create service opentofu-plan

Create a new OpenTofu plan service

Synopsis

Create

This command will create an OpenTofu plan service in torero's data store. The service can later be executed via torero's run command. Before creating an OpenTofu plan service, you will need to ensure that a repository with the actual plan files exists. See torero create repository -h for more information.

Consider an OpenTofu plan that exists in a repository called example-repo. The repository has the following directory layout:

├── README.md
├── deployment-plans
│   ├── main.tf
│   └── prod.tfvars

We can specify that we want to use example-repo via the --repository flag.

Notice that our OpenTofu plan files exist in a directory called deployment-plans. We can denote this using the --working-dir flag.

Any variables that are required by the plan can be specified using the --var flag. The variables can be specified using key=value syntax.

A file within the repository that contains variables can be specified using the --var-file flag. The file must exist within the repository and the path to the file must be relative to our working-dir.

A decorator can be specified to allow for input validation when the service is executed via the run command.

For more information on decorators, run torero create decorator -h.

Secrets that exist in torero's secret store can be set on an OpenTofu plan service via the --secret flag. The --secret flag's value consists of three parts. 1. Name: The name of the secret in torero's secret store. See torero create secret -h for more info. 2. Type: Type of secret to be injected. Only env secrets which are injected via environment variables are currently available. 3. Target: The name of the environment variable to be injected into the service.

These parts are comma separated with a syntax that will resemble what is shown below: --secret name=my-secret,type=env,target=ENV_VAR_NAME

torero create service opentofu-plan <service-name> --repository <name> [flags]

Examples

Create A Simple OpenTofu Service

Creates a simple OpenTofu service called my-opentofu-service where the plan files are located at the root of the my-repo repository.

>_ torero create service opentofu-plan my-opentofu-service \
--repository my-repo

Create An OpenTofu Service That Uses a Secret

Creates an OpenTofu service that injects a secret called my-secret from torero's secret store into the service via an environment variable called TF_VAR_PASSWORD.

>_ torero create service opentofu-plan vm_deployer \
--repository example-repo \
--working-dir virtual-machines \
--secret name=my-secret,type=env,target=TF_VAR_PASSWORD

Create A More Complex OpenTofu Service

Creates an OpenTofu service that takes advantage of many of the options available.

>_ torero create service opentofu-plan deployment-service \
--repository example-repo \
--working-dir deployment-plans \
--var server_name=examplehostname \
--var-file prod.tfvars \
--decorator my-decorator \
--secret name=my-secret,type=env,target=TF_VAR_PASSWORD \
--description "An OpenTofu plan to deploy servers" \
--tag servers

Options

      --decorator string       The name of the decorator to be associated with the service
      --description string     A brief description of the service
  -h, --help                   help for opentofu-plan
      --repository string      The repository that contains the OpenTofu plan
      --secret stringArray     Secret to be injected into the service at runtime
      --tag stringArray        Metadata tag(s) to associate with the service
      --var stringArray        A key value pair separated by a '=' character to be used by OpenTofu during a plan execution
      --var-file stringArray   The path to a variable file to be used by OpenTofu during a plan execution. Must be relative to the 'working-dir'
      --working-dir string     The path to the directory where the plan exists. The path must be relative to the root of the repository

Options inherited from parent commands

      --config string   Specify the path to the configuration file
      --raw             Displays the result of the command in its raw format
      --verbose         Enable verbose output

SEE ALSO