The cloud.terraform automates the management and provisioning of infrastructure as code using Terraform CLI tool within Ansible playbooks and Execution Environment runtimes.
It is intended to support similar automation capabilities consistent with other cloud provisioning tool integrations for Ansible such as AWS Cloudformation, Azure Resource Manager and Helm with the added challenge of effectively managing a state file.
This collection is intended to support the following use cases:
- Automated create, update and teardown of infrastructure using an existing Terraform plan
- Transparent fetch and store Terraform state file to a remote source
- Read information from an existing Terraform state file
- Fetch Terraform project (plan and var) files from an external source such git with a Role
- Utilizing state files as dynamic inventory source with a Terraform Provider
This collection is not intended to manage the installation, configuration and operation of local developer instances of Terraform. Some of these operations may be possible through the overlap with the scope of this work, but not mean to be explicitly and comprehensively through modules, plugins and documentation support of this collection. This includes:
- Direct manipulation of Terraform state files (mv, rm, import)
- Direct manipulation or generation of Terraform plan files and variable files (fmt)
- Managing Terraform Workspaces
- Console subcommand
- Graph subcommand
This collection requires Ansible Core 2.15 or later and thus Python 3.9 or later.
| Name | Description |
|---|---|
| cloud.terraform.terraform_provider | Builds an inventory from Terraform state file. |
| Name | Description |
|---|---|
| cloud.terraform.tf_output | Reads state file outputs. |
| Name | Description |
|---|---|
| cloud.terraform.terraform | Manages a Terraform deployment (and plans) |
| cloud.terraform.terraform_output | Returns Terraform module outputs. |
You can install the cloud.terraform collection with the Ansible Galaxy CLI:
ansible-galaxy collection install cloud.terraform
You can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:
---
collections:
- name: cloud.terraformA specific version of the collection can be installed by using the version keyword in the requirements.yml file:
---
collections:
- name: cloud.terraform
version: 1.1.0You can either call modules by their Fully Qualified Collection Name (FQCN), such as cloud.terraform.terraform, or you can call modules by their short name if you list the cloud.terraform collection in the playbook's collections keyword:
---
- name: Basic deploy of a service
cloud.terraform.terraform:
project_path: '{{ project_dir }}'
state: presentThe project uses mypy and black.
Black works without special configuration, while mypy requires a valid package structure.
Assuming this repository is checked out in the proper structure,
e.g. collections_root/ansible_collections/cloud/terraform/, run:
black --check --diff .
black .
export MYPYPATH="$(realpath "$PWD/../../../")"
mypy -p ansible_collections.cloud.terraform.pluginsSanity and unit tests are run as normal:
ansible-test sanity
ansible-test units
antsibull-docs lint-collection-docs .To run integration tests, install terraform and ensure it is in your PATH.
If you want to run cloud integration tests, ensure you log in to the clouds:
# using the "default" profile on AWS
aws configure set aws_access_key_id my-access-key
aws configure set aws_secret_access_key my-secret-key
aws configure set region eu-north-1
# Azure login
az login
az account set --subscription <id>
# GCP login
gcloud auth application-default login
gcloud auth application-default set-quota-project <id>
black --check --diff .
MYPYPATH="$(realpath "$PWD/../../../")" mypy -p ansible_collections.cloud.terraform.plugins
ansible-test integration [target] [--exclude aws|azure|gcp]
# Generate docs
ansible-doc --list | grep cloud.terraform | cut -d " " -f 1 | xargs -I {} antsibull-docs plugin --dest-dir docs/ {}GNU General Public License v3.0 or later.
See LICENSE to see the full text.