Terraform Controller Installs Corrupted Azure Provider

[paterson-deshommes]

Describe the bug
It seems that the terraform controller sometimes installs a corrupted terraform azure provider when executing the terraform-executor container. The container logs contain error similar too: Failed to instantiate provider "registry.terraform.io/hashicorp/azurerm" to obtain schema: fork/exec .terraform/plugins/registry.terraform.io/hashicorp/azurerm/2.32.0/linux_amd64/terraform-provider-azurerm_v2.32.0_x5: exec format error. Check this issue.

To Reproduce
Create the following component:

apiVersion: core.oam.dev/v1alpha2
kind: ComponentDefinition
metadata:
  name: db-azure-sql
  annotations:
    definition.oam.dev/description: Terraform configuration for Azure SQL Database
  labels:
    type: terraform
spec:
  workload:
    definition:
      apiVersion: terraform.core.oam.dev/v1beta1
      kind: configuration
  schematic:
    terraform:
      # What goes in the configuration section is pure terraform
      configuration: |

        provider "azurerm" {
          features {}
        }

        resource "azurerm_resource_group" "rg" {
          name     = var.resource_group_name
          location = var.location
        }

        resource "azurerm_mssql_database" "db" {
          name                             = var.db_name
          server_id                        = azurerm_mssql_server.server.id
        }

        resource "azurerm_mssql_server" "server" {
          name                         = var.server_name
          resource_group_name          = azurerm_resource_group.rg.name
          location                     = azurerm_resource_group.rg.location
          version                      = "12.0"
          administrator_login          = var.db_admin_username
          administrator_login_password = var.db_admin_password
        }

        variable server_name {
          description = "Database server name"
          type = string
        }

        variable resource_group_name {
          description = "Resource group holding the Azure SQL Database"
          type = string
        }

        variable db_name {
          description = "Database name"
          type = string
        }

        variable location {
          description = "Region in which the resource group, the sql server and the sql database will be deployed"
          type = string
        }

        variable db_admin_username {
          description = "Username of the database administrator account"
          type = string
        }

        variable db_admin_password {
          description = "Passwrod of the database administrator account"
          type = string
        }

        output "CONNECTION_STRING" {
          value = "Server=tcp:${azurerm_mssql_server.server.fully_qualified_domain_name},1433;Initial Catalog=${azurerm_mssql_database.db.name};Persist Security Info=False;User ID=${var.db_admin_username};Password=${var.db_admin_password};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
        }

        output "DATABASE_NAME" {
          value = azurerm_mssql_database.db.name
        }

        output "SQL_SERVER_FQDN" {
          value = azurerm_mssql_server.server.fully_qualified_domain_name
        }

        output "SQL_SERVER_ID" {
          value = azurerm_mssql_server.server.id
        }

and the following application to create it:

apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
  name: sampleapp
  # necessary for the nginx-controller to discover the ingress and assign it an address
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  components:
    - name: database
      type: db-azure-sql
      properties:
        server_name: kubevela-sql-server
        db_name: kubevela-db
        location: eastus
        db_admin_username: someadmin
        db_admin_password: somepwd
        resource_group_name: kubevela-demo-db
        writeConnectionSecretToRef:
          name: db-output
          namespace: default

Apply the application file on the cluster and check the terraform-executor container log.

Expected behavior
Whatever azure provider version the controller choose to install, it should work out of the box.

Screenshots

KubeVela Version

1.1

Cluster information
1.20

Additional context
To solve the issue, I had to manually ssh into the cluster, find the location of the offending file and manually download the same file using a command similar to curl https://releases.hashicorp.com/terraform-provider-azurerm/2.60.0/terraform-provider-azurerm_2.60.0_linux_amd64.zip --output tmp/terraform-provider-azurerm_2.60.0_linux_amd64.zip (do not mind the version, it's just an example) and put it in the same location. By running the command file on the original one, I could see that it was corrupted. Running file on the new one I downloaded showed it was ok.

[zzxwill]

@paterson-deshommes Thanks for reporting the issue. I have fixed the issue in the latest release. Can you try vela-core 1.1.4?

[zzxwill]

BTW, do you have any cloud resources in Azure for your own services? If yes, you can list them in this thread #2442.

[paterson-deshommes]

Sure I'll try with the latest release and I'll update the thread you posted.

[emanuelr93]

I have the same issue with AWS.

The version of vela-core is 1.1.5: