I have terraform code that deploy the simple storage account or VM using ci/cd pipeline, in my pipeline im trying to get the cost for the resources which are going to deploy i have downloaded the extension for infracost to get the resources cost and i need the resources list along with cost before terraform apply. Up to terraform plan it got executed successfully tfplan file also created but terraform show I'm getting as

│ Error: Failed to load plugin schemas
│ Error while loading schemas for plugin components: Failed to obtain
│ provider schema: Could not load the schema for provider
│ registry.terraform.io/hashicorp/azurerm: failed to instantiate provider
│ "registry.terraform.io/hashicorp/azurerm" to obtain schema: unavailable
│ provider "registry.terraform.io/hashicorp/azurerm".

even though tfplan file is exists below is my code for CI/CD and terraform code

trigger: none
  
pool:
  vmImage: 'ubuntu-latest'  

variables:
  - group: GenAISecrets

parameters:
- name: OrderID
  displayName: Please Provide the id:-
  type: object

stages:
  - stage: InitializeAndValidate
    displayName: "Terraform Validate and Plan"
    jobs:
      - job: terraform_plan
        displayName: "Terraform Validate and Plan Job"
        steps:
           
          # Step 1: Install Terraform
          - task: TerraformInstaller@0
            inputs:
              terraformVersion: 'latest'

          # Step 2: Initialize Terraform with Backend Configuration
          - task: TerraformTaskV3@3
            displayName: "Terraform Init"
            inputs:
              provider: 'azurerm'
              command: 'init'
              workingDirectory: 'terraform'
              backendServiceArm: 'TEST'
              backendAzureRmResourceGroupName: $(ResourceGroup)
              backendAzureRmStorageAccountName: $(StorageAccount)
              backendAzureRmContainerName: $(Container)
              backendAzureRmKey: '${{ parameters.OrderID }}.tfstate'          

          # Step 3: Terraform Validate to Check Configuration Files
          - task: TerraformTaskV3@3
            displayName: "Terraform Validate"
            inputs:
              provider: 'azurerm'
              command: 'validate'
              
          - task: TerraformTaskV3@3
            displayName: "Terraform Plan"
            inputs:
              provider: 'azurerm'
              command: 'plan'
              workingDirectory: 'terraform'
              environmentServiceNameAzureRM: 'TEST'
              commandOptions: '-var-file=terraform.tfvars -out=$(System.DefaultWorkingDirectory)/tfplan'

          - script: |
              terraform show -json $(System.DefaultWorkingDirectory)/tfplan > planned_resources.json      ##facing error here
            displayName: "Export Planned Resources to JSON"

          
          # Step 4: Infracost Cost Estimation 
          - task: InfracostSetup@2
            displayName: "Estimate Costs with Infracost"
            inputs:
              planPath: "$(System.DefaultWorkingDirectory)/tfplan"  # Path to the Terraform plan
              usageFile: "infracost-usage.yml"  
              apiKey: $(infracostApiKey)      # API Key from Azure DevOps secrets
              outputFormat: "json"             # Output format (e.g., json, table, etc.)
              outputPath: "$(System.DefaultWorkingDirectory)/infracost.json"

          - script: |
              echo "Files after terraform plan:"
              ls -al
            displayName: "List Files After Plan"

          # Step 6: Publish Cost Estimation Artifact
          - task: PublishPipelineArtifact@1
            inputs:
              targetPath: "$(System.DefaultWorkingDirectory)/infracost.json"
              artifactName: "CostEstimation"
              publishLocation: "pipeline"
            displayName: "Publish Cost Estimation"    

# main.tf

resource "azurerm_resource_group" "storage_rg" {
  name     = var.resource_group_name
  location = var.region
}

resource "azurerm_storage_account" "storage_account" {
  name                     = var.storage_account_name
  resource_group_name      = azurerm_resource_group.storage_rg.name
  location                 = azurerm_resource_group.storage_rg.location
  account_tier            = "Standard"
  account_replication_type = "LRS"
}

# provider.tf

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">=4.6.0"
    }
  }

  backend "azurerm" {}
}

provider "azurerm" {
  use_oidc = true
  features {}
}

# variable.tf

variable "region" {
  description = "The Azure region to deploy resources."
  type        = string
}

variable "resource_group_name" {
  description = "The name of the resource group."
  type        = string
}

variable "storage_account_name" {
  description = "The name of the storage account."
  type        = string
  validation {
    condition     = length(var.storage_account_name) >= 3 && length(var.storage_account_name) <= 24
    error_message = "Storage account name must be between 3 and 24 characters long and contain only lowercase letters and numbers."
  }
}

what is the issue here. Please assist me to resolve this. when i tried and tested locally it worked but in pipeline unable to get the terraform show and cost.

I have terraform code that deploy the simple storage account or VM using ci/cd pipeline, in my pipeline im trying to get the cost for the resources which are going to deploy i have downloaded the extension for infracost to get the resources cost and i need the resources list along with cost before terraform apply. Up to terraform plan it got executed successfully tfplan file also created but terraform show I'm getting as

│ Error: Failed to load plugin schemas
│ Error while loading schemas for plugin components: Failed to obtain
│ provider schema: Could not load the schema for provider
│ registry.terraform.io/hashicorp/azurerm: failed to instantiate provider
│ "registry.terraform.io/hashicorp/azurerm" to obtain schema: unavailable
│ provider "registry.terraform.io/hashicorp/azurerm".

even though tfplan file is exists below is my code for CI/CD and terraform code

trigger: none
  
pool:
  vmImage: 'ubuntu-latest'  

variables:
  - group: GenAISecrets

parameters:
- name: OrderID
  displayName: Please Provide the id:-
  type: object

stages:
  - stage: InitializeAndValidate
    displayName: "Terraform Validate and Plan"
    jobs:
      - job: terraform_plan
        displayName: "Terraform Validate and Plan Job"
        steps:
           
          # Step 1: Install Terraform
          - task: TerraformInstaller@0
            inputs:
              terraformVersion: 'latest'

          # Step 2: Initialize Terraform with Backend Configuration
          - task: TerraformTaskV3@3
            displayName: "Terraform Init"
            inputs:
              provider: 'azurerm'
              command: 'init'
              workingDirectory: 'terraform'
              backendServiceArm: 'TEST'
              backendAzureRmResourceGroupName: $(ResourceGroup)
              backendAzureRmStorageAccountName: $(StorageAccount)
              backendAzureRmContainerName: $(Container)
              backendAzureRmKey: '${{ parameters.OrderID }}.tfstate'          

          # Step 3: Terraform Validate to Check Configuration Files
          - task: TerraformTaskV3@3
            displayName: "Terraform Validate"
            inputs:
              provider: 'azurerm'
              command: 'validate'
              
          - task: TerraformTaskV3@3
            displayName: "Terraform Plan"
            inputs:
              provider: 'azurerm'
              command: 'plan'
              workingDirectory: 'terraform'
              environmentServiceNameAzureRM: 'TEST'
              commandOptions: '-var-file=terraform.tfvars -out=$(System.DefaultWorkingDirectory)/tfplan'

          - script: |
              terraform show -json $(System.DefaultWorkingDirectory)/tfplan > planned_resources.json      ##facing error here
            displayName: "Export Planned Resources to JSON"

          
          # Step 4: Infracost Cost Estimation 
          - task: InfracostSetup@2
            displayName: "Estimate Costs with Infracost"
            inputs:
              planPath: "$(System.DefaultWorkingDirectory)/tfplan"  # Path to the Terraform plan
              usageFile: "infracost-usage.yml"  
              apiKey: $(infracostApiKey)      # API Key from Azure DevOps secrets
              outputFormat: "json"             # Output format (e.g., json, table, etc.)
              outputPath: "$(System.DefaultWorkingDirectory)/infracost.json"

          - script: |
              echo "Files after terraform plan:"
              ls -al
            displayName: "List Files After Plan"

          # Step 6: Publish Cost Estimation Artifact
          - task: PublishPipelineArtifact@1
            inputs:
              targetPath: "$(System.DefaultWorkingDirectory)/infracost.json"
              artifactName: "CostEstimation"
              publishLocation: "pipeline"
            displayName: "Publish Cost Estimation"    

# main.tf

resource "azurerm_resource_group" "storage_rg" {
  name     = var.resource_group_name
  location = var.region
}

resource "azurerm_storage_account" "storage_account" {
  name                     = var.storage_account_name
  resource_group_name      = azurerm_resource_group.storage_rg.name
  location                 = azurerm_resource_group.storage_rg.location
  account_tier            = "Standard"
  account_replication_type = "LRS"
}

# provider.tf

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">=4.6.0"
    }
  }

  backend "azurerm" {}
}

provider "azurerm" {
  use_oidc = true
  features {}
}

# variable.tf

variable "region" {
  description = "The Azure region to deploy resources."
  type        = string
}

variable "resource_group_name" {
  description = "The name of the resource group."
  type        = string
}

variable "storage_account_name" {
  description = "The name of the storage account."
  type        = string
  validation {
    condition     = length(var.storage_account_name) >= 3 && length(var.storage_account_name) <= 24
    error_message = "Storage account name must be between 3 and 24 characters long and contain only lowercase letters and numbers."
  }
}

what is the issue here. Please assist me to resolve this. when i tried and tested locally it worked but in pipeline unable to get the terraform show and cost.

• azure-devops
• terraform
• azure-pipelines
• terraform-provider-azure

• You mentioned "when i tried and tested locally it worked", if you set up a self-hosted agent on the local machine to run the pipeline, does it work? @User – Bright Ran-MSFT Commented Nov 20, 2024 at 6:48
• What is the version of Terraform installed on your local machine? @User – Bright Ran-MSFT Commented Nov 20, 2024 at 6:52
• Terraform v1.7.5 , i just tested the terraform script with the init,plan and show on the local machine not the pipeline @Bright Ran- MSFT – User Commented Nov 20, 2024 at 6:56
• The a self-hosted agent on your local machine as possible. If using self-hosted agent, you can disable the TerraformInstaller task as Terraform has been installed on the agent machine. @User – Bright Ran-MSFT Commented Nov 20, 2024 at 7:00
• If you use the Microsoft-hosted agent, on the TerraformInstaller task, specify 1.7.5 as the version to installed. then check if the pipeline can work? @User – Bright Ran-MSFT Commented Nov 20, 2024 at 7:02

1 Answer 1

@User, using the latest terraform version in your pipeline, simply means you are upgrading from local terraform version of 1.7.5 to latest version, which is 1.9.8 as of today. You will also need to pass the -upgrade flag in your terraform init command. Without this, initialization fails to upgrade or detect corrupt cached providers.

If you don’t want to upgrade, use the same Terraform version as your local environment, to avoid compatibility issues.

- task: TerraformInstaller@0
  inputs:
    terraformVersion: '1.7.5'

If the upgrade is needed, you will need to add the -upgrade flag to your init task, to fix the compatibility issues.

- task: TerraformTaskV3@3
  displayName: "Terraform Init"
  inputs:
    provider: 'azurerm'
    command: 'init'
    workingDirectory: 'terraform'
    backendServiceArm: 'TEST'
    backendAzureRmResourceGroupName: $(ResourceGroup)
    backendAzureRmStorageAccountName: $(StorageAccount)
    backendAzureRmContainerName: $(Container)
    backendAzureRmKey: '${{ parameters.OrderID }}.tfstate'
    additionalArguments: '-upgrade'

You can also delete the .terraform directory and lock file and add them to your .gitignore file, if you are yet to do this, as this is standard practice to avoid interference with cached plugins. See Sample Terraform .gitignore file