Terraform Task: Permission Denied

[christopherhouse]

Terrafrom Task Version: 0.0.137

Observed Behavior: terraform plan in a release pipeline fails with the message: _Failed to instantiate provider "azurerm" to obtain schema: fork/exec /home/vsts/work/r1/a/_core-infa-build/drop/.terraform/plugins/linux_amd64/terraform-provider-azurerm_v1.38.0x4: permission denied

Workaround: Add bash script with the following command:

_chmod a+x /home/vsts/work/r1/a/_core-infa-build/drop/.terraform/plugins/linux_amd64/terraform-provider-azurerm_v1.38.0x4

Expected Behavior: Provider should have exec permissions on install rather than having to modify in the pipeline

[Roshan-Kumar-Microsoft]

@13daysaweek Didn't get complete issue ? Can you please share complete debug log and steps to RM_Customer_Queries@microsoft.com

[christopherhouse]

@Roshan-Kumar-Microsoft - email sent!

[AmrutaKawade]

@13daysaweek sorry this is pretty old issue, just wanted to check did you get resolution?

[christopherhouse]

@AmrutaKawade I don't believe so

[vanmash]

I got the same error today.

Terraform 0.15.3 (also 0.15.4) TerraformTaskV2@2

2021-05-31T11:57:20.4356919Z ##[section]Starting: TerraformTaskV22 2021-05-31T11:57:20.4365141Z ============================================================================== 2021-05-31T11:57:20.4365511Z Task : Terraform 2021-05-31T11:57:20.4365949Z Description : Execute terraform commands to manage resources on AzureRM, Amazon Web Services(AWS) and Google Cloud Platform(GCP) 2021-05-31T11:57:20.4366383Z Version : 2.188.1 2021-05-31T11:57:20.4366672Z Author : Microsoft Corporation 2021-05-31T11:57:20.4367125Z Help : Learn more about this task 2021-05-31T11:57:20.4367544Z ============================================================================== 2021-05-31T11:57:20.5684881Z [command]/opt/hostedtoolcache/terraform/0.15.3/x64/terraform providers 2021-05-31T11:57:21.6014966Z 2021-05-31T11:57:21.6016173Z Providers required by configuration: 2021-05-31T11:57:21.6016758Z . 2021-05-31T11:57:21.6018106Z ├── provider[registry.terraform.io/hashicorp/azurerm] ~> 2.60.0 2021-05-31T11:57:21.6019202Z └── provider[registry.terraform.io/hashicorp/random] 2021-05-31T11:57:21.6019638Z 2021-05-31T11:57:21.6020161Z Providers required by state: 2021-05-31T11:57:21.6020524Z 2021-05-31T11:57:21.6021064Z provider[registry.terraform.io/hashicorp/random] 2021-05-31T11:57:21.6021450Z 2021-05-31T11:57:21.6021989Z provider[registry.terraform.io/hashicorp/azurerm] 2021-05-31T11:57:21.6022375Z 2021-05-31T11:57:21.6031556Z [command]/opt/hostedtoolcache/terraform/0.15.3/x64/terraform validate 2021-05-31T11:57:22.4272903Z ╷ 2021-05-31T11:57:22.4274036Z │ Error: Could not load plugin 2021-05-31T11:57:22.4274772Z │  2021-05-31T11:57:22.4275405Z │  2021-05-31T11:57:22.4276188Z │ Plugin reinitialization required. Please run "terraform init". 2021-05-31T11:57:22.4276887Z │  2021-05-31T11:57:22.4277669Z │ Plugins are external binaries that Terraform uses to access and manipulate 2021-05-31T11:57:22.4278708Z │ resources. The configuration provided requires plugins which can't be 2021-05-31T11:57:22.4279443Z │ located, 2021-05-31T11:57:22.4280243Z │ don't satisfy the version constraints, or are otherwise incompatible. 2021-05-31T11:57:22.4280952Z │  2021-05-31T11:57:22.4281723Z │ Terraform automatically discovers provider requirements from your 2021-05-31T11:57:22.4282907Z │ configuration, including providers used in child modules. To see the 2021-05-31T11:57:22.4283771Z │ requirements and constraints, run "terraform providers". 2021-05-31T11:57:22.4290123Z │  2021-05-31T11:57:22.4290782Z │ 2 problems: 2021-05-31T11:57:22.4291268Z │  2021-05-31T11:57:22.4291920Z │ - failed to instantiate provider "registry.terraform.io/hashicorp/azurerm" 2021-05-31T11:57:22.4292595Z │ to obtain schema: fork/exec 2021-05-31T11:57:22.4293446Z │ .terraform/providers/registry.terraform.io/hashicorp/azurerm/2.60.0/linux_amd64/terraform-provider-azurerm_v2.60.0_x5: 2021-05-31T11:57:22.4294245Z │ permission denied 2021-05-31T11:57:22.4294924Z │ - failed to instantiate provider "registry.terraform.io/hashicorp/random" 2021-05-31T11:57:22.4295588Z │ to obtain schema: fork/exec 2021-05-31T11:57:22.4296435Z │ .terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/linux_amd64/terraform-provider-random_v3.1.0_x5: 2021-05-31T11:57:22.4297168Z │ permission denied 2021-05-31T11:57:22.4297638Z │  2021-05-31T11:57:22.4298066Z ╵ 2021-05-31T11:57:22.4423882Z ##[error]Error: The process '/opt/hostedtoolcache/terraform/0.15.3/x64/terraform' failed with exit code 1 2021-05-31T11:57:22.4438034Z ##[section]Finishing: TerraformTaskV22

[allenvino1]

Same issue here. I mean the workaround could work but maintaining the path for chmod mapping is a problem haha This is quite problematic if you have multiple providers per folder in a single repo.

[vanmash]

The workaround which worked for me was to use Windows based agent

pool:
  vmImage: windows-latest

[p0onage]

Is there any other workarounds available here? I'd prefer not to use a windows based agent because then I'd have to install the Terraform CLI as on Linux based images they come pre-installed. Using chmod means that every change to the RM provider will need explict permissions granting.

[maxall93]

Would also like a workaround, hitting this issue myself. Chmod works but far less than ideal.

[s4ntos]

If someone stumbls in this issue , the solution is not to hack the permissions but to change the pipeline to when the Artifact is being published.

https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/publish-build-artifacts-v1?view=azure-pipelines

By adding the 'StoreAsTar' and setting it to true

I believe with this answer the ticket can be closed