create service opentofu-plan
Create a new OpenTofu plan service
Synopsis
Create
This command will create an OpenTofu plan service in torero's data store. The service can
later be executed via torero's run
command. Before creating an OpenTofu plan service, you
will need to ensure that a repository with the actual plan files exists.
See torero create repository -h
for more information.
Consider an OpenTofu plan that exists in a repository called example-repo
. The repository has
the following directory layout:
├── README.md
├── deployment-plans
│ ├── main.tf
│ └── prod.tfvars
We can specify that we want to use example-repo
via the --repository
flag.
Notice that our OpenTofu plan files exist in a directory called deployment-plans
. We can denote
this using the --working-dir
flag.
Any variables that are required by the plan can be specified using the --var
flag. The variables
can be specified using key=value
syntax.
A file within the repository that contains variables can be specified using the --var-file
flag.
The file must exist within the repository and the path to the file must be relative
to our working-dir
.
A decorator can be specified to allow for input validation when the service is executed
via the run
command.
For more information on decorators, run torero create decorator -h
.
Secrets that exist in torero's secret store can be set on an OpenTofu plan
service via the --secret
flag. The --secret
flag's value consists of three parts.
1. Name: The name of the secret in torero's secret store. See torero create secret -h
for more info.
2. Type: Type of secret to be injected. Only env
secrets which are injected via environment variables are currently available.
3. Target: The name of the environment variable to be injected into the service.
These parts are comma separated with a syntax that will resemble what is shown below:
--secret name=my-secret,type=env,target=ENV_VAR_NAME
torero create service opentofu-plan <service-name> --repository <name> [flags]
Examples
Create A Simple OpenTofu Service
Creates a simple OpenTofu service called my-opentofu-service
where the plan files are located
at the root of the my-repo
repository.
>_ torero create service opentofu-plan my-opentofu-service \
--repository my-repo
Create An OpenTofu Service That Uses a Secret
Creates an OpenTofu service that injects a secret called my-secret
from torero's
secret store into the service via an environment variable called TF_VAR_PASSWORD
.
>_ torero create service opentofu-plan vm_deployer \
--repository example-repo \
--working-dir virtual-machines \
--secret name=my-secret,type=env,target=TF_VAR_PASSWORD
Create A More Complex OpenTofu Service
Creates an OpenTofu service that takes advantage of many of the options available.
>_ torero create service opentofu-plan deployment-service \
--repository example-repo \
--working-dir deployment-plans \
--var server_name=examplehostname \
--var-file prod.tfvars \
--decorator my-decorator \
--secret name=my-secret,type=env,target=TF_VAR_PASSWORD \
--description "An OpenTofu plan to deploy servers" \
--tag servers
Options
--decorator string The name of the decorator to be associated with the service
--description string A brief description of the service
-h, --help help for opentofu-plan
--repository string The repository that contains the OpenTofu plan
--secret stringArray Secret to be injected into the service at runtime
--tag stringArray Metadata tag(s) to associate with the service
--var stringArray A key value pair separated by a '=' character to be used by OpenTofu during a plan execution
--var-file stringArray The path to a variable file to be used by OpenTofu during a plan execution. Must be relative to the 'working-dir'
--working-dir string The path to the directory where the plan exists. The path must be relative to the root of the repository
Options inherited from parent commands
--config string Specify the path to the configuration file
--raw Displays the result of the command in its raw format
--verbose Enable verbose output
SEE ALSO
- torero create service - Create a service