Use Custom or Community Providers in Terraform Enterprise or HCP Terraform When Github is Blocked

Avatar
Jacob McSwain
  • Updated

Problem

When Terraform Enterprise or HCP Terraform agents and servers operate in an environment where access to github.com is blocked, they are unable to download custom or community providers from the public Terraform Registry. This article provides several solutions to enable the use of these providers in such restricted environments.

Solutions

Solution 1: Configure a Provider Network Mirror

You can configure a provider network mirror that is accessible to your Terraform Enterprise servers or HCP Terraform agents. For Terraform Enterprise, you can create a custom worker image with a CLI configuration file that references this mirror.

You can find details on creating a provider network mirror in the Provider Network Mirror Protocol documentation. The terraform providers mirror command helps copy all active providers to the required directory structure. After serving this directory with SSL, any Terraform run that includes a network_mirror block in its configuration will search the mirror instead of the public registry.

Solution 2: Use the Built-in Private Registry

You can use the private registry feature available in Terraform Enterprise and HCP Terraform. This approach requires you to upload the provider build artifacts manually via the API. Once uploaded, you can reference the custom providers in your workspace configuration.

This method offers a straightforward way to manage custom providers without needing to include the binary directly in your configuration. For detailed instructions, refer to the documentation on publishing providers to the private registry.

Solution 3: Include the Provider Binary in the Configuration

You can include the Terraform provider binary directly within your version-controlled configuration. Place the binary at a relative path from the root of the working directory, such as terraform.d/plugins/linux_amd64/<PROVIDER NAME>. Alternatively, you can use a Git submodule to manage the binary.

This option allows you to use custom and community providers with Terraform by packaging them with your configuration code. For more details on this approach, refer to the guide on Using custom and community providers in HCP Terraform and Terraform Enterprise.

Additional Information

For more information on using custom and community providers, refer to the Private Registry documentation.

Articles in this section

See more

Related articles