| linkTitle | title | weight | description |
|---|---|---|---|
Armory CD |
Enable the Terraform Integration Stage in Armory Continuous Deployment |
1 |
Learn how to enable the Terraform Integration stage in Armory CD so that your app developers can provision infrastructure using Terraform as part of their delivery pipelines.
|
Enabling the Terraform Integration stage consists of these steps:
{{< include "plugins/terraform/compat-matrix.md" >}}
- You have read the [Terraform Integration Overview]({{< ref "plugins/terraform/_index.md" >}}).
- You are running Armory Continuous Deployment.
- You manage your instance using the Armory Operator.
Terraform Integration is a built-in feature of Armory CD.
If you are running open source Spinnaker, see the [Terraform Integration Overview]({{< ref "plugins/terraform#installation-paths" >}}) for installation paths based on whether you are using Halyard or the Spinnaker Operator.
{{< include "plugins/terraform/terraform-prereqs.md" >}}
Terraform Integration uses Redis to store Terraform logs and plans.
You can only configure the Terraform Integration feature to use a password with the default Redis user.
Configure Redis settings in your Armory CD configuration and then apply your changes.
{{< tabpane text=true right=true >}}
{{% tab header="spinnaker-kustomize-patches" %}}
You need to modify spinnaker-kustomize-patches/armory/features/patch-terraformer.yml. Add Redis configuration in the profiles section.
profiles:
redis:
baseUrl: "<your-redis-url>"
password: "<your-redis-password>"{{% /tab %}} {{% tab header="spinnakerservice.yml" %}}
spec:
spinnakerConfig:
profiles:
terraformer:
redis:
baseUrl: "<your-redis-url>"
password: "<your-redis-password>"{{% /tab %}} {{< /tabpane >}}
The Terraform Integration uses the following artifact accounts:
- Git Repo - To fetch the repo housing your main Terraform files.
- GitHub, BitBucket or HTTP - Optional. To fetch single files such as var-files or backend config files.
Spinnaker uses the Git Repo Artifact Provider to download the repo containing your main Terraform templates. For more configuration options, see Configure a Git Repo Artifact Account.
{{< tabpane text=true right=true >}}
{{% tab header="spinnaker-kustomize-patches" %}}
You need to modify spinnaker-kustomize-patches/armory/features/patch-terraformer.yml. Configure artifacts in the spec.spinnakerConfig.config.artifacts section.
spec:
spinnakerConfig:
config:
armory:
terraform:
enabled: true
artifacts:
gitrepo:
enabled: true
accounts:
- name: gitrepo
username: <username>
token: <git-token>
# password:
# tokenFile:
# usernamePasswordFile:
# sshPrivateKeyFilePath:
# sshPrivateKeyPassphrase:
# sshKnownHostsFilePath:
# sshTrustUnknownHosts: {{% /tab %}} {{% tab header="spinnakerservice.yml" %}}
spec:
spinnakerConfig:
profiles:
clouddriver:
artifacts:
gitRepo:
enabled: true
accounts:
- name: gitrepo
token: <your-personal-access-token>{{% /tab %}} {{< /tabpane >}}
You need to modify spinnaker-kustomize-patches/armory/features/patch-terraformer.yml. Configure additional artifacts in the spec.spinnakerConfig.config.artifacts section.
{{< include "plugins/terraform/configure-optional-repos.md" >}}
{{< tabpane text=true right=true >}}
{{% tab header="spinnaker-kustomize-patches" %}}
You need to modify your Kustomization recipe to include patch-terraformer.yml.
patchesStrategicMerge:
- armory/features/patch-terraformer.yml{{% /tab %}}
{{% tab header="spinnakerservice.yml" %}}
Add enabled: true to your terraform section.
spec:
spinnakerConfig:
config:
armory:
terraform:
enabled: true{{% /tab %}} {{< /tabpane >}}
After you finish your Terraform Integration configuration, apply your changes. Confirm that the Terraform Integration service (Terraformer) is deployed with your Armory CD deployment:
kubectl get pods -n <your-spinnaker-namespace>In the command output, look for a line similar to the following:
spin-terraformer-d4334g795-sv4vz 2/2 Running 0 0d{{< include "plugins/terraform/whats-next.md" >}}