VCS Runs are not Being Triggered in TFE

Avatar
Beau Bishop
  • Updated

Problem

Version Control System (VCS) workflow runs are not being triggered in Terraform Enterprise (TFE). No run attempts are visible in the TFE UI, even after you add new commits to a connected VCS repository.

When you attempt to reconnect your Workspace to the VCS, you may receive the following error.

There was an error fetching some of your repositories. Not Found

Error message in TFE UI: There was an error fetching some of your repositories. Not Found

When you attempt to create a new VCS connection, you may receive this error.

You don't have permission to access that OAuth Client. Please check the configuration in your VCS provider

Error message in TFE UI: You don't have permission to access that OAuth Client.

Reviewing the TFE application logs may reveal the following error.

error=OAuth::Problem message=timestamp_refused token_id=2

Cause

These errors can occur if the system clock on the Terraform Enterprise server has drifted and is out of sync. The OAuth process is sensitive to time discrepancies between the TFE server and the VCS provider.

You can check the server's time synchronization status using the timedatectl command. In the following example output, NTP enabled: no indicates that the Network Time Protocol (NTP) service is not active, which can lead to time drift.

$ timedatectl status
      Local time: Wed 2023-04-19 14:51:22 UTC
  Universal time: Wed 2023-04-19 14:51:22 UTC
        RTC time: Wed 2023-04-19 14:51:22
       Time zone: UTC (UTC, +0000)
     NTP enabled: no
NTP synchronized: no
 RTC in local TZ: no
      DST active: n/a

Solutions

Solution 1: Enable and Synchronize NTP

To resolve this issue, enable the system's NTP daemon to synchronize the server's clock. This command requires root privileges.

# timedatectl set-ntp true

After enabling NTP, verify that the service is active and synchronized by running timedatectl status again. The NTP enabled and NTP synchronized fields should both show yes.

Note: If you are using a self-hosted VCS provider, its system clock could also be out of sync. Ensure that system time is synchronized on both the TFE server and the VCS host.

Additional Information

Articles in this section

Related articles