An intro to writing infrastructure code using Terraform+GitHub

Ben Moore
Ben Moore
Jul 10, 2017 · 5 min read

I’ve recently been excited about the extra possibilities opened up by using a code repository to enhance automated infrastructure deploy tools.

So, using a couple tutorials as the baseline, in this guide I’ll show you how to combine Terraform and GitHub to create a code repository and do your first basic infrastructure deployment.

First, the basics…

What is Terraform?

Terraform is an open source project by Hashicorp that allows you to build/modify/destroy infrastructure all defined via reference files (.tf files). Terraform works with public cloud providers as well as on-prem solutions as well.

What is GitHub?

GitHub is an open source project originally started by Linus Torvalds in 2005. It is a distributed version control management platform that allows large teams to simultaneously collaborate on code repositories.

Why use them together?

Here are some of my recent thoughts:

To establishing a standard for deploying consistent infrastructure across multiple providers

To easily share infrastructure deployment code among multiple team members

To integrate infrastructure deployment code with a pre-existing change management and approval processes

To build code that escrows as part of a DR-to-cloud recovery plan

To cleanly separate the layer of infrastructure deployment from the layer of configuration management

On to the technical stuff!

First things first — if you haven’t worked with Terraform or GitHub you can use these guides as a starting point to get your environment set up:

Starting your first Terraform code repository with Git

Sign into your GitHub account and create a new repository:

If this is your first time on the command line using Git, you’ll need to follow the steps here in order to install the command line toolset and configure your default account information:

Once that’s done, clone your new repository from the site to your local computer via command line:

git clone <url>

Check repository status:

cd <repository directory>

git status

Branches represent changes to the base code that need to be reviewed and versioned. Create a new branch for your first code changes, then change to work on the branch:

git branch <branch name>

git checkout <branch name>

After this step, you have created a local copy of the repository and built a branch that exists only on your local computer.

From here, you’re ready to browse to the local repository directory and copy in the sample infrastructure deployment code from the Terraform tutorial.

Here’s one caveat: In the Terraform tutorial link above, it suggests embedding your AWS access and secret keys into the terraform file. Uploading your AWS or other cloud access key/secret key to GitHub is a bad idea and you should never do it (especially in a public repo)!

Instead, create a file called variables.tf inside your working directory and put in the two following lines. This will prompt for your access and secret keys on demand during the deploy, modification and destruction of your infrastructure:

This requires a slight modification to the terraform tutorial’s tf file. Go ahead and create this in your working directory as <reponame>.tf:

That should leave you with these files in your working directory:

So, if you run another “git status” you will see that we have one or two files to add to the branch, so we go ahead and do that using the git add command:

git status

git add *

Note that at this point I had already created the branch and built the deploy file, so it is just showing one file to commit, but you will have two.

Commit your changes. If you leave off the -m on the commit you’ll be presented with a vi window — I’m using the shorthand way to keep things simple here:

git commit -m “comment here”

Push your branch to sync your local repository back to GitHub, then run a git status again to verify everything’s up to date:

git push -u origin <branch name>

At this point you’ll see your new branch in the GitHub console, waiting to be pulled. Complete the pull request process to merge the branch back into the master:

Inspect your code and complete the pull request if everything looks good:

Merge your pull request, then delete the working branch:

At this point we are ready to start working with Terraform, which is the easy part!

Start with a terraform plan to validate the contents of the .tf file we created earlier in the process:

terraform plan

If the plan executes without any warnings, it’s time to apply the configuration and deploy the server. This can take several minutes so be patient while the server is deployed:

terraform apply

Verify that the AWS Instance has been created in your AWS control panel:

Since you deployed this through terraform, you can then use the terraform show command to show the running state of the instance that was just provisioned:

terraform show

And since we’re done now, you can destroy the instance:

terraform destroy

Until next time!

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade