Terraform is an excellent infrastructure-as-code (IaC) management and resource provisioning solution, but it can be made much better with the help of complementary or augmentative tools. One of these tools is Atlantis, a Terraform operations automation solution.
Atlantis helps make Terraform operations more efficient by automating pull requests. It accelerates the development process and creates advantages for developers and operators. Here are five of the most important benefits Atlantis brings to Terraform IaC management.
Streamlining Collaborative Workflow Review and Execution
Terraform workflow review and execution is achieved through a number of ways and by using various tools. It can be through automated testing, continuous integration/continuous deployment, and infrastructure-as-code best practices. The implementation of policy-as-code through tools like HashiCorp Sentinel and Open Policy Agent also helps. Additionally, Terraform can be integrated with version control systems (VCS).
When it comes to Terraform’s integration with a VCS, the process can be made more efficient with the help of Atlantis. This pull request automation solution notably enables collaboration between developers and operators to review infrastructure code changes without having to leave the VCS they are using. It facilitates the review process triggered by pull requests to ensure that all changes introduced into the code are thoroughly examined before they are implemented. Atlantis provides a feedback and visibility loop into Terraform plan outputs to enable code reviewers and other stakeholders to evaluate the proposed changes easily through their VCS interface.
Atlantis effectively serves as a centralized platform for code review and feedback. It provides a structured workflow to make sure that code changes pass through a standardized review prior to deployment. It streamlines collaboration when it comes to code change evaluation and deployment.
With the streamlining it enforces, Atlantis helps accelerate the execution of Terraform commands, particularly the plan and apply commands, based on pull request events. It eliminates the need for manual intervention, which significantly reduces errors and ensures the consistent execution of commands across different environments.
Git-based Workflow Advantages
When going through Atlantis-Terraform guides or tutorials, one detail that is usually mentioned is the use of a Git-based workflow. Tutorials usually indicate that a GitHub account is required to get started with Atlantis.
First, the developer, who has the permission to introduce changes, pushes code to a development or a branch of it. Then, the dev transmits a merge request, which leads to the initiation of a Terraform Plan process. Next, Atlantis executes the Terraform Plan, showing the output in the comment section of the merge request.
Once the plan is examined and approved, the Terraform Apply command is then triggered within Atlantis. In turn, Atlantis executes the Terraform Apply command to apply the changes to the infrastructure. The development branch can then merge into the main branch.
This workflow provides two main advantages. First, it creates visibility for reviewers of code changes as well as other parties whose input is key to the review process. This peer review setup is inherent in the use of Atlantis with Terraform, wherein developers can also run a Plan command within Atlantis in the merge request comments section to initiate a Terraform Plan command.
Another advantage of the Git-based workflow is the certainty that provisioning and code verification happen before the changes are merged. This ensures that all code changes have been thoroughly scrutinized beforehand, which prevents the need to redo the code because the errors were discovered belatedly.
Terraform and Terragrant management
Terragrunt is a tool that serves as a wrapper around Terraform to boost its functions. At the same time, it simplifies the use of Terraform in IaC management. It comes with a number of features, including dependency handling, remote state management, and the ability to create configurations for specific environments. Additionally, it enables modularity and code reuse by defining infrastructure configurations as modules that can be used repeatedly or slightly modified to suit specific requirements.
Atlantis enables the management of both Terraform and Terragrunt projects, ensuring seamless collaboration between teams that use these tools. Again, it integrates with version control systems to provide a centralized means for code review and feedback, ensuring systematic and efficient workflows.
Additionally, it can be integrated with pull request systems to allow teams to discuss Terraform changes through the pull request UI, allowing reviewers to leave notes or messages regarding desired changes and feedback on the proposed modifications.
Atlantis is also useful in infrastructure state management for both Terraform and Terragrunt. It is capable of isolating and managing state files to prevent the emergence of conflicts that may occur when several developers modify the infrastructure concurrently. Atlantis creates isolated workspaces for every pull request or development branch to avoid confusion during the code change review and application steps. This setup ensures that changes can be applied without affecting other ongoing work.
Moreover, Atlantis integrates with CI/CD systems. It can initiate the execution of Terraform commands to maximize visibility in continuous integration and deployment processes. This helps teams to know that any proposed changes have been tested first before being deployed automatically.
In summary
Atlantis augments Terraform’s IaC management capabilities through seamless team collaboration, automation, consistency, and sandboxed infrastructure state management. It also enables visibility for code reviewers and other stakeholders while ensuring that code changes are reviewed first before they are applied. It can even be used with Terragrunt, another tool that operates alongside Terraform to create configurations that work with multiple Terraform modules and are capable of remote state management.
It is also worth noting that Atlantis leverages merge requests and webhooks from the VCS used in Terraform to automate commands within the context of pull requests. This makes the process of reviewing code changes structured and well-informed, which helps with decision-making when implementing infrastructure changes. It supports the detection of errors in the Terraform Plan output before changes in the branches are merged to the main development code. Simply put, it is a useful tool that can provide palpable benefits in Terraform operations.