add env var for PluginCacheMayBreakDependencyLockFile #761
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The situation:
In the attempt to upgrade projects to terraform 1.5.7 (mostly from 1.3.1) we encountered strange behavior where it would not use the cache despite the providers (i.e. aws and github) having already been downloaded to the cache. This resulted in us seeing an error
text file busy
when different roots would be trying to access the cache (there were also problems with an incorrect checksum, which was probably caused by the file being overwritten / corrupted) It turns out there was an underlying change in terraform 1.4 in regards to how lockfiles interact with the plugin cache.From this pr hashicorp/terraform@d0a35c6
This change addresses that problem by essentially flipping the decision so that we'll prioritize the lock file behavior over the provider cache behavior. Now a global cache entry is eligible for use if and only if the lock file already contains a checksum that matches the cache entry. This means that the first time a particular configuration sees a new provider it will always be fetched from the configured installation source (typically the origin registry) and record the checksums from that source.
This PR adds the env var which tells terraform to do the old behavior (pre 1.4), which works for us because it will stop our concurrency issues by not overwriting the cache each time.
Note this is a somewhat controversial fix
hashicorp/terraform#32205
https://developer.hashicorp.com/terraform/cli/config/config-file#allowing-the-provider-plugin-cache-to-break-the-dependency-lock-file
Note that other solutions were considered (such as just disabling cache) but those were determined to be suboptimal so not appropriate.