...
This Universal Extension allows to create tasks that execute terraform commands. Typically, it can be used for Use Cases where UAC acts as an orchestrator for resource provisioning and Terraform needs to be used to provision those resources.Stonebranch users to orchestrate infrastructure provisioning processes using Terraform.
Version Information
| Template Name | Extension Name | Extension Version |
|---|---|---|
| Terraform | ue-terraform | 1.0.1 |
Software Requirements
This integration requires Terraform, Universal Agent and Python runtime to execute the Universal Task.
...
Terraform is required to be installed on the host where agent the Universal Agent is installed. Related Terraform binaries and libraries needs need to be accessible by the agent.
...
Linux agents are supported:.
- Universal Agent for Linux Version 7.0.0.0 and later with python options installed.
...
Extension's Universal Agent host should be able to reach endpoints of services related to resource provisioning used by Terraform.
Key Features
This Universal Extension supports the following main features:.
- Init Terraform (Supports upgrade option)
- Plan Terraform (Supports Refresh-only planning mode)
- Apply Terraform
- Destroy Terraform
...
To use the Universal Template, you first must perform the following steps:.
This Universal Task requires the Resolvable Credentials feature. Check that the Resolvable Credentials Permitted system property has been set to true. For more information about Resolvable Credentials click here.
To import the Universal Template into your Controller, follow the instructions here.
When the files have been imported successfully, refresh the Universal Templates list; the Universal Template will appear on the list.
...
For the new Universal Task type, create a new task and enter the task-specific details that were created in the Universal Template.
Input Fields
| Filed | Input type | Default value | Type | Description |
|---|---|---|---|---|
| Action | Required | Init | Choice | Terraform command. Valid The valid values are :as follows.
|
| Upgrade Plugins | Optional | False | Boolean | If selected, this flag upgrades all previously-selected plugins to the newest version that complies with the configuration's version constraints. This will cause Terraform to ignore any selections recorded in the dependency lock file, and to take the newest available version matching the configured version constraints. Visible only when Action is "Init". |
| Terraform Credentials Introduced in version 1.0.1 | Optional | - | Credentials | Credentials that can be passed to the Variable Script. When the task is launched, they will be resolved and be part of the generated terraform variables file to be used when executing the terraform command. More information on how to use the Terraform Credentials can be found here. Visible when Action is "Plan", "Apply" or "Destroy". |
| Variables Script | Optional | Empty | Script | UAC script that contains Terraform input variables including all required credential mappings |
| Plan Output File | Optional | Empty | Text | File that contains the resulting plan of the Terraform "Plan" command. If Specifies the file name for the generated plan. If the file already exists, it will be overwritten. Visible only when Action = "Plan". |
| Plan File | Optional | Empty | Text | Plan file that is applied Path to a previously generated plan file that will be used when applying a new configuration. Visible only when Action = "Apply". |
| Planning mode | Optional | None | Choice | Terraform Planning Mode that is will be applied. The valid values are as follows.
|
| Print Log on STDERR | Optional | True | Boolean | If selected the generated, Terraform log will be printed on STDERR. When not selected, the Terraform log is not printed. |
| JSON Output | Optional | False | Boolean | If selected, Terraform log will be printed in JSON format. Visible only when Print Log on STDERR = "True". |
| Runtime Directory | Optional | Empty | TextPath | where all Terraform files, plugins, and execution will be performed. It should be also the path to .tf file Directory in which the application should be executed. It needs to contain the Terraform .tf files, as well as any additional mandatory Terraform files required for the specific action. |
Task Examples
Terraform Init
Init action with default fields
setting the runtime directory where the Terraform will be initialized.
Terraform Plan
Plan action with provided Plan Output File, Variables Script, Printing logs in json format and PATH variable to terraform binary.
Variable Script:
JSON format on STDERR using a specific runtime directory.
Terraform Apply
Apply action with provided Plan File, Variables Script, Printing logs in json format and PATH variable to terraform binary.
using a specific runtime directory.
| Note |
|---|
When Terraform is using a previously generated plan file, variable scripts can not be re-evaluated. |
| Anchor | ||||
|---|---|---|---|---|
|
Passing credentials from the template to the terraform variable file.
One credential field can be passed, the configuration of which can be used to allow users to pass credentials into variable scripts. User has the freedom to decide which credential parameters (like "Runtime User", Runtime Password", "Key Location") can be used from the credential field to propagated to the variables script.
Terraform Destroy
Destroy action with Printing logs in json format and PATH variable to terraform binary
JSON format using a specific runtime directory.
Task Output
Exit Codes
...
| Exit Code | Status Classification Code | Status Classification Description | Status Description |
|---|---|---|---|
| 0 | SUCCESS | Successful Execution | SUCCESS: Terraform command executed successfully! |
| 1 | FAIL | Failed Execution | FAIL: Unexpected error. See STDERR for more details. |
| 20 | DATA_VALIDATION_ERROR | Input fields validation error | DATA_VALIDATION_ERROR: Some of the input fields cannot be validated. See STDERR for more details. |
Extension Output
Upon Task's successful completion, the extension produces an Extension Output similar to the one in the example below:In the context of a workflow, subsequent tasks can rely on the information provided by this integration as Extension Output.
Attribute changed is populated as follows.
| null | If Action is Init/Apply/Destroy. |
| false | If Action is Plan, and it has succeeded with empty diff (no changes). |
| true | If Action is Plan, and it has succeeded with non-empty diff (changes present). |
Attribute result.commands provides information for the Terraform executed command. It contains the following sub-attributes.
| Attribute | Output Type | Type | Description |
|---|---|---|---|
| cmd | Mandatory | Text | The executed command |
| rc | Mandatory | Integer | Return code of executed command. |
An example of the Extension Output for a execution of Init action is presented below.
{
"exit_code": 0,
"status_description": "SUCCESS: Terraform command executed successfully!",
"changed": true,
"invocation": {
"extension": "ue-terraform",
"version": "1.0....
1",
"fields": {
"action": "Init",
"upgrade_plugins": false,
"variables_script": "",
"plan_file": "",
"plan_output_file": "",
"planning_mode": [],
"print_log_on_stderr": true,
"json_output": false
}
},
"result": {
"commands": [
{
"cmd": "terraform init -no-color -input=false",
"rc": 0
}
]
}
}...
Attribute result.commands provides information for the Terraform executed command.
It contains the following sub-attributes.
...
The Extension Output for Terraform is described below.
Attribute changed is populated as follows:
...
If subsequent tasks in a workflow reply on the output of this Universal Extension, they should rely on Extension Output.
STDOUT and STDERR
STDOUT and STDERR provide additional information to Useruser. The populated content can be changed in future versions of this extension without notice. Backward compatibility is not guaranteed.
Document References
| Name | LocationDocument Link | Description | |
|---|---|---|---|
| https://docs.stonebranch.com/confluence/display/UC72x/Universal + Templates | User documentation for creating, working with and understanding Universal Templates in the Universal Controller user interfaceand Integrations. | ||
| Universal Tasks | https://docs.stonebranch.com/confluence/display/UC72x/Tasks | User documentation for creating Universal Tasks in the Universal Controller user interface. | |
| Resolvable Credentialshttps://docs.stonebranch.com/confluence/display/UC72x/Credentials#Credentials-ResolvableCredentialsResolvableCredentials | User documentation : Resolvable Credentialsfor creating and working with credentials. | ||
| Resolvable Credentials Permitted | https://docs.stonebranch.com/confluence/display/UC72x/Properties#Properties-ResolvableCredentialsPermitted | User documentation: Property | User documentation for Resolvable Credentials Permitted Property. |
| Terraform Introhttps://www.terraform.io/intro | Introduction to Terraform official documentation | ||
| Terraform Cli | https://www.terraform.io/cli | Terraform Cli official documentation |
Changelog
ue-terraform-1.0.1 (2022-07-19)
Enhancements
Fixed: Credentials can now be passed from Credential field to the variable script.