You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When running terraform - e.g. terraform init, it should consult the lockfile and figure out which providers to download manually. It should do this regardless of how the lockfile has been put together (ie on which distro ir was originally generated and committed).
Actual Behavior
Actually the lockfile is causing many errors:
First of all the initial state of the lockfile (that was generated by someone else in the team using original terraform init, and then committing)
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/archive" {
version = "2.2.0"
hashes = [
"h1:2K5LQkuWRS2YN1/YoNaHn9MAzjuTX8Gaqy6i8Mbfv8Y=",
]
}
Now I check out the same repo, and issue a terraform init
terraform init
Initializing modules...
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/archive from the dependency lock file
- Using hashicorp/archive v2.2.0 from the shared cache directory
╷
│ Error: Failed to install provider from shared cache
│
│ Error while importing hashicorp/archive v2.2.0 from the shared cache directory: the provider cache at .terraform/providers has a copy of
│ registry.terraform.io/hashicorp/archive 2.2.0 that doesn't match any of the checksums recorded in the dependency lock file.
╵
Trying this suggestion (tried from GH issue)
terraform init -reconfigure
...
╷
│ Error: Failed to install provider from shared cache
│
│ Error while importing hashicorp/archive v2.2.0 from the shared cache directory: the provider cache at .terraform/providers has a copy of
│ registry.terraform.io/hashicorp/archive 2.2.0 that doesn't match any of the checksums recorded in the dependency lock file.
╵
Trying this suggestion (tried from GH issue)
terraform init -upgrade
...
╷
│ Error: Failed to install provider from shared cache
│
│ Error while importing hashicorp/archive v2.2.0 from the shared cache directory: the provider cache at .terraform/providers has a copy of
│ registry.terraform.io/hashicorp/archive 2.2.0 that doesn't match any of the checksums recorded in the dependency lock file.
╵
Trying this suggestion (tried from GH issue)
terraform providers lock -platform=darwin_amd64 -platform=linux_amd64 -platform=darwin_arm64 -platform=linux_arm64
- Fetching hashicorp/archive 2.2.0 for darwin_amd64...
- Obtained hashicorp/archive checksums for darwin_amd64 (signed by HashiCorp)
- Fetching hashicorp/archive 2.2.0 for linux_amd64...
╷
│ Error: Could not retrieve providers for locking
│
│ Terraform failed to fetch the requested providers for linux_amd64 in order to calculate their checksums: some
│ providers could not be installed:
│ - registry.terraform.io/hashicorp/archive: the current package for registry.terraform.io/hashicorp/archive 2.2.0
│ doesn't match any of the checksums previously recorded in the dependency lock file
│ - registry.terraform.io/hashicorp/aws: the current package for registry.terraform.io/hashicorp/aws 4.33.0 doesn't
│ match any of the checksums previously recorded in the dependency lock file
│ - registry.terraform.io/hashicorp/time: the current package for registry.terraform.io/hashicorp/time 0.8.0 doesn't
│ match any of the checksums previously recorded in the dependency lock file.
So it seems whatever I try, it really wants to try and download/check against some hash that exists and it cant find any that match?
OK - so now I blow away the file and start with the providers lock command:
rm .terraform.lock.hcl && terraform providers lock -platform=darwin_amd64 -platform=linux_amd64 -platform=darwin_arm64 -platform=linux_arm64
- Fetching hashicorp/archive 2.2.0 for darwin_amd64...
- Obtained hashicorp/archive checksums for darwin_amd64 (signed by HashiCorp)
- Fetching hashicorp/archive 2.2.0 for linux_amd64...
- Obtained hashicorp/archive checksums for linux_amd64 (signed by HashiCorp)
- Fetching hashicorp/archive 2.2.0 for darwin_arm64...
- Obtained hashicorp/archive checksums for darwin_arm64 (signed by HashiCorp)
- Fetching hashicorp/archive 2.2.0 for linux_arm64...
- Obtained hashicorp/archive checksums for linux_arm64 (signed by HashiCorp)
Success! Terraform has updated the lock file.
So what is the difference pre and post this change?
It seems very much to me that the lockfile system is kinda broken - in this case I had a perfectly valid hash (note that after the final success, the original hash is still there) - but when using providers lock after the original has been generated, as it iterates through the OS distributions it is trying to match a hash for one distro with the list of hashes for an iterated distro - they dont match, so it refuses to generate the file.
Also there seems to be no information in the lockfile about which hashes relate to which distros - in which case you probably cant figure this out from the code either - so this multi-distro terraforming is bound to be problematic?
Steps to Reproduce
I've included all the info above
Additional Context
No response
References
No response
The text was updated successfully, but these errors were encountered:
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Terraform Version
Terraform Configuration Files
Not relevant
Debug Output
Not able to supply at this stage
Expected Behavior
When running terraform - e.g. terraform init, it should consult the lockfile and figure out which providers to download manually. It should do this regardless of how the lockfile has been put together (ie on which distro ir was originally generated and committed).
Actual Behavior
Actually the lockfile is causing many errors:
First of all the initial state of the lockfile (that was generated by someone else in the team using original terraform init, and then committing)
Now I check out the same repo, and issue a terraform init
Trying this suggestion (tried from GH issue)
Trying this suggestion (tried from GH issue)
Trying this suggestion (tried from GH issue)
So it seems whatever I try, it really wants to try and download/check against some hash that exists and it cant find any that match?
OK - so now I blow away the file and start with the providers lock command:
So what is the difference pre and post this change?
It seems very much to me that the lockfile system is kinda broken - in this case I had a perfectly valid hash (note that after the final success, the original hash is still there) - but when using providers lock after the original has been generated, as it iterates through the OS distributions it is trying to match a hash for one distro with the list of hashes for an iterated distro - they dont match, so it refuses to generate the file.
Also there seems to be no information in the lockfile about which hashes relate to which distros - in which case you probably cant figure this out from the code either - so this multi-distro terraforming is bound to be problematic?
Steps to Reproduce
I've included all the info above
Additional Context
No response
References
No response
The text was updated successfully, but these errors were encountered: