Terraform 0.14 Introduces a Dependency Lock File for Providers
New dependency lock files in Terraform 0.14 help duplicate previous runs so they use exactly the same provider versions.
Terraform 0.14 introduces a new dependency lock file, focused on providers, to simplify managing Terraform automation. Starting in Terraform 0.13, the possibility to install providers from customer-controlled or third-party remote registries increases the need to be able to replicate Terraform runs in automation. These remote and automated Terraform workflows need to be able to duplicate previous runs exactly.
The dependency lock file launching with Terraform 0.14 is generated automatically when Terraform init is run. The generated lockfile should be committed into version control systems so that Terraform can guarantee to select exactly the same provider versions on future runs.
Upgrading to a new provider (or collection of providers) can be completed via terraform init -upgrade.
Example of a lockfile entry:
provider "registry.terraform.io/hashicorp/azurerm" {
version = "2.30.0"
constraints = "~> 2.12"
hashes = [
"h1:FJwsuowaG5CIdZ0WQyFZH9r6kIJeRKts9+GcRsTz1+Y=",
"h1:c/ntSXrDYM1mUir2KufijYebPcwKqS9CRGd3duDSGfY=",
"h1:yre4Ph76g9H84MbuhZ2z5MuldjSA4FsrX6538O7PCcY=",
"zh:04f0a50bb2ba92f3bea6f0a9e549ace5a4c13ef0cbb6975494cac0ef7d4acb43",
"zh:2082e12548ebcdd6fd73580e83f626ed4ed13f8cdfd51205d8696ffe54f30734",
"zh:246bcc449e9a92679fb30f3c0a77f05513886565e2dcc66b16c4486f51533064",
"zh:24de3930625ac9014594d79bfa42d600eca65e9022b9668b54bfd0d924e21d14",
"zh:2a22893a576ff6f268d9bf81cf4a56406f7ba79f77826f6df51ee787f6d2840a",
"zh:2b27485e19c2aaa9f15f29c4cff46154a9720647610171e30fc6c18ddc42ec28",
"zh:435f24ce1fb2b63f7f02aa3c84ac29c5757cd29ec4d297ed0618423387fe7bd4",
"zh:7d99725923de5240ff8b34b5510569aa4ebdc0bdb27b7bac2aa911a8037a3893",
"zh:7e3b5d0af3b7411dd9dc65ec9ab6caee8c191aee0fa7f20fc4f51716e67f50c0",
"zh:da0af4552bef5a29b88f6a0718253f3bf71ce471c959816eb7602b0dadb469ca",
]
}
If you don’t want to use this new behavior you can run terraform init -upgrade and discard .terraform.lock immediately after it is created. The lockfile can equally be added to a list of files ignored by version control.
»Getting Started
We have many resources available for 0.14 for new and existing users. To learn more about the new functionality of 0.14 you can:
- Review the documentation
- Try our HashiCorp Learn tutorials which have been updated for Terraform 0.14
- Lock and Upgrade Provider Versions
- Protect Sensitive Input Variables
To get started using 0.14:
- Download the Terraform 0.14 release.
- If you are upgrading from a previous release, read the upgrade guide to learn how to adopt Terraform’s new features.
For more details, please see the full changelog. This release also includes a number of code contributions from the community and wouldn't have been possible without all of the great community feedback we've received via GitHub issues and elsewhere. Thank you!
HashiCorp Terraform 0.14 is the next step on our way to solidifying the Terraform ecosystem and empowering collaborative workflows at organizations of all sizes. You can download Terraform 0.14 here and sign up for a Terraform Cloud account here.
Sign up for the latest HashiCorp news
More blog posts like this one
Fix the developers vs. security conflict by shifting further left
Resolve the friction between dev and security teams with platform-led workflows that make cloud security seamless and scalable.
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.
Speed up app delivery with automated cancellation of plan-only Terraform runs
Automatic cancellation of plan-only runs allows customers to easily cancel any unfinished runs for outdated commits to speed up application delivery.