英文:
Branching strategy and CI/CD pipeline for a Terraform project with multiple environments
问题
只是为了防止有人遇到相同的问题:这是Hashicorp提供的一个解释性视频链接:https://www.youtube.com/watch?v=IDLGpkRmDXg&list=PLN_ubMte0AR5s9r4aKsIzZHWo5eGkch1f&index=1
我根据这里的Terraform文档https://www.hashicorp.com/blog/structuring-hashicorp-terraform-configuration-for-production,使用模块和环境来开发我的应用程序。因此,我有存储、计算、网络等模块,以及三个环境文件夹,用于开发、预发布和生产。
文件结构如下:
── 模块
├── 计算
│ ├── main.tf
│ ├── outputs.tf
│ ├── variables.tf
├── 数据库
├── 存储
── 开发
└── config.tf
└── main.tf
└── outputs.tf
└── provider.tf
└── variables.tf
── 预发布
── 生产
我在生产环境部署了我的代码,一切运行良好,现在我想部署我的预发布和生产环境。
我将我的代码从开发环境提交到GitHub存储库的开发分支,但对我来说有点混乱。
我最初的想法是创建另外两个分支——用于预发布和生产。但是原始部署代码中创建的环境文件夹怎么办?这将导致每个GitHub分支中都有一个开发、预发布和生产环境文件夹。
我计划使用GitHub Actions - 在分支推送时执行“terraform apply”操作,对应于该分支的环境(当推送到开发分支时执行“terraform apply”操作)。
到目前为止,情况令人困惑;
在每个分支中都有重复的环境代码是可以的吗?
我应该如何组织GitHub分支?
正确的CI/CD流程阶段是什么?
英文:
Just in case anyone has the same dilemma: here is an explanatory video from Hashicorp: https://www.youtube.com/watch?v=IDLGpkRmDXg&list=PLN_ubMte0AR5s9r4aKsIzZHWo5eGkch1f&index=1
Following the terraform documentation from here https://www.hashicorp.com/blog/structuring-hashicorp-terraform-configuration-for-production i develop my application using modules and environments. So I have modules for storage, computing, networking, etc., and three environment folders for devel, stage, and production.
The file structure looks like this
── modules
├── compute
│ ├── main.tf
│ ├── outputs.tf
│ ├── variables.tf
├── database
├── storage
── development
└── config.tf
└── main.tf
└── outputs.tf
└──provider.tf
└──variables.tf
── stage
── production
I deployed my code in the production environment, and everything works great, and now I want to deploy my staging and production environment.
I commit my code from development into a GitHub repo - development branch, but things get a little consing for me.
My first instinct was to create another two branches - for staging and production. But what about the environments folders I created in the original deployment code? I will end up with a development, stage, and production environment folder in each of those three GitHub branches.
I plan to use GitHub Actions - on branch push, do “terraform apply” for the environment that corresponds to that branch (do “terraform apply” for the development environment when a push is made to the development branch)
At this point, things are confusing;
Is it ok to have the duplicate code for each environment in each branch?
How should I organize the Github Branches ?
What will be the correct CI/CD pipeline stages?
答案1
得分: 1
My first instinct was to create another two branches
我的第一直觉是创建另外两个分支。
At this point, things are confusing; Is it ok to have the duplicate code for each environment in each branch?
此时,情况有些混乱;每个分支中都有每个环境的重复代码是否可以?
是的,可以。在使用 Terraform 时,最常见的两种架构是:
- 每个环境一个文件夹。
- 一个单一文件夹,利用 Terraform 的工作区来管理所有环境。
你一直在考虑的是第一种选项,但你也可以考虑第二种选项。第一种方法会有代码重复,但如果环境不完全相同,会让你的工作更容易一些。第二种方法没有代码重复,但根据环境之间的差异程度,环境特定配置可能会稍微繁琐一些。
英文:
> My first instinct was to create another two branches
Your instinct is correct. You should have one branch per environment, as this will allow you to make changes to one environment at a time, progressively. So first you would push your changes to the deployment branch, and if they are successful, you would then push the same changes to staging; likewise, if the changes are successful in staging, you would then push the changes to production.
> At this point, things are confusing; Is it ok to have the duplicate code for each environment in each branch?
Yes, it is ok. When working with terraform the two most common architectures are:
- One folder for each environment
- One single folder, which leverages terraform workspaces, for all environments
The first option is the one you've been considering, however you might also want to consider the second option. The first approach will have code duplication, however it will make your life easier if the environments aren't identical. The second approach has no code duplication, however environment specific configuration will be slightly cumbersome (depending on how many differences exist across the environments).
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论