My source code repository for private stuff is Gitlab and while working with Terraform, I want to have the state store remotely rather than locally. What are the options?
Gitlab Terraform state vs. Terraform cloud
- Version your Terraform state files.
- Encrypt the state file both in transit and at rest.
- Lock and unlock states.
- Remotely execute
Cool exactly what I want. But I searched further and found Configuring GitLab.com Access using Terraform Cloud. Looking at the docu the setup sounds pretty easy. So I choose the latter to give it a try.
Setting it up
On Terraform Cloud, in your workspace you add a new VCS Provider
The VSC provider, will point to
gitlab.com. I also will provide you a
Redirect URIwhich you will use in the next step
On GitLab, Create a New Application for Terraform
Applications is a way to define what app can use GitLab as an OAuth provider, and specify what they are allowed to do.
So you will allow Terraform Cloud to use the API. You also provide the
Redirect URIfrom step 1.
On Terraform Cloud, you finish to set up of your provider, by adding
Application Secretprovided in Step 2.
You will have to authorize the access once and then you are set.
See them working together
Once the setup is done, Terraform Cloud will detect changes on the source code on the branches you have defined in the Source - in my case I focus on
I’ve set it to
manually apply, which means only
terraform plan will be executed automatically and then it will wait that I apply the changes explicitly. But you also could enable
automatic apply if you want to.
In the Workspace overview you get various information about the runs and the state:
Form here you can dig further and get more details on the resources in the states or about the past runs.