Atlantis - TF Automation

⚙️ Atlantis — Terraform Workflow Automation: managing your GIT repositories using Terraform & Atlantis.

IaC Automation Governance:

• GitOps is great when it adheres to your governance philosophies. GitOps is clearly a powerful step forward for both Applications & Infrastructure using Terraform IaC Workflow with Atlantis and/or GitOps Workflow with Crossplane.

• It’s an incredibly powerful way to provision complex infrastructure in GitOps. Hand the controls back over to the humans for Day 2 governance of your production clusters.

  • Day 1. provisioning of infrastructure with Atlantis, cloud native application suites, application CI/CD with Argo Workflows.
  • Day 2. day-to-day infrastructure management with Crossplane (control plane), observability and monitoring. vcluster?

CI/CD for Infrastructure as Code with Terraform and Atlantis

1. A developer creates a feature branch in git, makes some changes, and creates a Pull Request (GitHub) or Merge Request (GitLab).
2. The developer enters atlantis plan in a PR comment.
3. Via the installed web hooks, Atlantis locally runs terraform plan. If there are no other Pull Requests in progress, Atlantis adds the resulting plan as a comment to the Merge Request.

• If there are other Pull Requests in progress, the command fails because we can’t ensure that the plan will be valid once applied).

4. The developer ensures the plan looks good and add reviewers to the Merge Request.
5. Once the PR has been approved, the developer enters atlantis apply in a PR comment. This will trigger Atlantis to run terraform apply and the changes will be deployed to your infrastructure.

• The command will fail if the Merge Request has not been approved.

How Atlantis automates your Terraform IaC Atlantis wraps around Terraform to create an automated, auditable system for ensuring that your IaC repositories are accurate and up-to-date representations of your deployed infrastructure. Through pull requests and your Git provider of choice, it shows you exactly what your proposed changes will do and abstracts away the responsibility of executing Terraform plans.

Here’s the step-by-step once you have automated Terraform:

1. You create a PR that adds or modifies a Terraform configuration (.tf) file, which calls a Atlantis webhook running inside your infrastructure.
2. Atlantis receives the call and runs terraform plan against your infrastructure.
3. Atlantis adds a comment to the PR with the full log output from terraform plan, which ensures you and your reviewers can see the full implications of your changes.
4. You and your peers engage in the standard code collaboration and review process you have established.
5. One or more peers approves your PR.
6. You run atlantis apply directly in the comments of your Git platform.
7. Atlantis runs terraform apply in the background and returns the output of that command to the comments.
8. If your changes are deployed as expected, the PR is automatically merged and closed.

• https://www.runatlantis.io/guide/testing-locally.html
• https://kubefirst.io/blog/k3d/
• https://iopshub.medium.com/streamlining-gitops-with-atlantis-and-terraform-1c5654f725df
• https://blog.searce.com/getting-started-atlantis-with-terraform-and-github-4e99ab190655