terraformのリポジトリ構成について妄想を膨らませる
anfangdTerraform関連のコマンドを実行するのが面倒なのでラッパーコマンドが欲しい を書いていたらボリューミィになってきたので、ディレクトリ構成だけ切り離して考えます。
Links
公式
- Style Guide - Configuration Language | Terraform | HashiCorp Developer
- Modules Overview - Configuration Language | Terraform | HashiCorp Developer
- Build and use a local module | Terraform | HashiCorp Developer
- Module creation - recommended pattern | Terraform | HashiCorp Developer
Practice
- Terraform を使用するためのベスト プラクティス | Google Cloud
- 「それ、どこに出しても恥ずかしくないTerraformコードになってるか?」 / Terraform AWS Best Practices - Speaker Deck
- 一般的なスタイルと構造に関するベスト プラクティス | Terraform | Google Cloud
- Code structure | Terraform Best Practices
- Terraform Modules を Monorepo で versioning して管理 - スタディサプリ Product Team Blog
- Build and use a local module | Terraform | HashiCorp Developer
anfangdSimple Repository
anfangdMedium Repository
anfangdLarge Repository
anfangdEnterprise size Repository
anfangdFilename
backend.tfmain.tfoutputs.tfproviders.tfterraform.tfvariables.tflocals.tfoverride.tf
cf. Style Guide - Configuration Language | Terraform | HashiCorp Developer
anfangdRepository structure
How you structure your modules and Terraform configuration in version control significantly impacts versioning and operations. We recommend that you store your actual infrastructure configuration separately from your module code.
Store each module in an individual repository. This lets you independently version each module and makes it easier to publish your modules in the private Terraform registry.
cf. Style Guide - Configuration Language | Terraform | HashiCorp Developer
.
├── modules
│ ├── function
│ │ ├── main.tf # contains aws_iam_role, aws_lambda_function
│ │ ├── outputs.tf
│ │ └── variables.tf
│ ├── queue
│ │ ├── main.tf # contains aws_sqs_queue
│ │ ├── outputs.tf
│ │ └── variables.tf
│ └── vpc
│ ├── main.tf # contains aws_vpc, aws_subnet
│ ├── outputs.tf
│ └── variables.tf
├── main.tf
├── outputs.tf
└── variables.tf
Multiple environments
We recommend that your repository's main branch be the source of truth for all environments.
cf. Style Guide - Configuration Language | Terraform | HashiCorp Developer
.
├── compute
│ ├── main.tf
│ ├── outputs.tf
│ └── variables.tf
├── database
│ ├── main.tf
│ ├── outputs.tf
│ └── variables.tf
└── networking
├── main.tf
├── outputs.tf
└── variables.tf
If you do not use HCP Terraform or Terraform Enterprise, we recommend that you use modules to encapsulate your configuration, and use a directory for each environment so that each one has a separate state file. The configuration in each of these directories would call the local modules, each with parameters specific to their environment. This also lets you maintain separate variable and backend configurations for each environment.
cf. Style Guide - Configuration Language | Terraform | HashiCorp Developer
├── modules
│ ├── compute
│ │ └── main.tf
│ ├── database
│ │ └── main.tf
│ └── network
│ └── main.tf
├── dev
│ ├── backend.tf
│ ├── main.tf
│ └── variables.tf
├── prod
│ ├── backend.tf
│ ├── main.tf
│ └── variables.tf
└── staging
├── backend.tf
├── main.tf
└── variables.tf
Standard Module Structure
cf. Standard Module Structure | Terraform | HashiCorp Developer
A minimal recommended module
$ tree minimal-module/
.
├── README.md
├── main.tf
├── variables.tf
├── outputs.tf
A complete example of a module
$ tree complete-module/
.
├── README.md
├── main.tf
├── variables.tf
├── outputs.tf
├── ...
├── modules/
│ ├── nestedA/
│ │ ├── README.md
│ │ ├── variables.tf
│ │ ├── main.tf
│ │ ├── outputs.tf
│ ├── nestedB/
│ ├── .../
├── examples/
│ ├── exampleA/
│ │ ├── main.tf
│ ├── exampleB/
│ ├── .../
Local Module
cf. Build and use a local module | Terraform | HashiCorp Developer
.
├── LICENSE
├── README.md
├── main.tf
├── modules
│ └── aws-s3-static-website-bucket
├── outputs.tf
├── terraform.tfstate
├── terraform.tfstate.backup
└── variables.tf