![]() For instance, you can bake the tfsec tool into the image to use for security inspection and have it ready inside the Docker container without the need to install it every single time. You can use the official image from Hashicorp, but sometimes it’s wise to maintain your own Docker images with additional tools you may need. Once created, you can execute Terraform within a container context with configuration files mounted as a Docker volume. However, you can still have a pre-built environment - this will speed up the pipeline execution and provide control over the process.ĭocker image with a Terraform binary is one of the popular solutions that address this. terraform directory.īut, when you shift Terraform runs from your local machine to stateless pipelines, this is not the case. Running Terraform locally generally means that all dependencies are already in-place: you have the Terraform installed and present in the user’s PATH and providers already stored in the. There is no right or wrong approach, but whichever you choose, remember to follow the Don’t Repeat Yourself (DRY) principle: make the infrastructure code modular by logically grouping resources into higher abstractions and reusing these modules. But sometimes (e.g., serverless apps) changes to either part (app/infra) should trigger the deployment. ![]() When infrastructure code is stored with the application, sometimes you have to deal with additional rules for the pipeline to separate triggers for these code parts.Conversely, if you have a dedicated team that manages infrastructure (e.g., platform team), a separate repository for infrastructure is more convenient because it’s a standalone project in that case.The Terraform and application code coupled together represent one unit, so it’s simple to maintain by one team.Storing Terraform code in the same repository as the application code or maintaining a separate repository for the infrastructure? This question has no strict and clear answer, but here are some insights that may help you decide:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |