Error "signature does not match" when creating a TAG release on Github repository integrated with a Private registry module

Introduction

When trying to publish a new version of your code via Github tag releases an error "signature does not match" is shown.

Expected Outcome

After applying the steps on this document you should be able to publish new releases with no error.

Use Case

Together with the error above, on the webhook created you might see a "401 unauthorized error"

Procedure

For this error the best approach is to first delete the module from the private registry, which will also delete the webhook on Github and re-publish that module. 

This procedure will not delete any information on your Github repository.

Delete the existing module on Terraform Enterprise

• Click on your Organization > Registry
• Click on the module you want to delete and then on the new page click on “Manage module for organization”
• Click on “Delete module”
• Select “Delete all versions for this provider for this module” and then populate the word “delete” on the box. Click on “Delete”.
• You should now see that the module is not listed anymore.

Check If the webhook is deleted on Github.com repository

• Go to the URL https://github.com/<your_profile>/<repo_name>/settings/hooks
• If you see a webhook pointing to Terraform Enterprise  make sure you delete it before proceeding by clicking on "Delete"  and then on "Yes, delete Webhook".

Publish a new Private registry module using the existing VCS connection 

• On Terraform Enterprise in your Organization, click on “registry”
• Click on “Publish” and then “Module”. You should see the VCS repo created before here.
• Click on it and you should now see a list of available repositories
• Click on the repository you need, and you will be sent do the “Confirm Selection” screen:
• In our case, we want the “Tag” publishing type, which is already pre-selected. So we just click on “Publish module”. After a few moments, we should see the new published module.
• The above confirms that on TFE side the module was created, we now should confirm that on Github side the webhook, that is responsible for this communication, is created. For that, go to the integrated repository and click on “Settings” > “Webhooks”. We should see the connection to our TFE been shown with no errors.

Test a new TAG release

Create a new TAG release

• On your repository, click on “releases”
• A page like below will appear, then click on “Draft new release”

• Click on “Choose tag” and add the new tag name and then “Create new tag”:

• Give the release a name and click on “Publish release”

• The release should now show in the "releases" page.
• If all goes well, after refreshing your TFE registry page you should see the new tag on the module.

Additional Information

• For more info on how to check Webhook communication, check our document How to verify a VCS webhook is being received by Terraform Enterprise