Skip to content

archive_file produces different results on different OSs #467

New issue
New issue
Open
Open
archive_file produces different results on different OSs#467
Labels
bug
@dangbert

Description

@dangbert
dangbert
opened on Nov 4, 2025

Terraform CLI and Provider Versions

Terraform v1.13.4
on linux_amd64

  • provider registry.terraform.io/auth0/auth0 v1.29.0
  • provider registry.terraform.io/cloudflare/cloudflare v5.10.0
  • provider registry.terraform.io/elastic/ec v0.9.0
  • provider registry.terraform.io/hashicorp/archive v2.7.1
  • provider registry.terraform.io/hashicorp/aws v6.13.0
  • provider registry.terraform.io/hashicorp/local v2.5.3
  • provider registry.terraform.io/hashicorp/tls v4.1.0

Terraform Configuration

data "archive_file" "zip" {
    type        = "zip"
    source_file = "${var.source_code_path}"
    output_path = "zip/${basename(var.source_code_path)}.zip"
}

resource "aws_lambda_function" "fn" {
    filename = "${data.archive_file.zip.output_path}"
    source_code_hash = "${data.archive_file.zip.output_base64sha256}"
    function_name = "${var.function_name}"
    role = "${aws_iam_role.role.arn}"
    handler = "${var.handler_name == "" ? "${replace("${basename(var.source_code_path)}",".py","")}.lambda_handler" : var.handler_name}"
    runtime = "python3.6"
    timeout = "${var.timeout}"

    environment {
        variables = "${var.env_vars}"
    }
}

Expected Behavior

The value of data.archive_file.zip.output_base64sha256 should be deterministic (in the same way the sha256 command is) regardless of which OS version is present on the host machine.

Actual Behavior

Across my team, we see this value changing and triggering an update to the code of our lambda function on aws, even when the (version controlled) source code for the lambda hasn't changed.

This thread explains the same issue we encounter https://stackoverflow.com/q/52662244/5500073

Steps to Reproduce

  1. terraform apply

  2. Repeat on a different flavor of linux (it's a bit unclear which versions specifically cause this problem)

How much impact is this issue causing?

Low

Logs

No response

Additional Information

reopening this issue that was closed too early #34

This has been an annoying issue which is naturally confusing to explain to the developers on the team that they can effectively ignore this noise in their terraform plan. But at the same time this builds a bad habit of assuming that the lambda function isn't really being updated when in fact we should be attentive to unexpected changes.

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions