I have created a gitlab pipeline following the document “” I have added the following variables in the Gitlab
but my pipeline failing with the following error
terraspace plan vnet: Exception Armrest::Error: #Net::HTTPUnauthorized:0x00007f215e9a5ca0
Error running: terraspace plan vnet Fix the error above or check logs for the error.

Adding my .gitlab-ci.yaml file

image: ruby:latest

  - up dev
# ...

before_script: |
  # install terraform
  git clone ~/.tfenv
  echo 'export PATH="$HOME/.tfenv/bin:$PATH"' >> ~/.bash_profile
  export PATH="$HOME/.tfenv/bin:$PATH"
  tfenv install latest
  tfenv use latest
  terraform --version
  # install terraspace
  bundle exec terraspace new shim
  echo 'export PATH="/usr/local/bin:$PATH' >> ~/.bash_profile
  export PATH="/usr/local/bin:$PATH"
  bundle update terraspace

  stage: up dev
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main"'
- TF_ENV="lab" terraspace all plan

I think it is because the pipeline is not able to fetch the credentials. Also, I have added gem "terraspace_plugin_azurerm" in the Gemfile. Any help will be much appreciated. Thanks

I am also seeing this issue just with a fresh demo stack. Any idea whats the issue?

❯ terraspace up demo
Building .terraspace-cache/eastus/dev/stacks/demo
Current directory: .terraspace-cache/eastus/dev/stacks/demo
Creating Resource Group dev-eastus...
Exception Armrest::Error: #<Net::HTTPUnauthorized:0x00000001073f1d78>
/Users/XX/.brew/lib/ruby/gems/3.2.0/gems/armrest-0.1.3/lib/armrest/api/base.rb:43:in `request'
/Users/XX/.brew/lib/ruby/gems/3.2.0/gems/armrest-0.1.3/lib/armrest/api/base.rb:18:in `block (2 levels) in <class:Base>'
/Users/XX/.brew/lib/ruby/gems/3.2.0/gems/armrest-0.1.3/lib/armrest/services/resource_group.rb:20:in `create_or_update'

Seems like a permission issue. When you get a chance, wondering if you can try:


Looks like its because I have not defined a ARM_CLIENT_ID (Service Principal), is there a way to auth without this?

When I use terraform / terragrunt I just need to use az login it it has all the necessary rights. Can this also be done?

Glad you were able to auth.

I see. Remembering this now. It was a doozy. Some history.

Kind of remember that it was a doozy to get it working. One of the reasons had to write armest was for the CLI auth.

Then at some some point, upstream Azure changes broke the CLI auth :man_facepalming:t2: Unsure when will take another look. Will consider PRs. Of course, no sweat either way. Thanks!

Sent a PR with a possible fix

1 Like

Handled by Released in armrest 0.2.0

1 Like