Common Terraform Setup

For commands that run terraform against an environment like deploy there is a common process for setting up terraform that is performed:

The release is downloaded and unpacked, including the release data and the exact Terraform image, .terraform.lock.hcl (see below) & modules in order that nothing changes as your release is promoted through the pipeline.
The terraform backend is configured using config returned from the config container, in order to load and save your Terraform state.
The terraform workspace is initialised and selected for the environment you are using.

Backend

If it doesn't already exist then an empty backend partial configuration is written to infra/terraform.tf with the backend type returned from the config container:

terraform {
  backend "RETURNED_BACKEND_TYPE" {}
}

Terraform is then run to complete backend configuration based on the config keys and values returned from the config container - similar to the following:

$ terraform init \
    -get=false \
    -backend-config="key1=value1" \
    -backend-config="key2=value2"

Workspace

The terraform workspace is initialised (if neccessary) and selected, similar to:

$ if terraform workspace list | grep -q '\bENV\b'; then
    terraform workspace select ENV
else
    terraform workspace new ENV
fi

cdflow2 uses the .terraform.lock.hcl file to ensure that provider versions do not change as a release is promoted through your pipeline. If there is aready an infra/.terraform.lock.hcl file committed then that will be used. Otherwise cdflow2 will save the one created during the release step in the release archive and ensure it is in place for each Terraform operation (e.g. during deploy).

Common Terraform Setup

.css-1r0pe6c{color:inherit;-webkit-text-decoration:none;text-decoration:none;}.css-1r0pe6c:hover{-webkit-text-decoration:underline;text-decoration:underline;}Backend

Workspace

Dependency Lock File

Backend