Before starting to change the configuration with Terraform, there is some set up work that needs to be done.
While the getting started guides are fine, in practice this leaves a problem of how to work with colleagues, and how to manage secrets.
My colleagues have created a tool called
Logan
which they use to run terraform.
It is installed using pip, but it is a docker container, so will require a working
docker to run properly. I have RedHat 7 installed on my desktop, so I had to
yum install python3
. I found I had to upgrade pip. Since there are other requirements
to install I created a virtual environment to install and run it in:
|
|
I already had docker set up, and also the ssh key for Gitlab. I installed the Google cloud SDK and authenticated as a service account as per the notes in the Logan readme. Then I was ready to install and run Logan (still in the python virtual environment).
Now in my project I was able to run
|
|
Terraform sees that the project requires Google Cloud modules, and downloads them. We can see that Logan takes care of mounting the current folder under /workdir inside the container, so all the terraform commands will work properly. It also creates a volume with the name of the current folder and -terraform-data appended which contains the terraform state. This is a nice way to keep the state without polluting the project.