type: "io.kestra.plugin.terraform.cli.TerraformCLI"Orchestrate Infrastructure as Code by executing Terraform CLI commands in a Docker container. This task assumes that you use a remote backend for storing Terraform state files, such as AWS S3, GCS, or Terraform Cloud.
Examples
Initialize Terraform, then create and apply the Terraform plan
id: git_terraform
namespace: company.team
tasks:
- id: git
type: io.kestra.plugin.core.flow.WorkingDirectory
tasks:
- id: clone_repository
type: io.kestra.plugin.git.Clone
url: https://github.com/anna-geller/kestra-ci-cd
branch: main
- id: terraform
type: io.kestra.plugin.terraform.cli.TerraformCLI
beforeCommands:
- terraform init
inputFiles:
terraform.tfvars: |
username = "cicd"
password = "{{ secret('CI_CD_PASSWORD') }}"
hostname = "https://demo.kestra.io"
outputFiles:
- "*.txt"
commands:
- terraform plan 2>&1 | tee plan_output.txt
- terraform apply -auto-approve 2>&1 | tee apply_output.txt
env:
AWS_ACCESS_KEY_ID: "{{ secret('AWS_ACCESS_KEY_ID') }}"
AWS_SECRET_ACCESS_KEY: "{{ secret('AWS_SECRET_ACCESS_KEY') }}"
AWS_DEFAULT_REGION: "{{ secret('AWS_DEFAULT_REGION') }}"
Properties
commands
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ✔️
- Min items:
1
The commands to run such as terraform apply -auto-approve.
beforeCommands
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
The setup commands to initialize the environment before executing the main list of commands such as terraform init.
containerImage
- Type: string
- Dynamic: ✔️
- Required: ❌
- Default:
hashicorp/terraform
The task runner container image, only used if the task runner is container-based.
docker
- Type: DockerOptions
- Dynamic: ❌
- Required: ❌
Deprecated, use 'taskRunner' instead
env
- Type: object
- SubType: string
- Dynamic: ✔️
- Required: ❌
Additional environment variables such as credentials and configuration for the Terraform provider.
inputFiles
- Type:
- object
- string
- Dynamic: ✔️
- Required: ❌
The files to create on the local filesystem. It can be a map or a JSON object.
namespaceFiles
- Type: NamespaceFiles
- Dynamic: ❌
- Required: ❌
Inject namespace files.
Inject namespace files to this task. When enabled, it will, by default, load all namespace files into the working directory. However, you can use the
includeorexcludeproperties to limit which namespace files will be injected.
outputFiles
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
The files from the local filesystem to send to Kestra's internal storage.
Must be a list of glob) expressions relative to the current working directory, some examples:
my-dir/,my-dir/*/ormy-dir/my-file.txt.
taskRunner
- Type: TaskRunner
- Dynamic: ❌
- Required: ❌
- Default:
{ "type": "io.kestra.plugin.scripts.runner.docker.Docker" }
The task runner to use.
Task runners are provided by plugins, each have their own properties.
Outputs
exitCode
- Type: integer
- Required: ✔️
- Default:
0
outputFiles
- Type: object
- SubType: string
- Required: ❌
vars
- Type: object
- Required: ❌
Definitions
io.kestra.core.models.tasks.NamespaceFiles
enabled- Type: boolean
- Dynamic: ❌
- Required: ❌
- Default:
true
exclude- Type: array
- SubType: string
- Dynamic: ❌
- Required: ❌
include- Type: array
- SubType: string
- Dynamic: ❌
- Required: ❌
io.kestra.plugin.scripts.runner.docker.Cpu
cpus- Type: integer
- Dynamic: ❌
- Required: ❌
io.kestra.core.models.tasks.runners.TaskRunner
type- Type: string
- Dynamic: ❌
- Required: ✔️
- Validation RegExp:
\p{javaJavaIdentifierStart}\p{javaJavaIdentifierPart}*(\.\p{javaJavaIdentifierStart}\p{javaJavaIdentifierPart}*)* - Min length:
1
io.kestra.plugin.scripts.runner.docker.Memory
kernelMemory- Type: string
- Dynamic: ✔️
- Required: ❌
memory- Type: string
- Dynamic: ✔️
- Required: ❌
memoryReservation- Type: string
- Dynamic: ✔️
- Required: ❌
memorySwap- Type: string
- Dynamic: ✔️
- Required: ❌
memorySwappiness- Type: string
- Dynamic: ✔️
- Required: ❌
oomKillDisable- Type: boolean
- Dynamic: ❌
- Required: ❌
io.kestra.plugin.scripts.exec.scripts.models.DockerOptions
image- Type: string
- Dynamic: ✔️
- Required: ✔️
- Min length:
1
config- Type:
- string
- object
- Dynamic: ✔️
- Required: ❌
- Type:
cpu- Type: Cpu
- Dynamic: ❌
- Required: ❌
credentials- Type: Credentials
- Dynamic: ✔️
- Required: ❌
deviceRequests- Type: array
- SubType: DeviceRequest
- Dynamic: ❌
- Required: ❌
entryPoint- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
extraHosts- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
host- Type: string
- Dynamic: ✔️
- Required: ❌
memory- Type: Memory
- Dynamic: ❌
- Required: ❌
networkMode- Type: string
- Dynamic: ✔️
- Required: ❌
pullPolicy- Type: string
- Dynamic: ❌
- Required: ❌
- Default:
ALWAYS - Possible Values:
IF_NOT_PRESENTALWAYSNEVER
shmSize- Type: string
- Dynamic: ✔️
- Required: ❌
user- Type: string
- Dynamic: ✔️
- Required: ❌
volumes- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
io.kestra.plugin.scripts.runner.docker.Credentials
auth- Type: string
- Dynamic: ✔️
- Required: ❌
identityToken- Type: string
- Dynamic: ✔️
- Required: ❌
password- Type: string
- Dynamic: ✔️
- Required: ❌
registry- Type: string
- Dynamic: ✔️
- Required: ❌
registryToken- Type: string
- Dynamic: ✔️
- Required: ❌
username- Type: string
- Dynamic: ✔️
- Required: ❌
io.kestra.plugin.scripts.runner.docker.DeviceRequest
capabilities- Type: array
- SubType: array
- Dynamic: ❌
- Required: ❌
count- Type: integer
- Dynamic: ❌
- Required: ❌
deviceIds- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
driver- Type: string
- Dynamic: ✔️
- Required: ❌
options- Type: object
- SubType: string
- Dynamic: ❌
- Required: ❌