gitlab-org--gitlab-foss/doc/user/infrastructure/iac/index.md

5.3 KiB

stage group info
Configure Configure To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments

Infrastructure as Code with Terraform and GitLab (FREE)

To manage your infrastructure with GitLab, you can use the integration with Terraform to define resources that you can version, reuse, and share:

  • Manage low-level components like compute, storage, and networking resources.
  • Manage high-level components like DNS entries and SaaS features.
  • Incorporate GitOps deployments and Infrastructure-as-Code (IaC) workflows.
  • Use GitLab as a Terraform state storage.
  • Store and use Terraform modules to simplify common and complex infrastructure patterns.

Watch a video overview of the features GitLab provides with the integration with Terraform.

Integrate your project with Terraform

IaC Scanning was introduced in GitLab 14.6.

The integration with GitLab and Terraform happens through GitLab CI/CD. Use an include attribute to add the Terraform template to your project and customize from there.

To get started, choose the template that best suits your needs:

All templates:

  • Use the GitLab-managed Terraform state as the Terraform state storage backend.
  • Trigger four pipeline stages: test, validate, build, and deploy.
  • Run Terraform commands: test, validate, plan, and plan-json. It also runs the apply only on the default branch.
  • Check for security problems using IaC Scanning.

Latest Terraform template

The latest template is compatible with the most recent GitLab version. It provides the most recent GitLab features, but can potentially include breaking changes.

You can safely use the latest Terraform template:

  • If you use GitLab.com.
  • If you use a self-managed instance updated with every new GitLab release.

Stable and advanced Terraform templates

If you use earlier versions of GitLab, you might face incompatibility errors between the GitLab version and the template version. In this case, you can opt to use one of these templates:

NOTE: In each GitLab major release (for example, 15.0), the latest templates replace the older ones. This process can introduce breaking changes. You can use an older version of the template if you need to.

Use a Terraform template

To use a Terraform template:

  1. On the top bar, select Main menu > Projects and find the project you want to integrate with Terraform.

  2. On the left sidebar, select Repository > Files.

  3. Edit your .gitlab-ci.yml file, use the include attribute to fetch the Terraform template:

    include:
     # To fetch the latest template, use:
      - template: Terraform.latest.gitlab-ci.yml
     # To fetch the stable template, use:
      - template: Terraform/Base.gitlab-ci.yml
     # To fetch the advanced template, use:
      - template: Terraform/Base.latest.gitlab-ci.yml
    
  4. Add the variables as described below:

    variables:
     TF_STATE_NAME: default
     TF_CACHE_KEY: default
     # If your terraform files are in a subdirectory, set TF_ROOT accordingly. For example:
     # TF_ROOT: terraform/production
    
  5. Optional. Override in your .gitlab-ci.yml file the attributes present in the template you fetched to customize your configuration.