https://www.runatlantis.io/ logo
Title
d

Dustin

02/27/2023, 5:33 PM
Hi. I'm running the Atlantis docker container. I don't want to have to copy my Github app PEM file into the container so I'm trying to pass it in as the environment variable ATLANTIS_GH_APP_KEY. No matter how I format the string, it will not accept it and it gives me the error: [31mError: initializing server: error initializing github authentication transport: could not parse private key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key[39m I've tried just straight copying it and pasting it from the PEM file. I've tried taking out the line breaks. I've tried adding \n where there are line breaks. No matter what I do, it will not take it. I tried digging through the source code to see if I could find any validation that you are doing on the string to see how I should format it, but I didn't find anything helpful. Please advise on how this string needs to be formatted. Thanks so much!
p

PePe Amengual

02/27/2023, 5:40 PM
I’m doing this and I pass it as a string and it works just fine
are you sure you are passing the right key?
ahhh no I do not do that right now, I moved to a ParameterStore secret
but I did have a problem like yours before and it was because I used the wrong key
d

Dustin

02/27/2023, 5:50 PM
According to Github, the PEM file that is generated is PKCS#1 formatted. Based on that, I'm literally just opening that PEM file in notepad++ and copying the contents into my variable value. I know that the key is valid, because if I do copy the key file over and point to it with the ATLANTIS_GH_APP_KEY_FILE variable, then Atlantis loads up just fine.
p

PePe Amengual

02/27/2023, 5:51 PM
starts with :
-----BEGIN RSA PRIVATE KEY-----
d

Dustin

02/27/2023, 5:51 PM
You bet
p

PePe Amengual

02/27/2023, 5:52 PM
I used it as a string before in one very long line and I did not have any issues
OHHHHHH
I use
ATLANTIS_GH_APP_KEY
not _FILE
so you think the file parsing is the issue
d

Dustin

02/27/2023, 5:54 PM
I was just saying that if I pass it the file, then that works, so I know the PEM file is good.
I have tried passing it as one long line and it doesn't take that.
p

PePe Amengual

02/27/2023, 5:55 PM
ok so the way I have it does not work for you
weird
that version of atlantis?
d

Dustin

02/27/2023, 5:56 PM
I'm using the latest docker image that they have in the github repo
p

PePe Amengual

02/27/2023, 5:57 PM
have you enabled debug in atlantis to see if there is any errors?
d

Dustin

02/27/2023, 6:25 PM
The error is in the original post
p

PePe Amengual

02/27/2023, 7:20 PM
ok, just saw it
a

Alberto Rojas

05/25/2023, 11:27 AM
@PePe Amengual what was the solution here? @Dustin PR was: https://github.com/runatlantis/atlantis/pull/1706 We are trying to pull the pem string from AWS SecretsManager and we are getting the same error
Error: initializing server: error initializing github authentication transport: could not parse private key: invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key
p

PePe Amengual

05/25/2023, 2:23 PM
I don't think he found a solution
I use an older version of Atlantis 0.20.1 and I pass the env without the _FILE and it works
do you see anything amiss in the code of that PR?
that was merged while back
a

Alberto Rojas

05/25/2023, 2:28 PM
Sorry I just added the PR as a reference