#atlantis (2021-03)
Discuss the Atlantis (<http://runatlantis.io | runatlantis.io>) |
**Archive: ** https://archive.sweetops.com/atlantis/
2021-03-01
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
this may be an idiotic idea but does anyone use atlantis to apply terraform changes to itself?
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
There’s gotta be an XKCD that applies here
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
yeh i thought as much but just wanted to double check
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
No
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
you would be fine on some changes, but cannot lobotomize itself.
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
that sounds accurate
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
Yup, I did that extensively Worked pretty well with the ECS on Fargate Terraform module
![David avatar](https://secure.gravatar.com/avatar/4f47da5c338b83938ce2229dbbd5460f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
I also manage atlantis in terraform/terragrunt. It works pretty well, as when the terraform applies it just updates my autoscaling group, it doesn’t actually kill my old server.
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
@Vlad Ionescu (he/him) i use the ECS on Fargate module as well
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
what module is this?
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
Terraform configurations for running Atlantis on AWS Fargate. Github, Gitlab and BitBucket are supported - terraform-aws-modules/terraform-aws-atlantis
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
![David avatar](https://secure.gravatar.com/avatar/4f47da5c338b83938ce2229dbbd5460f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
It’s a great one. I made some very small edits to turn it into an autoscaling EC2 cluster because I can attach more storage, but I’m not sure if fargate ever got around to allowing over 10gb or not
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
you will be fine until you delete the webhook lol
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
but I did applied Atlantis to Atlantis
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
what happens when you delete the webhook?
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
next apply just will not happen
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
the webbhook ot github app is the way Atlantis know about the changes
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
gotcha
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
yeh we don’t delete them
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
we only add nowadays
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Also, there’s conceivably 2 SDLCs here. There’s the module for atlantis, and the docker image for atlantis.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Our terraform-aws-atlantis
module handles the latter
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
@jose.amengual i just tried to delete a webhook and now my terraform plan
won’t work
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
Error: GET <https://gitlab.com/api/v4/projects/redacted/tf-atlantis/hooks/6610588>: 404 {message: 404 Not found}
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
yes that is because the atlantis user does not have admin rights on the ORG or repo to read and manage webhooks
2021-03-11
![Takan avatar](https://secure.gravatar.com/avatar/4e8a0cf5b5908e2d294170ac754b247c.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
hi all can Atlanstis run compatibility with GCP
![Takan avatar](https://secure.gravatar.com/avatar/4e8a0cf5b5908e2d294170ac754b247c.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
since i just saw examples with AWS
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
2021-03-12
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
is there any reason that the atlantis image does not ship with jq
installed?
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
considering its recommended when using external data sources
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
For the same reason it doesn’t have aws-cli and other tools you may want, they are optional dependencies that not all may need…like, Atlantis / Terraform don’t require jq. I’d recommend wrapping the upstream Atlantis image with your personal wants
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
awscli
i can understand but jq
is recommended for using external data sources
![David avatar](https://secure.gravatar.com/avatar/4f47da5c338b83938ce2229dbbd5460f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
How is the beta release going? Is there an estimate on when 0.17.0 will be official?
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
I’d hazard a guess that most users are not using external data sources, and they don’t need jq.
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
external data sources are a last resort escape hatch, not to be used lightly
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i completely agree with what your saying
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
Altlantis is not a Build too so we keep it at small and concise as possible
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
it is very easy to wrap it around and build your own image
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
if we add thing to it we will end up with PRs to update X or Y which adds more work
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
@jose.amengual quick question re https://github.com/runatlantis/atlantis/pull/1317 - does it need to go in the server side config? or if we allow repo level config, we can stick in there?
This PR adds policy check workflow into atlantis. It uses conftest to execute policies. At the moment you can only define policies locally and configure them in the server side config. How it works…
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
I think this is all repo config, there is a PR for docs you can check
This PR adds policy check workflow into atlantis. It uses conftest to execute policies. At the moment you can only define policies locally and configure them in the server side config. How it works…
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Cool, ta
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i can’t wait for this to arrive its going to be
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Are you using OPA/conftest @Steve Wade (swade1987)?
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
yes we use it lots
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
both in CI for our k8s repos as well as inside k8s using gatekeeper
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
What kinda things for? Anything particularly interesting? We’ve got allowed actions on resource types check, i.e cannot delete a production DDB, checking expected tags are all set on all taggable resources, make sure IAM roles have permissions_boundaries attached…
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Contribute to Scalr/sample-tf-opa-policies development by creating an account on GitHub.
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i wrote and maintain https://github.com/swade1987/deprek8ion
Rego policies to monitor Kubernetes APIs deprecations. - swade1987/deprek8ion
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Sweet, makes sense
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
we have a few more at work but they are all private repos
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Aye
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
@jose.amengual did you say before that their was a PR to stream the output of the terraform apply to the PR?
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
there was yes
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i found it its still a PR
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
but we can’t get people to work on it
2021-03-15
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
Does anyone know how to put SSO in front of Atlantis (I’m using the fargate tf module)
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
you can use okta and the application load balancer’s oidc args
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
the fargate tf module allows inputting those oidc params
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
Terraform configurations for running Atlantis on AWS Fargate. Github, Gitlab and BitBucket are supported - terraform-aws-modules/terraform-aws-atlantis
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
We have an XML file for azure SSO we can leverage that?
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
looks like it’s possible https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
Build web applications by using the Microsoft identity platform implementation of the OpenID Connect authentication protocol.
2021-03-22
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
how seamless is it to hook intracost into your atlantis workflow?
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i know someone is doing it but can’t remember who
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
couldnt you just add it to your dockerfile ?
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
then run it ?
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i didn’t know if https://github.com/infracost/infracost/issues/81#issuecomment-760284137 is the recommended way to do it
Users who want to make IaC CI/CD easier and want to use Atlantis would find this addition very useful. https://www.runatlantis.io/ https://github.com/runatlantis/atlantis
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
that person is basically installing it in their docker image and creating a new workflow that runs infracost
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
that’s probably the only way to do it
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
¯_(ツ)_/¯
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
well… from the bottom comment it looks like this is the best way https://github.com/infracost/infracost-atlantis/
Atlantis integration for Infracost. Shows cloud cost estimates for Terraform in pull requests. - infracost/infracost-atlantis
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
this is the recommended way
Atlantis integration for Infracost. Shows cloud cost estimates for Terraform in pull requests. - infracost/infracost-atlantis
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
is there a way in atlantis (using gitlab) to do execute a plan until all other jobs have completed?
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
we are getting in a situation where atlantis is trying to auto merge when our pre-commit CI job is still running
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
I never enabled automerge before
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
maybe thats my issue
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
I do not know gitlab that well but in github you can do approvers list etc to that requires someone to approve before is merged
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
yeh we have that
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
i think the issue might be the auto merge
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
it could be
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Make your precommit check required before merging
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Then it’s impossible to merge while it is running
2021-03-26
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
How are people handling the tf lock file with 0.14 release with Atlantis?
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
i added it to my gitignore
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
That works @loren was talking to me about terraform-bundle as well as an option
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
Can 0.14 read 0.13 state and vice versa?
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
tf lock files get commited to source control, terragrunt bubbles them up, so just add as we go
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Have been bitten by a few surprises before
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
0.14 can read 0.13, not the other way around
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
0.14 forward should be backwards compat IIRC
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
(although they may have backported)
![Steve Wade (swade1987) avatar](https://avatars.slack-edge.com/2022-12-08/4499411930625_2768e5fdceec550e6669_72.jpg)
The issue with the lock files is we don’t want to (plus we won’t remember to) run terraform init constantly for each directory
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Also keep in mind that the lock files are architecture dependent
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
(I see developers running terraform on their Mac workstations and subsequently committing these files, which has no impact since Atlantis is usually running on Linux). Of course using geodesic locally would mitigate that :-)
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
Good luck I’m running a beast these days (also running from Docker so)
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
![joshmyers avatar](https://avatars.slack-edge.com/2018-11-20/483958217281_8117d6f6c62807ce9912_72.jpg)
![tomv avatar](https://secure.gravatar.com/avatar/44a7bbeb9f6711e508a0141d8b365470.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0019-72.png)
terraform providers lock -platform=windows_amd64 -platform=darwin_amd64 -platform=linux_amd64
will generate a lock file for all 3 platforms