README
¶
Stok
Supercharge Terraform On Kubernetes (or more accurately, a poor man's Terraform Enterprise)
Requirements
- A kubernetes cluster
Install
Download and install the CLI from releases.
Deploy CRDs and the operator to your cluster:
stok generate crds | kubectl create -f -
stok generate operator | kubectl apply -f -
First run
Ensure you're in a directory containing terraform configuration:
$ cat random.tf
resource "random_id" "test" {
byte_length = 2
}
Create a workspace:
stok workspace new default/default
Run terraform commands:
stok init
stok validate
stok plan
stok apply
Usage
Usage is similar to the terraform CLI:
Usage: stok [command]
Terraform Commands:
apply destroy force-unlock
get import init
output plan refresh
show state taint
untaint validate
Stok Commands:
generate Generate deployment resources
sh Run shell commands in workspace
workspace Stok workspace management
Flags:
--debug Enable debug logging
-h, --help help for stok
-v, --version version for stok
Use "stok [command] --help" for more information about a command.
Commands such as terraform fmt or terraform console have been left out because there is no purpose to running them on kubernetes.
RBAC
TODO
Identity
Credentials
Place any credentials inside a kubernetes secret named stok. For example, to set credentials for the AWS provider:
kubectl create secret generic stok \
--from-literal=AWS_ACCESS_KEY_ID="youraccesskeyid" \
--from-literal=AWS_SECRET_ACCESS_KEY="yoursecretaccesskey"
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are then made available as environment variables.
Specific support is provided for the GCP provider. The environment variable GOOGLE_APPLICATION_CREDENTIALS is set to the file google-credentials.json. To populate that file, create a secret like so:
kubectl create secret generic stok --from-file=google-credentials.json=[path to service account key]
Documentation
¶
Overview ¶
Copyright © 2020 Louis Garman <louisgarman@gmail.com>
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
stok.goalspike.com/v1alpha1
Package v1alpha1 contains API Schema definitions for the stok v1alpha1 API group +kubebuilder:object:generate=true +groupName=stok.goalspike.com
|
Package v1alpha1 contains API Schema definitions for the stok v1alpha1 API group +kubebuilder:object:generate=true +groupName=stok.goalspike.com |
|
pkg
|
|
|
k8s/stokclient
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
|
k8s/stokclient/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
|
k8s/stokclient/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
|
k8s/stokclient/typed/stok.goalspike.com/v1alpha1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
k8s/stokclient/typed/stok.goalspike.com/v1alpha1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |