Using Branching with Terraform
When writing the code for my article on Paired Security Groups in AWS, I made use of terraform to setup the various different configuration I wanted to demonstrate. This triggered some thoughts about how this could be applied more widely
Perhaps somewhat obvious, but it seemed that there is some mileage in using this strategy when managing environments. For example, this could make it easy to quickly reconfigure the infrastructure for test environments - simplifying testing applications with slightly different infrastructure.
It should be possible to submit pull requests and automatically test that the changes to terraform work as expected. The steps may be something like this:
terraform applyin a clean environment for the current state of the branch we are trying to merge into.
- Using the state that generated, run
terraform planto get the propsed changes - perhaps storing this as a check against the PR in github.
terraform applyto verify that there are not any other errors
- Perhaps run a test suite to verify the changes have been made and that the environment is still 'healthy'. i.e. there are not regressions.
terraform destroy. Both to clean up the infrastructure, but also to pick up andy issues the changes may introduce with being able to clean up easily.