Skip to content
Snippets Groups Projects
Open Key Improvements for the Terraform module registry
  • Key Improvements for the Terraform module registry

  • Key Improvements for the Terraform module registry

    Open Epic created by Viktor Nagy (GitLab)

    This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

    Engineering DRI: @mattkasa

    Release post candidate

    Terraform modules are great to simplify, standardize and speed up infrastructure provisioning inside a company. Until now you could use only file or git based modules with GitLab or an external Terraform registry. By extending the GitLab registry with Terraform modules your modules can be found easily, moreover - as the registry supports semantic versioning - you get simple and secure module updates out of the box for the module's consumers.

    Problem to solve

    As a DevOps engineer, in order to use versioned modules with Terraform, I'd like to use a GitLab integrated Terraform registry.

    Currently, the only convenient way to store private Terraform providers is by using Terraform Cloud without having to write your own service. While this may work for some organizations, I would like to store custom in-house providers on my infrastructure. Since I already use GitLab extensively on my infrastructure, I would like to store the source code for the Terraform provider, the definition of the CI/CD pipeline, and the resulting packing all in the same place.

    Intended users

    Our own SREs building https://ops.gitlab.net/gitlab-com/gl-infra/terraform-modules

    Further details

    There are many registries out there that we can learn from. Some that are related to infrastructure and configuration:

    Proposal

    • Under project settings I should be able to tell if my registry should be public or private. For public projects the registry is always public. (This is the same logic what we have with GitLab Pages.)
    • We want to support semver versioning in accessing modules.

    001_Project_level_-Infrastructure_registry-_Empty_state 002_Project_level_-Terraform-_Empty_state 003_Project_level_-Terraform-_Module_list

    004_Project_level_-Terraform-_Module_Detail_View-1

    004_Project_level_-Terraform-_Module_Detail_View-2

    004_Project_level_-Terraform-_Module_Detail_View

    007_Project_level_-Terraform-_Module_Versions

    102_Group-subgroup_Infrastructure_registry-Terraform_modules_list

    Iteration 1

    Iteration 2

    Iteration 3

    How are modules published?

    We want to follow Terraform's requirements around modules. This means that a Terraform module can be any git repo with a main.tf file in its root. Moreover, the GitLab should support the Terraform remote protocols specifications.

    A module is published when:

    • a main.tf file is present in its root
    • a new semver compliant git tag is added to the repo

    In the MVC, we DON'T want to support sub-modules.

    Future considerations outside of initial scope

    • Terraform sub-module support
    • How can we help with module discovery? Once a module is published, it's useful only if people can find it. In the case of Terraform, best practice is to provide an example directory that shows the module in action (and is used for optional tests too). There are tools to generate automatic documentation for a module, do we want to fall back to it if no documentation exists?

    Permissions and Security

    Documentation

    Availability & Testing

    What does success look like, and how can we measure that?

    What is the type of buyer?

    Links / references

    Some open source terraform registries:

    0 of 10 checklist items completed · Edited by 🤖 GitLab Bot 🤖

    Linked items 0

  • Link items together to show that they're related or that one is blocking others.

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first