Terraform
Awesome terraform Why terraform
Install
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo tee /etc/apt/trusted.gpg.d/hashicorp.asc
sudo apt-add-repository \
"deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt install terraform
Completion:
terraform -install-autocomplete
Usage
terraform apply -auto-approve
Debug:
OS_DEBUG=1 TF_LOG=DEBUG terraform apply -auto-approve
updating provider versions
find . -name versions.tf -exec sed -i 's/1.22.3/1.22.7/' {} \;
Add provider versions to each submodule
git grep -l gitlabhq/gitlab | xargs -n 1 sed -i '/"gitlabhq\/gitlab"/a \ version = "16.3.0"'
Initialize all
find . -type d -name .terraform -exec terraform -chdir={}/.. init -upgrade \
or
for i in infrastructure infrastructure/* global environments/*/* kubernetes kubernetes/* ;\
do echo $i; terraform init -upgrade $i; done
Remove all .terraform dirs
find . -type f -name .terraform.lock.hcl -exec rm {} \; && find . -type d -name .terraform -exec rm -rf {} \;
Terraform state
tf state list
tf state show 'google_compute_instance.legacy_vm["ofts105-3"]'
Style
Linting
terraform validateisn't able to catch invalid resources like aws instance type, buttflintis i.e.
tflint
Debug mode:
TFLINT_LOG=debug tflint
Issues:
- When used in pre-commit, there's no indication about the file location Output directory tflint is executed from
- Tflint searched for config files in the current directory, then for a global
one (
~/.tflint.hcl), but not in the root of the git repo i.e. When there is no global config file, the default config is used for tflint when executed in a subdir i.e., or even when used astflint --recursive --module.
Vim integration
- vim-terraform plugin
- ALE supports:
terraform fmttflint- FR for better terraform linting support
- FR for terraform-ls
- Official terraform-ls
- terraform-lsp
Additional tools
- terragrunt
- tfsec
brew install tfsec - checkov
pipx install checkov terraform-docs- tfupdate:
Update version constraints in your Terraform configurations