terraform-resource icon indicating copy to clipboard operation
terraform-resource copied to clipboard

Published 20 hours ago verified publisher icon ljfranklin

New releases required because of "openpgp: signature made by unknown entity." error

Open sdurrheimer opened this issue 3 years ago • 3 comments

Terraform changed their PGP HC Public key which makes provider download failing on older terraform versions.

Could you release new docker images for the following versions containing the new key:

  • 0.11.15
  • 0.12.31
  • 0.13.7
  • 0.14.11

The error encountered:

Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...

Error installing provider "aws": openpgp: signature made by unknown entity.

Terraform analyses the configuration and state and automatically downloads
plugins for the providers used. However, when attempting to download this
plugin an unexpected error occured.

This may be caused if for some reason Terraform is unable to reach the
plugin repository. The repository may be unreachable if access is blocked
by a firewall.

sdurrheimer avatar May 04 '21 08:05 sdurrheimer

Unfortunately I don't have the CI plumping in place to release hotfixes to old versions. I don't think a need has come up before since Terraform hasn't reached 1.0 yet so there haven't been any LTS concerns.

I'm leaning towards not updating the old releases as a nudge towards getting folks to update to latest. If you absolutely need to stay on an old version, you can build your own Docker image starting with FROM ljfranklin/terraform-resource:0.14.10 and replace the /usr/local/bin/terraform executable with the 0.14.11 version.

ljfranklin avatar May 04 '21 10:05 ljfranklin

We have able to build new images ourselves for now using your build-image script in order to unblock our customers. We opened this issue have we thought probably other users might benefit from having those new versions available on the upstream repository.

Upgrading to 0.15.1 would have been a valid technical solution, yes, but not everyone has that time and time is money with customers.

So we will keep our images until those projects can be upgraded, I guess :slightly_smiling_face:

sdurrheimer avatar May 05 '21 10:05 sdurrheimer

We hit this issue as well.

We might end up doing what @sdurrheimer did, or something else.

Thought I'd share as another data point.

Also sharing this blog post from Hashicorp with more details about the issue.

dlresende avatar Jul 26 '21 16:07 dlresende