repository
>

Workaround: I edit the variables.yaml.tmp manually on the local computer and insert the needed value. Maybe related to the issue: https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets/issues/66

  - name: gitops_repo_token
    value: ghp_XXXX

Problem 3: Terraform init is not invoked

There are some problems with the CLI configuration:
╷
│ Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory
│
╵

As a result of the above problems, Terraform may not behave as intended.

Usage: terraform [global options] init [options]

  Initialize a new or existing Terraform working directory by creating
  initial files, loading any remote state, downloading modules, etc.

  This is the first command that should be run for any new or existing
  Terraform configuration per machine. This sets up all the local data
  necessary to run Terraform that is typically not committed to version
  control.

  This command is always safe to run multiple times. Though subsequent runs
  may give errors, this command will never delete your configuration or
  state. Even so, if you have important information, please back it up prior
  to running this command, just in case.

Options:

  -backend=false          Disable backend or Terraform Cloud initialization for
                          this configuration and use what what was previously
                          initialized instead.

                          aliases: -cloud=false

  -backend-config=path    Configuration to be merged with what is in the
                          configuration file's 'backend' block. This can be
                          either a path to an HCL file with key/value
                          assignments (same format as terraform.tfvars) or a
                          'key=value' format, and can be specified multiple
                          times. The backend type must be in the configuration
                          itself.

  -force-copy             Suppress prompts about copying state data when
                          initializating a new state backend. This is
                          equivalent to providing a "yes" to all confirmation
                          prompts.

  -from-module=SOURCE     Copy the contents of the given module into the target
                          directory before initialization.

  -get=false              Disable downloading modules for this configuration.

  -input=false            Disable interactive prompts. Note that some actions may
                          require interactive prompts and will error if input is
                          disabled.

  -lock=false             Don't hold a state lock during backend migration.
                          This is dangerous if others might concurrently run
                          commands against the same workspace.

  -lock-timeout=0s        Duration to retry a state lock.

  -no-color               If specified, output won't contain any color.

  -plugin-dir             Directory containing plugin binaries. This overrides all
                          default search paths for plugins, and prevents the
                          automatic installation of plugins. This flag can be used
                          multiple times.

  -reconfigure            Reconfigure a backend, ignoring any saved
                          configuration.

  -migrate-state          Reconfigure a backend, and attempt to migrate any
                          existing state.

  -upgrade                Install the latest module and provider versions
                          allowed within configured constraints, overriding the
                          default behavior of selecting exactly the version
                          recorded in the dependency lockfile.

  -lockfile=MODE          Set a dependency lockfile mode.
                          Currently only "readonly" is valid.

  -ignore-remote-version  A rare option used for Terraform Cloud and the remote backend
                          only. Set this to ignore checking that the local and remote
                          Terraform versions use compatible state representations, making
                          an operation proceed even when there is a potential mismatch.
                          See the documentation on configuring Terraform with
                          Terraform Cloud for more information.
There are some problems with the CLI configuration:
╷
│ Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory
│
╵

As a result of the above problems, Terraform may not behave as intended.

╷
│ Error: Module not installed
│ 
│   on main.tf line 1:
│    1: module "argocd-bootstrap" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 18:
│   18: module "cluster" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 46:
│   46: module "cos" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 58:
│   58: module "gitops_repo" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 79:
│   79: module "ibm-vpc" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 94:
│   94: module "ibm-vpc-gateways" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 104:
│  104: module "ibm-vpc-subnets" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 121:
│  121: module "olm" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 128:
│  128: module "resource_group" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 137:
│  137: module "sealed-secret-cert" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.

Workaround doesn't work:

When I execute the apply only on my local computer I get another error: You can find her https://github.com/cloud-native-toolkit/iascable/issues/162

Steps to reproduce:

Step 1: BOM definition

apiVersion: cloudnativetoolkit.dev/v1alpha1
kind: BillOfMaterial
metadata:
  name: my-ibm-vpc-roks-argocd
spec:
  modules:
    # Virtual Private Cloud - related
    - name: ibm-vpc
      variables:
      - name: ibm-vpc_name
        value: "tsued-gitops-sample"
    - name: ibm-vpc-subnets
      variables:
      - name: ibm-vpc-subnets_label
        value: "tsued-gitops-sample"
      - name: ibm-vpc-subnets__count
        value: 1
    - name: ibm-vpc-gateways
    # ROKS - related
    - name: ibm-ocp-vpc
      variables:
        - name: cluster_name
          value: "tsued-gitops-sample"
        - name: worker_count
          value: 2
        - name: region
          value: "eu-de" 
    # Install OpenShift GitOps and Bootstrap GitOps (aka. ArgoCD) - related
    - name: argocd-bootstrap
      variables:
        - name: gitops_repo_username
          value: "thomassuedbroecker"
        - name: gitops_repo_org
          value: "thomassuedbroecker"
        - name: gitops_repo_token
        - name: gitops_repo_type
          value: "GIT"
        - name: gitops_repo_host
          value: "github.com"
        - name: gitops_repo_repo
          value: "iascable-gitops"
        - name: gitops_repo_server_name
          value: "tsued-gitops-sample"

Step 2: Install colima container engine

On macOS

brew install docker colima
colima start

Step 3: Build the project based on Bill of Material `BOM` file

iascable build -i my-vpc-roks-argocd-bom.yaml

Step 4: Start the tools container provided by the `IasCable`

cd output
sh launch

Step 5: In the running container verify the mapped resources

~/src $ ls
launch.sh               my-ibm-vpc-roks-argocd

Step 6: Use `output/my-ibm-vpc-roks-argocd/apply.sh` to configure the terraform variables.

cd my-ibm-vpc-roks-argocd
sh apply.sh

triceam commented 2 years ago

The first 2 issues you posted are not bugs. You have an invalid BOM yaml file. Two things I noticed:

You are adding the name prefix to the variable within the bom. If you want to set a default value, you would just need to add a repo variable in the variables block that is associated with the module, not gitops_repo_repo. When iascable generates, it automatically prefixes the module name to the variable name (to avoid collisions), unless you declare it with global scope. So that gitops_repo_ prefix comes from a module with id or alias gitops_repo.
The gitops_repo_token error is b/c your variable names don't match. See the next bullet point...
Your variables don't match the inputs of the module. In your yaml you have variables listed that are not input variables of the argocd-bootstrap module. If you look at the argo-bootstrap module here: https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap/blob/main/variables.tf you can see there is no gitops_repo_username",gitops_repo_org,gitops_repo_tokenorgitops_repo_typevariables. However, there are variables of those names on the (minus the prefix) on thegitops` module at https://github.com/cloud-native-toolkit/terraform-tools-gitops/blob/main/variables.tf. It looks like those modules may have gotten mixed up.

For example:

triceam commented 2 years ago

For the terraform init problem, are you trying to execute in the volume that was mapped to the container? IE: in your steps to reproduce, you are executing in ~/src. Is that src directory a volume that is mapped directly to the local file system? If so, you can't write to it b/c of OS permission issues between the container engine and host file system. That is why all of our solutions have a setup-workspace.sh script that copies the necessary files to a different directory, so that there are no permission issues.

For example:

timroster commented 2 years ago

@thomassuedbroecker - a question about Problem 3. Are you using podman and rootful containers? If so can you check the environment in the shell to see if TF_CLI_ARGS is set?

I found that when trying to test various rootless/rootful conatiners in podman with the quay.io/ibmgaragecloud/cli-tools:v1.1 derived images that this environment variable was set which was breaking both terraform init and even terraform version

timroster commented 2 years ago

for Problem 3 - if you run set do you have a TF_CLI_ARGS variable vs TF_CLI_ARGS_apply? This commit: https://github.com/cloud-native-toolkit/image-cli-tools/commit/c9e799a7fb6c2616a468b6f60199be1bd8f7e196 fixed this issue introduced by https://github.com/cloud-native-toolkit/image-cli-tools/pull/62

triceam commented 2 years ago

If he is using the latest image, that shouldn't be an issue. I suspect he's running into a permission issue between root/non-root user. I think @seansund was looking into that earlier today.

triceam commented 2 years ago

Confirmed. The change that @timroster mentioned above somehow didn't make it into the v1.1 image. I'm working on getting that updated, but the github action to publish is failing for unrelated reasons. I'm working that out now... In the meantime, @thomassuedbroecker you can update the launch script to use the v1.2 image, and it should work fine.

triceam commented 2 years ago

The Terraform init is not invoked issue should be resolved now. You may need to purge the old image from your local machine in order for the new one to be downloaded correctly.

To purge all images in colima, run:

colima stop && colima delete && colima start

I have confirmed, it is working now using quay.io/ibmgaragecloud/cli-tools:v1.1:

thomassuedbroecker commented 2 years ago

colima stop && colima delete && colima start

FYI @triceam

Step 1: execute `colima stop && colima delete && colima start`

INFO[0000] stopping colima                              
INFO[0000] not running                                   context=vm
INFO[0000] done                                         
are you sure you want to delete colima and all settings? [y/N] yes
INFO[0007] deleting colima                              
INFO[0007] done                                         
INFO[0000] starting colima                              
INFO[0000] runtime: docker                              
INFO[0000] preparing network ...                         context=vm
INFO[0000] creating and starting ...                     context=vm
> Terminal is not available, proceeding without opening an editor
INFO[0031] provisioning ...                              context=docker
INFO[0031] starting ...                                  context=docker
INFO[0037] done

Step 2: Update custom `BOM`

apiVersion: cloudnativetoolkit.dev/v1alpha1
kind: BillOfMaterial
metadata:
  name: my-ibm-vpc-roks-argocd
spec:
  modules:
    # Virtual Private Cloud - related
    # - subnets
    # - gateways
    - name: ibm-vpc
      alias: ibm-vpc
      version: v1.16.0
      variables:
      - name: name
        value: "tsued-gitops-sample"
      - name: tags
        value: ["tsuedro"]
    #  - name: region
    #    value: "eu-de"
    - name: ibm-vpc-subnets
      alias: ibm-vpc-subnets
      version: v1.13.2
      variables:
        - name: _count
          value: 1
        - name: name
          value: "tsued-gitops-sample"
        - name: tags
          value: ["tsuedro"]
    - name: ibm-vpc-gateways
      # alias: ibm-vpc-gateways
      # version: v1.9.0
      # variables:
        # - name: region
        #   value: "eu-de"      
    # - name: ibm-resource-group
    #  alias: ibm-resource-group
    #  version: v3.3.0
    #  variables:
    #  - name: resource_group_name
    #    value: "default"
    # ROKS - related
    # - objectstorage
    - name: ibm-ocp-vpc
      alias: ibm-ocp-vpc
      version: v1.15.5
      variables:
        - name: cluster_name
          value: "tsued-gitops"
        - name: worker_count
          value: 2
        - name: tags
          value: ["tsuedro"]
        # - name: region
        #  value: "eu-de"
    - name: ibm-object-storage
      alias: ibm-object-storage
      version: v4.0.3
      variables:
        - name: name
          value: "cos_tsued_gitops"
        - name: tags
          value: ["tsuedro"]
        - name: label
          value: ["cos_tsued"]
        # - name: resource_group_name
        #   value: "default"
        #- name: resource_location
        #  value: "gobal"
    # Install OpenShift GitOps and Bootstrap GitOps (aka. ArgoCD) - related
    # - argocd
    # - gitops
    - name: argocd-bootstrap
      alias: argocd-bootstrap
      version: v1.12.0
      variables:
        - name: repo_token
    - name: gitops-repo
      alias: gitops-repo
      version: v1.20.2
      variables:
        - name: host
          value: "github.com"
        - name: type
          value: "GIT"
        - name: org
          value: "thomassuedbroecker"
        - name: username
          value: "thomassuedbroecker"
        - name: project
          value: "iascable-gitops"
        - name: repo
          value: "iascable-gitops"

Step 3: Build the project based on Bill of Material BOM file

iascable build -i my-vpc-roks-argocd-bom.yaml

Step 4: Start the tools container provided by the IasCable

cd output
sh launch.sh
Cleaning up old container: cli-tools-HV0Cg
Initializing container cli-tools-HV0Cg from quay.io/ibmgaragecloud/cli-tools:v1.1
Unable to find image 'quay.io/ibmgaragecloud/cli-tools:v1.1' locally
v1.1: Pulling from ibmgaragecloud/cli-tools
...

Execute apply.sh:

inside toolscontainer $ cd  my-ibm-vpc-roks-argocd
inside toolscontainer $ sh apply.sh

Interaction for the variables:

Problems during this interaction

Not able to insert GitHub Token in the terminal! need to edit manually the variables.yaml.tmp
IBM Cloud API Key insert works inside the terminal!

Variables can be provided in a yaml file passed as the first argument

Provide a value for 'gitops-repo_host':
  The host for the git repository. The git host used can be a GitHub, GitHub Enterprise, Gitlab, Bitbucket, Gitea or Azure DevOps server. If the host is null assumes in-cluster Gitea instance will be used.
> (github.com) 
Provide a value for 'gitops-repo_org':
  The org/group where the git repository exists/will be provisioned. If the value is left blank then the username org will be used.
> (thomassuedbroecker) 
Provide a value for 'gitops-repo_project':
  The project that will be used for the git repo. (Primarily used for Azure DevOps repos)
> (iascable-gitops)
Provide a value for 'gitops-repo_username':
  The username of the user with access to the repository
> (thomassuedbroecker) 
Provide a value for 'gitops-repo_token':
  The personal access token used to access the repository
> 
> Provide a value for 'ibmcloud_api_key':
> XXX
Provide a value for 'region':
> eu-de
Provide a value for 'worker_count':
  The number of worker nodes that should be provisioned for classic infrastructure
> (2)
Provide a value for 'ibm-ocp-vpc_flavor':
  The machine type that will be provisioned for classic infrastructure
> (bx2.4x16) 
Provide a value for 'ibm-vpc-subnets__count':
  The number of subnets that should be provisioned
> (1) 
Provide a value for 'resource_group_name':
  The name of the resource group
> default

Remaining problem with terraform or to access folders: Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory

There are some problems with the CLI configuration:
╷
│ Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory
│
╵

...

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-gateways" (main.tf:94) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-gateways" (main.tf:94) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-subnets" (main.tf:104) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-gateways" (main.tf:94) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-subnets" (main.tf:104) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "olm" (main.tf:121) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-gateways" (main.tf:94) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-subnets" (main.tf:104) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "olm" (main.tf:121) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "resource_group" (main.tf:128) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-resource-group?ref=v3.3.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-resource-group?ref=v3.3.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/resource_group'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/resource_group
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "argocd-bootstrap" (main.tf:1) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-argocd-bootstrap.git?ref=v1.12.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/argocd-bootstrap
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "gitops-repo" (main.tf:18) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-tools-gitops.git?ref=v1.20.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/gitops-repo
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-object-storage" (main.tf:39) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-object-storage?ref=v4.0.3':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-object-storage
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-ocp-vpc" (main.tf:51) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc?ref=v1.15.5':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-ocp-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc" (main.tf:79) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc?ref=v1.16.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-gateways" (main.tf:94) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-gateways?ref=v1.9.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-gateways
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "ibm-vpc-subnets" (main.tf:104) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-vpc-subnets?ref=v1.13.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/ibm-vpc-subnets
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "olm" (main.tf:121) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-k8s-olm.git?ref=v1.3.2':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/olm
│ 
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "resource_group" (main.tf:128) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-ibm-resource-group?ref=v3.3.0":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-ibm-resource-group?ref=v3.3.0':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/resource_group'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/resource_group
│ .
╵

╷
│ Error: Failed to download module
│ 
│ Could not download module "sealed-secret-cert" (main.tf:137) source code from
│ "git::https://github.com/cloud-native-toolkit/terraform-util-sealed-secret-cert.git?ref=v1.0.1":
│ error downloading
│ 'https://github.com/cloud-native-toolkit/terraform-util-sealed-secret-cert.git?ref=v1.0.1':
│ /usr/bin/git exited with 128: fatal: unsafe repository
│ ('/home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/sealed-secret-cert'
│ is owned by someone else)
│ To add an exception for this directory, call:
│ 
│       git config --global --add safe.directory
│ /home/devops/src/my-ibm-vpc-roks-argocd/terraform/.terraform/modules/sealed-secret-cert
│ 
╵

There are some problems with the CLI configuration:
╷
│ Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory
│
╵

As a result of the above problems, Terraform may not behave as intended.

╷
│ Error: Module not installed
│ 
│   on main.tf line 1:
│    1: module "argocd-bootstrap" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 18:
│   18: module "gitops-repo" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 39:
│   39: module "ibm-object-storage" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 51:
│   51: module "ibm-ocp-vpc" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 79:
│   79: module "ibm-vpc" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 94:
│   94: module "ibm-vpc-gateways" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 104:
│  104: module "ibm-vpc-subnets" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 121:
│  121: module "olm" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 128:
│  128: module "resource_group" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.
╵
╷
│ Error: Module not installed
│ 
│   on main.tf line 137:
│  137: module "sealed-secret-cert" {
│ 
│ This module is not yet installed. Run "terraform init" to install all modules
│ required by this configuration.

thomassuedbroecker commented 2 years ago

For the terraform init problem, are you trying to execute in the volume that was mapped to the container? IE: in your steps to reproduce, you are executing in ~/src. Is that src directory a volume that is mapped directly to the local file system?

@triceam

are you trying to execute in the volume that was mapped to the container? -> yes
IE: in your steps to reproduce, you are executing in ~/src. Is that src directory a volume that is mapped directly to the local file system? -> yes

If so, you can't write to it b/c of OS permission issues between the container engine and host file system. That is why all of our solutions have a setup-workspace.sh script that copies the necessary files to a different directory, so that there are no permission issues.

-> That's not right as you can see the variables files variables.yaml.tmp and variables.yaml will be created form inside the container inside the mapped volume. The images shows all folder which were created:

The problems are the hidden folders which will be created from inside the container. As you can see in the following image all public folders can be seen accessed:

Even the hidden folders can be seen with ls -A ~ command:

Ok, but the hidden files cannot be accessed:

thomassuedbroecker commented 2 years ago

Trying following:

Local machine

iascable build -i my-vpc-roks-argocd-bom.yaml
cd output
sh launch.sh

Inside the container

Copy the folder and execute apply.sh

~/src $ ls
launch.sh               my-ibm-vpc-roks-argocd
~/src $ cp -R ./my-ibm-vpc-roks-argocd ../
~/src $ cd ..
~ $ ls
etc                     my-ibm-vpc-roks-argocd  terraform
~ $ cd my-ibm-vpc-roks-argocd/
~/my-ibm-vpc-roks-argocd $ ls
apply.sh          dependencies.dot  terraform
bom.yaml          destroy.sh
~ $ sh apply.sh
...
Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: no

Stop the execution to edit the variables file to insert the missing gitops-repo_token

vi variables.yaml
cat  variables.yaml

Run apply.sh again

~ $ sh apply.sh
...
Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

Result or ongoing process

vpc was created with the right name tsued-gitops-sample
cos was created with the right name default-cos_tsued
cluster is going to be created with the wrong name default-cluster should be tsued-gitops maybe I used the wrong variable
github project was created with the right name iascable-gitops (after reapply and insert the credentials)
Red Hat OpenShift Pipelines operator is installed on the cluster
Argo CD was installed
Bootstrap project is available in Argo CD

Note: I needed to add the gitops-repo_token once more and execute the apply.sh again

timroster commented 2 years ago

@thomassuedbroecker regarding:

Remaining problem with terraform or to access folders: Error: The specified plugin cache dir /home/devops/.terraform.d/plugin-cache cannot be opened: stat /home/devops/.terraform.d/plugin-cache: no such file or directory

This is a known issue with using either colima or podman directly with the output from iascable at the present time. It only works with Docker Desktop. Fixes are being discussed here: https://github.com/cloud-native-toolkit/automation-solutions/issues/181

In the README for this tool, there is no mention at present of using a container runtime, until this is fixed if you want to work at the low level of BOM development and iascable, it is better to configure your workstation with latest terraform 1.1 (some testing now with 1.2) and run as described here: https://github.com/cloud-native-toolkit/iascable#readme

thomassuedbroecker commented 2 years ago

@timroster Thanks, for pointing to the issue https://github.com/cloud-native-toolkit/automation-solutions/issues/181 I already did working with iascable on the local machine and https://github.com/cloud-native-toolkit/iascable#readme as you maybe have seen in my different blog posts I made. (https://suedbroecker.net/2022/07/06/get-started-with-an-installable-component-infrastructure-by-selecting-components-from-a-catalog-of-available-modules-with-iascable/) The reason why I using tools container is that I had an issue on the local macOS https://github.com/cloud-native-toolkit/iascable/issues/162 , because the a bin can't be executed.

cloud-native-toolkit / iascable