Windows `-lockfile=readonly` terraform apply issues

This is duplicate of the same issue in providers. Not sure where it fits better, it received no comments there.

I run windows in our pipeline and as part of it I have terraform init -lockfile=readonly while having backend state location on S3.

Somehow on Linux it causes no issues with this but windows fails to apply script with an error:

terraform init -lockfile=readonly <...other vars>

 �a�
�", Warning: Provider lock file not updated
�", 
� ", Changes to the provider selections were detected, but not saved in the
�", .terraform.lock.hcl file.  To record these selections, run "terraform init"
�", without the "-lockfile=readonly" flag.
�a�
 
 Terraform has been successfully initialized! 


terraform apply <...yada yada yada>

�a�
�", Error: Could not load plugin
�", 
�", 
�", Plugin reinitialization required. Please run "terraform init".
�", 
�", Plugins are external binaries that Terraform uses to access and manipulate
�", resources. The configuration provided requires plugins which can't be
�", located,
�", don't satisfy the version constraints, or are otherwise incompatible.
�", 
�", Terraform automatically discovers provider requirements from your
�", configuration, including providers used in child modules. To see the
�", requirements and constraints, run "terraform providers".
�", 
�", 2 problems:
�", 
�", - failed to instantiate provider "registry.terraform.io/hashicorp/aws" to
�", obtain schema: the cached package for registry.terraform.io/hashicorp/aws
�", 3.45.0 (in .terraform\providers) does not match any of the checksums
�", recorded in the dependency lock file
�", - failed to instantiate provider "registry.terraform.io/hashicorp/random"
�", to obtain schema: the cached package for
�", registry.terraform.io/hashicorp/random 3.1.0 (in .terraform\providers) does
�", not match any of the checksums recorded in the dependency lock file

The thing that bogs me that basically the same flow on both platforms, but windows fails to apply and it leans me towards some cache issues. But I need to be certain before I start to clean something.

The dependency lock file requires a checksum for each platform you use. My guess is that your lock file has only checksums for Linux, not Windows.

If you originally installed a provider directly from the Terraform Registry, then Terraform should have recorded all of the checksums for all available platforms. What happens to the lock file contents if you don’t use the -lockfile=readonly flag?

You may want to use the terraform providers lock command to update your lock file with checksums for all the platforms you use.

1 Like