debian-mirror-gitlab/doc/user/infrastructure/iac/index.md

123 lines
5.2 KiB
Markdown
Raw Normal View History

2021-10-27 15:23:28 +05:30
---
stage: Configure
group: Configure
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
---
# Infrastructure as Code with Terraform and GitLab **(FREE)**
2022-06-21 17:19:12 +05:30
To manage your infrastructure with GitLab, you can use the integration with
Terraform to define resources that you can version, reuse, and share:
- Manage low-level components like compute, storage, and networking resources.
- Manage high-level components like DNS entries and SaaS features.
- Incorporate GitOps deployments and Infrastructure-as-Code (IaC) workflows.
- Use GitLab as a Terraform state storage.
- Store and use Terraform modules to simplify common and complex infrastructure patterns.
<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Watch [a video overview](https://www.youtube.com/watch?v=iGXjUrkkzDI) of the features GitLab provides with the integration with Terraform.
2021-10-27 15:23:28 +05:30
2022-04-04 11:22:00 +05:30
## Integrate your project with Terraform
2021-10-27 15:23:28 +05:30
2022-03-02 08:16:31 +05:30
> SAST test was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/6655) in GitLab 14.6.
2022-06-21 17:19:12 +05:30
The integration with GitLab and Terraform happens through GitLab CI/CD.
Use an `include` attribute to add the Terraform template to your project and
customize from there.
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
To get started, choose the template that best suits your needs:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
- [Latest template](#latest-terraform-template)
- [Stable template and advanced template](#stable-and-advanced-terraform-templates)
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
All templates:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
- Use the [GitLab-managed Terraform state](#gitlab-managed-terraform-state) as
2021-10-27 15:23:28 +05:30
the Terraform state storage backend.
2022-06-21 17:19:12 +05:30
- Trigger four pipeline stages: `test`, `validate`, `build`, and `deploy`.
- Run Terraform commands: `test`, `validate`, `plan`, and `plan-json`. It also runs the `apply` only on the default branch.
- Run the [Terraform SAST scanner](../../application_security/iac_scanning/index.md#configure-iac-scanning-manually).
2022-03-02 08:16:31 +05:30
2022-06-21 17:19:12 +05:30
### Latest Terraform template
2022-04-04 11:22:00 +05:30
2022-06-21 17:19:12 +05:30
The [latest template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml)
is compatible with the most recent GitLab version. It provides the most recent
GitLab features, but can potentially include breaking changes.
2022-03-02 08:16:31 +05:30
2022-06-21 17:19:12 +05:30
You can safely use the latest Terraform template:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
- If you use GitLab.com.
- If you use a self-managed instance updated with every new GitLab release.
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
### Stable and advanced Terraform templates
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
If you use earlier versions of GitLab, you might face incompatibility errors
between the GitLab version and the template version. In this case, you can opt
to use one of these templates:
- [The stable template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml) with an skeleton that you can built on top of.
- [The advanced template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform/Base.gitlab-ci.yml) to fully customize your setup.
### Use a Terraform template
To use a Terraform template:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
1. On the top bar, select **Menu > Projects** and find the project you want to integrate with Terraform.
1. On the left sidebar, select **Repository > Files**.
1. Edit your `.gitlab-ci.yml` file, use the `include` attribute to fetch the Terraform template:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
```yaml
include:
# To fetch the latest template, use:
- template: Terraform.latest.gitlab-ci.yml
# To fetch the stable template, use:
- template: Terraform/Base.gitlab-ci.yml
# To fetch the advanced template, use:
- template: Terraform/Base.latest.gitlab-ci.yml
```
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
1. Add the variables as described below:
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
```yaml
variables:
TF_STATE_NAME: default
TF_CACHE_KEY: default
# If your terraform files are in a subdirectory, set TF_ROOT accordingly. For example:
# TF_ROOT: terraform/production
```
2022-07-16 23:28:13 +05:30
1. (Optional) Override in your `.gitlab-ci.yml` file the attributes present
2022-06-21 17:19:12 +05:30
in the template you fetched to customize your configuration.
## GitLab-managed Terraform state
Use the [GitLab-managed Terraform state](terraform_state.md) to store state
files in local storage or in a remote store of your choice.
2021-10-27 15:23:28 +05:30
## Terraform module registry
2022-06-21 17:19:12 +05:30
Use GitLab as a [Terraform module registry](../../packages/terraform_module_registry/index.md)
to create and publish Terraform modules to a private registry.
2021-10-27 15:23:28 +05:30
2022-04-04 11:22:00 +05:30
## Terraform integration in merge requests
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
Use the [Terraform integration in merge requests](mr_integration.md)
to collaborate on Terraform code changes and Infrastructure-as-Code
workflows.
2021-10-27 15:23:28 +05:30
## The GitLab Terraform provider
2022-07-16 23:28:13 +05:30
The [GitLab Terraform provider](https://github.com/gitlabhq/terraform-provider-gitlab) is a Terraform plugin to facilitate
managing of GitLab resources such as users, groups, and projects. It is released separately from GitLab
and its documentation is available on [Terraform](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs).
2021-10-27 15:23:28 +05:30
2022-05-07 20:08:51 +05:30
## Create a new cluster through IaC
2021-10-27 15:23:28 +05:30
2022-05-07 20:08:51 +05:30
- Learn how to [create a new cluster on Amazon Elastic Kubernetes Service (EKS)](../clusters/connect/new_eks_cluster.md).
- Learn how to [create a new cluster on Google Kubernetes Engine (GKE)](../clusters/connect/new_gke_cluster.md).
2022-01-26 12:08:38 +05:30
2022-06-21 17:19:12 +05:30
## Related topics
2021-10-27 15:23:28 +05:30
2022-06-21 17:19:12 +05:30
- [Terraform images](https://gitlab.com/gitlab-org/terraform-images).
- [Troubleshooting](troubleshooting.md) issues with GitLab and Terraform.