Pull request automation ensures that any changes proposed to your Terraform configurations are reviewed and approved before being merged, reducing the risk of potential errors, improving security, and maintaining a consistent infrastructure state. By automating this process, you can streamline your workflows and minimize human intervention.
Before diving into the setup process, make sure you have the following:
Setting Up Terraform Pull Request Automation with Bitbucket:To achieve this automation, we'll be using Bitbucket Pipelines, a powerful continuous integration and deployment feature built into Bitbucket.
Step 1: Enable Bitbucket Pipelines
Step 2: Configure the Pipeline
image: hashicorp/terraform:latest
pipelines:
default:
- step:
name: Terraform Plan
script:
- terraform init
- terraform plan
- terraform plan -out=tfplan
- terraform show -no-color -json tfplan > tfplan.json
- terraform plan -detailed-exitcode || true
This configuration specifies that we want to use the latest Terraform image from the official HashiCorp Docker Hub, and it defines a pipeline with a single step that initializes, plans, and outputs the Terraform plan in JSON format.
Step 3: Add a Webhook for Pull Request Automation
Now, whenever a pull request is created or updated, the webhook will be triggered, and the Terraform plan will run as a part of the pipeline.
Step 4: Integrating the Output into the Pull RequestTo display the output of the Terraform plan directly in the pull request, we'll use a custom Bitbucket app or integration. You can develop your app, or search for an existing one that suits your needs.