Error when approaching the Apply Terraform Plan step in AzureDevops pipeline
Apply Terraform Plan

View raw log

Description : Execute terraform commands to manage resources on AzureRM, Amazon Web Services(AWS) and Google Cloud Platform(GCP). v4.241.11
Version : 4.241.26
Author : Microsoft Corporation
Help : Learn more about this task

/usr/local/bin/terraform providers

Providers required by configuration:
.
└── provider[registry.terraform.io/hashicorp/azurerm] ~> 3.0

Providers required by state:

provider[registry.terraform.io/hashicorp/azurerm]

/usr/local/bin/terraform apply -auto-approve main.tfplan

Error: Error acquiring the state lock
Error message: state blob is already locked

Lock Info:

• ID: *****************
• Path: tfstate/terraform.tfstate
• Operation: OperationTypePlan
• Who: ***********
• Version: 1.9.2
• Created: 2024-07-21 10:50:54.379042651 +0000 UTC

Info:
Terraform acquires a state lock to protect the state from being written
by multiple users at the same time. Please resolve the issue above and try
again. For most commands, you can disable locking with the “-lock=false”
flag, but this is not recommended.

[error]Error: The process ‘/usr/local/bin/terraform’ failed with exit code 1
Finishing: Apply Terraform Plan

Full ADO yaml pipeand terraform files are available in Github public repo

https://github.com/jmlp1/JMA-AZURE/

terraform-pipelines.yml

Terraform Init and Plan run without issues, when trying to apply the lock appears.

It’s possible to see the lock file in Azure Vault when the plan it’s running. Would like to avoid maually breaking the lease in azure blob storage

  - task: TerraformTaskV4@4
    displayName: "Terraform Init"
    inputs:
      command: 'init'
      workingDirectory: '$(System.DefaultWorkingDirectory)'     
      backendType: 'azurerm'           
      backendServiceArm: '$(TF_VAR_azureSubscription)'
      backendAzureRmResourceGroupName: '$(TF_VAR_azurerm_resource_group)'
      backendAzureRmStorageAccountName: '$(TF_VAR_azurerm_stgaccount)'      
      backendAzureRmContainerName: '$(TF_VAR_azurerm_containername)'
      backendAzureRmKey: 'terraform.tfstate'  

  - task: TerraformTaskV4@4
    displayName: Create Terraform Plan
    inputs:
      provider: 'azurerm'
      command: 'plan'
      workingDirectory: '$(System.DefaultWorkingDirectory)'
      commandOptions: '-lock=false -out=main.tfplan'
      environmentServiceNameAzureRM: '$(TF_VAR_azureSubscription)'
  
  # Only runs if the 'terraformPlan' task has detected changes the in state. 
  - task: TerraformTaskV4@4
    displayName: Apply Terraform Plan
    inputs:
      provider: 'azurerm'
      command: 'apply'
      workingDirectory: '$(System.DefaultWorkingDirectory)'
      commandOptions: 'main.tfplan'
      environmentServiceNameAzureRM: '$(TF_VAR_azureSubscription)'