Description
When using Terraform's S3 backend with STACKIT Object Storage and use_lockfile = true, concurrent terraform apply operations against the same state file are not reliably blocked.
During testing, two parallel terraform apply processes were started against the same remote state key. Both operations were able to proceed and create resources, resulting in duplicate infrastructure even though only a single resource was defined in the Terraform configuration.
Additionally, Terraform reported lock-related errors during lock release.
This behavior can lead to state inconsistencies and orphaned resources.
Steps to reproduce
terraform {
backend "s3" {
bucket = "<bucket>"
key = "<state-key>"
use_lockfile = true
endpoints = {
s3 = "https://object.storage.eu01.onstackit.cloud"
}
}
}
resource "stackit_xxx" "example" {
# resource configuration
}
- Configure Terraform to use STACKIT Object Storage as an S3 backend with use_lockfile = true.
- Create a Terraform configuration containing a resource managed by the STACKIT provider.
- Start two terraform apply operations simultaneously against the same remote state key.
- Wait for both operations to complete.
Actual behavior
- Terraform generates lock information and lock IDs.
- Both terraform apply operations proceed concurrently instead of one being blocked by the lock.
- Both applies successfully create resources in STACKIT.
- Duplicate resources are created although only a single resource is defined in the Terraform configuration.
- Lock-related errors are reported, for example:
- lock ID '' does not match the existing lock ID ''
- After completion, only one of the created resources is present in the Terraform state.
- The second resource remains orphaned and unmanaged by Terraform.
Expected behavior
- The first terraform apply acquires the lock.
- The second terraform apply waits until the lock is released or fails with a lock acquisition error.
- Only one apply operation can modify the state at a time.
- No duplicate resources are created.
- No lock consistency errors occur.
Environment
- OS:
- Terraform version (see
terraform --version): v1.15.3
- Version of the STACKIT Terraform provider:
v0.71.0
Additional information
We are unsure whether this is expected behavior, a limitation of Terraform's use_lockfile implementation, or an incompatibility with STACKIT Object Storage. We would appreciate clarification on whether S3 lockfiles are officially supported and whether additional configuration is required for reliable state locking.
Description
When using Terraform's S3 backend with STACKIT Object Storage and use_lockfile = true, concurrent terraform apply operations against the same state file are not reliably blocked.
During testing, two parallel terraform apply processes were started against the same remote state key. Both operations were able to proceed and create resources, resulting in duplicate infrastructure even though only a single resource was defined in the Terraform configuration.
Additionally, Terraform reported lock-related errors during lock release.
This behavior can lead to state inconsistencies and orphaned resources.
Steps to reproduce
Actual behavior
Expected behavior
Environment
terraform --version):v1.15.3v0.71.0Additional information
We are unsure whether this is expected behavior, a limitation of Terraform's use_lockfile implementation, or an incompatibility with STACKIT Object Storage. We would appreciate clarification on whether S3 lockfiles are officially supported and whether additional configuration is required for reliable state locking.