The TLS provider provides utilities for working with Transport Layer Security keys and certificates. It provides resources that allow private keys, certificates and certificate requests to be created as part of a Terraform deployment.
Official documentation on how to use this provider can be found on the Terraform Registry. In case of specific questions or discussions, please use the HashiCorp Terraform Providers Discuss forums, in accordance with HashiCorp Community Guidelines.
We also provide:
- Support page for help when using the provider
- Contributing guidelines in case you want to help this project
- Design documentation to understand the scope and maintenance decisions
The remainder of this document will focus on the development aspects of the provider.
Compatibility table between this provider, the Terraform Plugin Protocol version it implements, and Terraform:
TLS Provider | Terraform Plugin Protocol | Terraform |
---|---|---|
>= 4.x |
5 |
>= 0.12 |
>= 3.x |
5 |
>= 0.12 |
>= 2.x |
4 and 5 |
<= 0.12 |
>= 0.x |
4 |
<= 0.11 |
Details can be found querying the Registry API that return all the details about which version are currently available for a particular provider. Here are the details for TLS (JSON response).
- Terraform
- Go (1.22)
- GNU Make
- golangci-lint (optional)
git clone
this repository andcd
into its directorymake
will trigger the Golang build
The provided GNUmakefile
defines additional commands generally useful during development,
like for running tests, generating documentation, code formatting and linting.
Taking a look at it's content is recommended.
In order to test the provider, you can run
make test
to run provider testsmake testacc
to run provider acceptance tests
It's important to note that acceptance tests (testacc
) will actually spawn
terraform
and the provider. Read more about they work on the
official page.
This provider uses terraform-plugin-docs
to generate documentation and store it in the docs/
directory.
Once a release is cut, the Terraform Registry will download the documentation from docs/
and associate it with the release version. Read more about how this works on the
official page.
Use make generate
to ensure the documentation is regenerated with any changes.
If running tests and acceptance tests isn't enough, it's possible to set up a local terraform configuration to use a development builds of the provider. This can be achieved by leveraging the Terraform CLI configuration file development overrides.
First, use make install
to place a fresh development build of the provider in your
${GOBIN}
(defaults to ${GOPATH}/bin
or ${HOME}/go/bin
if ${GOPATH}
is not set). Repeat
this every time you make changes to the provider locally.
Then, setup your environment following these instructions to make your local terraform use your local build.
This project uses GitHub Actions to realize its CI.
Sometimes it might be helpful to locally reproduce the behaviour of those actions, and for this we use act. Once installed, you can simulate the actions executed when opening a PR with:
# List of workflows for the 'pull_request' action
$ act -l pull_request
# Execute the workflows associated with the `pull_request' action
$ act pull_request
The release process is automated via GitHub Actions, and it's defined in the Workflow release.yml.
Each release is cut by pushing a semantically versioned tag to the default branch.