Terraform - working around 'error installing provider'
Introduction
Recently many teams I have been working with have been hitting this error installing provider
issue with Terraform. We have noticed that it is only happening with Terraform 0.11 (could be happening with other versions, we just haven’t noticed it yet).
The error message is in lines of
Error installing provider "null": openpgp: signature made by unknown entity.
Terraform analyses the configuration and state and automatically downloads
plugins for the providers used. However, when attempting to download this
plugin an unexpected error occured.
This may be caused if for some reason Terraform is unable to reach the
plugin repository. The repository may be unreachable if access is blocked
by a firewall.
If automatic installation is not possible or desirable in your environment,
you may alternatively manually install plugins by downloading a suitable
distribution package and placing the plugin's executable file in the
following directory:
terraform.d/plugins/windows_amd64
Workaround
Warning: This is not recommended for production use.
The only way it seems to work for us is to use unverified plugins.
terraform init -verify-plugins=false
Explanation
The issue here is the openpgp
plugin signature has changed and by default Terraform
performs verification for any plugins used. By skipping verification, we are at risk of getting security vulnerabilities into our deployment process. Hence it is not recommended to skip plugin verification in production systems. This can be a quick workaround while you possibly upgrade your Terraform and provider versions to use the latest valid plugins.
Please note that I was unable to find any official documentation about this terraform init
parameter. The only place it is described is at lightnetics.com.
Conclusion
Hope this was useful and saved you some time. Please do share your learnings. If you have any thoughts or comments please do get in touch with me on Twitter @rubberduckdev. Or use the Disqus plugin below.