terraform icon indicating copy to clipboard operation
terraform copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

CLI option to display outdated providers

Open acdha opened this issue 4 years ago • 4 comments

Terraform recommends pinning versions but there's no UI to automate the process of identifying providers which are not the latest version. It would be nice if there was an easy CLI way to display old versions — perhaps terraform providers badging old versions — or, more ambitiously, a command which could generate a versions.tf file which has the latest version numbers which can satisfy your current modules' constraints.

acdha avatar Nov 13 '20 21:11 acdha

Hi @acdha,

The forthcoming v0.14.0 release is going to have a new mechanism for tracking dependencies so that you will no longer need to manually pin specific versions of providers. Instead, you can just record the minimum version of each provider that each module requires and Terraform will automatically track the current selected versions in the new lock file.

I think this mechanism would provide something similar to your second suggestion here: by default terraform init would always select the same versions it selected last time, by referring to the lock file. But you could choose to run terraform init -upgrade to ask Terraform to look for newer versions that match the constraints, in which case it will update the lock file to refer to those. You can look at the changes to the lock file using your version control system to see if any providers were upgraded.

Do you think that will address the situation that you've encountered? If you'd like to give it a try to find out (on a test configuration, not in production), you could try Terraform v0.14.0-rc1 which contains the new dependency lock mechanism. (The final v0.14.0 release is expected in a few weeks, once there's been some time to test and give feedback on the release candidate.)

apparentlymart avatar Nov 14 '20 00:11 apparentlymart

I've been using Terraform 0.14 and the lock file approach is working really well — thanks! The only gap in functionality here is having some way to display outdated providers without actually running the upgrade, but I'm not sure how necessary that is — the most useful scenario I'd have would be something like a CI task which would tell you when you have updates pending without downloading the provider binaries.

acdha avatar Dec 16 '20 03:12 acdha

Hey @apparentlymart, I too would to be able to find out outdated providers.

I'm thinking something like npm outdated would be quite helpful.

$ npm outdated
Package      Current   Wanted   Latest
glob          5.0.15   5.0.15    6.0.1
npm            3.5.1    3.5.2    3.5.1
  • Current is installed version
  • Wanted is the highest possible version given the constraints
  • Latest is the latest possible version for this package

So in a terraform world, it could be:

$ terraform outdated-providers
Provider      Constraint  Current   Wanted   Latest
azurerm       ~> 2.0      2.70.0    2.75.0    2.75.0
random        = 3.0.0     3.0.0     3.0.0     3.1.0

josh-barker avatar Sep 03 '21 01:09 josh-barker

Any update on this?

Bernix01 avatar Oct 21 '22 16:10 Bernix01

@Bernix01 No updates on this issue at this time. Please leave an upvote on the original description, we do use those to help prioritize feature requests.

crw avatar Nov 03 '22 01:11 crw