The cloud.terraform
collection houses modules that help in the management and provisioning of infrastructure as code using Terraform CLI tool within Ansible playbooks and Execution Environment runtimes.
cloud.terraform is intended to support similar automation capabilities consistent with other cloud provisioning tool integrations for Ansible such as AWS Cloudformation, Azure Resource Manager and Helm with the added challenge of effectively managing a state file.
This collection requires Ansible Core 2.15 or later and thus Python 3.9 or later.
Name | Description |
---|---|
cloud.terraform.terraform_provider | Builds an inventory from Terraform state file. |
cloud.terraform.terraform_state | Builds an inventory from resources created by cloud providers. |
Name | Description |
---|---|
cloud.terraform.tf_output | Reads state file outputs. |
Name | Description |
---|---|
cloud.terraform.plan_stash | Handle the base64 encoding or decoding of a terraform plan file |
cloud.terraform.terraform | Manages a Terraform deployment (and plans) |
cloud.terraform.terraform_output | Returns Terraform module outputs. |
You can install the cloud.terraform collection with the Ansible Galaxy CLI:
ansible-galaxy collection install cloud.terraform
You can also include it in a requirements.yml
file and install it with ansible-galaxy collection install -r requirements.yml
, using the format:
---
collections:
- name: cloud.terraform
A specific version of the collection can be installed by using the version
keyword in the requirements.yml
file:
---
collections:
- name: cloud.terraform
version: 1.1.0
This collection is intended to support the following use cases:
- Automated create, update and teardown of infrastructure using an existing Terraform plan
- Transparent fetch and store Terraform state file to a remote source
- Read information from an existing Terraform state file
- Fetch Terraform project (plan and var) files from an external source such git with a Role
- Utilizing state files as dynamic inventory source with a Terraform Provider
This collection is not intended to manage the installation, configuration and operation of local developer instances of Terraform. Some of these operations may be possible through the overlap with the scope of this work, but not mean to be explicitly and comprehensively through modules, plugins and documentation support of this collection. This includes:
- Direct manipulation of Terraform state files (mv, rm, import)
- Direct manipulation or generation of Terraform plan files and variable files (fmt)
- Managing Terraform Workspaces
- Console subcommand
- Graph subcommand
You can either call modules by their Fully Qualified Collection Name (FQCN), such as cloud.terraform.terraform
, or you can call modules by their short name if you list the cloud.terraform
collection in the playbook's collections
keyword:
---
- name: Basic deploy of a service
cloud.terraform.terraform:
project_path: '{{ project_dir }}'
state: present
# Inventory built from state file containing AWS, AzureRM and GCP instances
- name: Create inventory from state file containing AWS, AzureRM and GCP instances
plugin: cloud.terraform.terraform_state
backend_type: azurerm
backend_config:
resource_group_name: my-resource-group
storage_account_name: mystorageaccount
container_name: terraformstate
key: inventory.tfstate
# Encode terraform plan file into variable 'stashed_plan'
- name: Encode a terraform plan file into terraform_plan variable
cloud.terraform.plan_stash:
path: /path/to/terraform_plan_file
var_name: stashed_plan
state: stash
no_log: true
# Load terraform plan file from variable 'stashed_plan'
- name: Load a terraform plan file data from variable 'stashed_plan' into file 'tfplan'
cloud.terraform.plan_stash:
path: tfplan
var_name: stashed_plan
state: load
no_log: true
The project uses mypy
and black
.
Black works without special configuration, while mypy
requires a valid package structure.
Assuming this repository is checked out in the proper structure,
e.g. collections_root/ansible_collections/cloud/terraform/
, run:
black --check --diff .
black .
export MYPYPATH="$(realpath "$PWD/../../../")"
mypy -p ansible_collections.cloud.terraform.plugins
Sanity and unit tests are run as normal:
ansible-test sanity
ansible-test units
antsibull-docs lint-collection-docs .
To run integration tests, install terraform
and ensure it is in your PATH
.
If you want to run cloud integration tests, ensure you log in to the clouds:
### using the "default" profile on AWS
aws configure set aws_access_key_id my-access-key
aws configure set aws_secret_access_key my-secret-key
aws configure set region eu-north-1
### Azure login
az login
az account set --subscription <id>
### GCP login
gcloud auth application-default login
gcloud auth application-default set-quota-project <id>
black --check --diff .
MYPYPATH="$(realpath "$PWD/../../../")" mypy -p ansible_collections.cloud.terraform.plugins
ansible-test integration [target] [--exclude aws|azure|gcp]
### Generate docs
ansible-doc --list | grep cloud.terraform | cut -d " " -f 1 | xargs -I {} antsibull-docs plugin --dest-dir docs/ {}
We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against this collection repository. See CONTRIBUTING.md for more details.
For the latest supported versions, refer to the release notes below.
If you encounter issues or have questions, you can submit a support request through the following channels:
- GitHub Issues: Report bugs, request features, or ask questions by opening an issue in the GitHub repository.
See the raw generated changelog.
GNU General Public License v3.0 or later.
See LICENSE to see the full text.