README
¶
Stok
Supercharge Terraform On Kubernetes (or more accurately, a poor man's Terraform Enterprise)
Requirements
- A kubernetes cluster
Install
Download and install the CLI from releases.
Deploy CRDs and the operator to your cluster:
stok generate crds | kubectl create -f -
stok generate operator | kubectl apply -f -
First run
Ensure you're in a directory containing terraform configuration:
$ cat random.tf
resource "random_id" "test" {
byte_length = 2
}
Create a workspace:
stok workspace new default
Run terraform commands:
stok init
stok validate
stok plan
stok apply
Usage
Usage is similar to the terraform CLI:
Supercharge terraform on kubernetes
Usage:
stok [command]
Available Commands:
apply Run apply
destroy Run destroy
force-unlock Run force-unlock
generate Generate stok kubernetes resources
get Run get
help Help about any command
import Run import
init Run init
operator Run the stok operator
output Run output
plan Run plan
refresh Run refresh
runner Run the stok runner
shell Run shell
show Run show
taint Run taint
untaint Run untaint
validate Run validate
workspace Stok workspace management
Flags:
--debug Enable debug logging
-h, --help help for stok
-v, --version version for stok
Use "stok [command] --help" for more information about a command.
Commands such as terraform fmt or terraform console have been left out because there is no purpose to running them on kubernetes.
RBAC
TODO
Identity
Credentials
Place any credentials inside a kubernetes secret named stok. For example, to set credentials for the AWS provider:
kubectl create secret generic stok \
--from-literal=AWS_ACCESS_KEY_ID="youraccesskeyid" \
--from-literal=AWS_SECRET_ACCESS_KEY="yoursecretaccesskey"
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are then made available as environment variables.
Specific support is provided for the GCP provider. The environment variable GOOGLE_APPLICATION_CREDENTIALS is set to the file google-credentials.json. To populate that file, create a secret like so:
kubectl create secret generic stok --from-file=google-credentials.json=[path to service account key]
Documentation
¶
Overview ¶
Copyright © 2020 Louis Garman <louisgarman@gmail.com>
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
v1alpha1
Code generated by go generate; DO NOT EDIT.
|
Code generated by go generate; DO NOT EDIT. |
|
logging
|
|
|
handlers/cli
[leg100]: copy and pasted from apex pkg: * reduced padding from 3 to 1 * changed debug color from white to magneta (so I can see it on my solarized-light terminal scheme!) Package cli implements a colored text handler suitable for command-line interfaces.
|
[leg100]: copy and pasted from apex pkg: * reduced padding from 3 to 1 * changed debug color from white to magneta (so I can see it on my solarized-light terminal scheme!) Package cli implements a colored text handler suitable for command-line interfaces. |
|
handlers/prefix
Package prefix implements a colored text handler suitable for command-line interfaces with a configurable prefix
|
Package prefix implements a colored text handler suitable for command-line interfaces with a configurable prefix |
|
pkg
|
|