andrelohmann.terrahelper

Panoramica Versioni Approfondimenti

terrahelper

Build Status

terrahelper combines Terraform and terrahelp best practices for small teams.

Best Practices:

  • Create a repository for your Terraform template files.
  • Create a repository for your Terraform state.
  • Keep the state separate from the Terraform templates folder (that's why you need the second repository).

Workflow:

  1. Create or edit your templates.
  2. Check out the latest state from the state repository.
  3. Decrypt the state using terrahelp and your state secret.
  4. Run terraform plan and terraform apply.
  5. Encrypt the new state using terrahelp.
  6. Commit the new state to the state repository.

Requirements

This role requires Ubuntu.

Example Playbook

- hosts: terrahelper
  roles:
    - { role: andrelohmann.terraform }
    - { role: andrelohmann.terrahelp }
    - { role: andrelohmann.terrahelper }

Usage

terrahelper manages the steps to encrypt and decrypt the Terraform state along with the necessary Terraform commands to initialize, plan, apply, and destroy your stack.

You need a state secret for encrypting and decrypting the Terraform state, along with two separate repositories (one for the templates and one for the state).

Run terrahelper just like you usually run the Terraform command from your Terraform templates directory.

Usage: 

terrahelper init | plan | apply | destroy | output 
[-s | --statesecret __SECRET__] 
[-d | --statedirectory __STATEDIRECTORY__] 
[-f | --statefile terraform.tfstate] 
[-b | --statefilebackup terraform.tfstate.backup] 
[-e | --echo] 
[-h | --help] 
[any Terraform parameters]

If the following environment variables are set, the respective parameters are not needed:

  • TH_SECRET: terrahelp secret used for encryption/decryption of the state.
  • TH_STATE_DIRECTORY: path (absolute or relative from the Terraform templates directory) to the Terraform state directory.
  • TH_STATE_FILE: Terraform state file (defaults to terraform.tfstate).
  • TH_STATE_FILE_BACKUP: Backup for the Terraform state file (defaults to terraform.tfstate.backup).

You can also add any specific Terraform command parameters to the end, and they will be included in the Terraform command.

License

MIT

Author Information

andrelohmann on GitHub

Informazioni sul progetto

ansible galaxy role to wrap a terraform best practice, that uses a separate state repository, that is encrypted by terrahelp.

role terraform terrahelp terrahelper
Installa
ansible-galaxy install andrelohmann.terrahelper
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
187
Proprietario