We are attempting to begin the upgrade of our terraform version we use from v0.11.14 to v0.12. In order to do so, it is advised that we run the command below to check if there are any pre-upgrade tasks.
terraform 0.12checklist
Our expected behaviour is to get a list of task to perform in order to update the configuration files to for compatibility with v0.12. However, we get the following message.
/*****
After analyzing this configuration and working directory, we have identified some necessary steps that we recommend you take before upgrading to Terraform v0.12:
Terraform couldn’t reach the Terraform Registry (at registry.terraform.io) to determine whether current provider plugins are v0.12-compatible.
In general, we recommend upgrading to the latest version of each provider before upgrading to Terraform v0.12.
Taking these steps before upgrading to Terraform v0.12 will simplify the upgrade process by avoiding syntax errors and other compatibility problems.
***/
I do have provider plugin installed locally. Our projects are being executed from a virtual machine on our private network. It has connectivity to trusted sites on the internet typically over https.
https://registry.hashicorp.com is accessible from the virtual machine. Due to security constraint, internet is not accessible from VM. Provider (aws) is installed locally in ~/.terraform.d/plugin. Is there a way/setting so that it does not try to check the registry?
I was able to fix the “checkpoint” error by adding disable_checkpoint=true in .terraformrc file. However, the main problem still exists…
After analyzing this configuration and working directory, we have identified some necessary steps that we recommend you take before upgrading to Terraform v0.12:
* Terraform couldn’t reach the Terraform Registry (at `registry.terraform.io` ) to determine whether current provider plugins are v0.12-compatible.In general, we recommend upgrading to the latest version of each provider before upgrading to Terraform v0.12.
Taking these steps before upgrading to Terraform v0.12 will simplify the upgrade process by avoiding syntax errors and other compatibility problems.
I’m not sure what is causing the connectivity problems for you here, but perhaps you can avoid this problem altogether by knowing what terraform 0.12checklist was going to do here:
The checklist command is accessing a Terraform Registry API endpoint that returns metadata about which provider protocol versions are supported by which releases of a particular provider. In your case it sounds like the aws provider is one of the providers it would need to check.
So the checklist command would access the following URL:
It would then scan that result looking for the version you already have installed (assuming the filename is such that Terraform can recognize the version) and making sure it lists 5.0 under the "protocols" property. That endpoint tells us that the earliest AWS provider release that supported this protocol was 2.7.0, and so the checklist tool would prompt you to upgrade if your current version were earlier than that.
If your current AWS provider version is already 2.7.0 or newer then no upgrade of that provider is needed and you can ignore that checklist item.
In the above I’m assuming that the AWS provider is the only one used by your configurations, but note that the same would apply to any other providers such as null or template that your configurations might be using. If you run terraform providers after a successful terraform init then it should print out all of the providers being used by that particular configuration, so you can check whether any others might need upgrading.
As the message mentions, the Terraform team does recommend upgrading to the latest version of each provider before upgrading, just to separate the provider upgrade task from the Terraform 0.12 upgrade task and thus avoid compounding problems, but upgrading to the earliest version that supports the Terraform 0.12 provider protocol (protocol version 5.0) is sufficient for protocol compatibility.