Terraform Cloud Operator 2.3 adds workspace run operations
Terraform Cloud Operator for Kubernetes adds more Day 2 operations. Users can now start runs using workspace resource annotations.
In November 2023, we announced the general availability of the Terraform Cloud Operator for Kubernetes. The Terraform Cloud Operator streamlines infrastructure management, allowing platform teams to offer a Kubernetes-native experience for their users while standardizing on Terraform workflows. Today we are excited to announce the general availability of version 2.3 of the Terraform Cloud Operator, with the ability to initiate workspace runs declaratively.
» Introducing workspace run operations
In previous versions of the Terraform Cloud Operator v2, the only way to start a run was by patching the restartedAt
timestamp in the Module
resource. But this approach was not intuitive, did not work for all types of workspaces and workflows, and did not allow users to control the type of run to perform. This challenge hindered migration efforts to the newest version of the Terraform Cloud Operator. . Now with version 2.3, users can declaratively start plan, apply, and refresh runs on workspaces. This enhances self-service by allowing developers to initiate runs on any workspace managed by the Operator, including VCS-driven workspaces.
The Workspace
custom resource in version 2.3 of the operator supports three new annotations to initiate workspace runs:
-
workspace.app.terraform.io/run-new
: Set this annotation to"true"
to trigger a new run. -
workspace.app.terraform.io/run-type
: Set toplan
(default),apply
, orrefresh
to control the type of run. -
workspace.app.terraform.io/run-terraform-version
: Specifies the version of Terraform to use for a speculativeplan
run. For other run types, the workspace version is used.
As an example, a basic Workspace
resource looks like this:
apiVersion: app.terraform.io/v1alpha2
kind: Workspace
metadata:
name: this
spec:
organization: kubernetes-operator
token:
secretKeyRef:
name: tfc-operator
key: token
name: kubernetes-operator
Using kubectl
as shown here, annotate the above resource to immediately start a new apply run:
kubectl annotate workspace this \
workspace.app.terraform.io/run-new="true" \
workspace.app.terraform.io/run-type=apply --overwrite
The annotation is reflected in the Workspace
resource for observability:
apiVersion: app.terraform.io/v1alpha2
kind: Workspace
metadata:
annotations:
workspace.app.terraform.io/run-new: "true"
workspace.app.terraform.io/run-type: apply
name: this
spec:
organization: kubernetes-operator
token:
secretKeyRef:
name: tfc-operator
key: token
name: kubernetes-operator
After the run is successfully triggered, the operator will set the run-new
value back to "false"
.
» Learn more and get started
HashiCorp works to continuously improve the Kubernetes ecosystem by enabling platform teams at scale. Learn more about the Terraform Cloud Operator by reading the documentation and the Deploy infrastructure with the Terraform Cloud Kubernetes Operator v2 tutorial. If you are completely new to Terraform, sign up for Terraform Cloud and get started using the Free offering today.
Sign up for the latest HashiCorp news
More blog posts like this one
![Terraform extension for VS Code speeds up loading of large workspaces](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1714155806-blog-library-product-terraform-dark-gradient.jpg&w=3840&q=75)
Terraform extension for VS Code speeds up loading of large workspaces
New releases of the HashiCorp Terraform extension for Visual Studio Code and Terraform language server significantly reduce memory usage and start up time for large workspaces.
![Why use Vault-backed dynamic credentials to secure HCP Terraform infrastructure?](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1572286031-vault-terraform-background.png&w=1920&q=75)
Why use Vault-backed dynamic credentials to secure HCP Terraform infrastructure?
Learn how HCP Terraform and Terraform Enterprise users can use Vault-backed dynamic credentials to secure their infrastructure during provisioning better than the base-level dynamic provider credentials.
![HCP Terraform adds granular API access for audit trails](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1714170900-blog-library-product-hcp-terraform-dark.jpg&w=3840&q=75)
HCP Terraform adds granular API access for audit trails
HCP Terraform eliminates the need to rely on organization permissions to the audit trails endpoint, streamlining permissions workflows and reducing risk.