►
Description
Jamie Reid, Technical Account Manager, covering Terraform plan view in MR and http terraform state backend
A
A
So,
last
but
not
least,
a
couple
of
new
terraform
features
in
13.0,
first
of
which
is
get
labs,
integrated,
HTTP,
terraform,
state
back-end
and
secondly,
we've
now
got
a
merge
request.
Widget
that
provides
a
summary
of
your
terraform
plan
output
directly
within
your
merge
request
view
our
Doc's,
as
thank
you
kind
of
like
christian
and
simon
both
mentioned,
are
pretty
solid
here.
A
So
if
there's
any
product
folks
presents
or
listening
thanks
for
an
awesome
job
on
that,
and
they
really
do
a
good
job
of
covering
the
what's
in
the
how
of
infrastructure
is
code
and
all
of
these
new
terraform
things
that
we've
brought
to
get
labs,
so
I'm
gonna
focus
more
on
the.
Why
trying
to
mesh?
You
know
what
this
is
with,
how
it
fits
with
get
labs
value
drivers
and
the
conversations
were
having
with
customers
first,
the
HTTP
state
back
in
for
terraform.
A
So
for
the
uninitiated,
which
is
me
I've,
seen
lots
of
you
know
talk
about
infrastructure
as
code,
you
know,
I
thought
I
knew
what
terraform
was,
but
it
never
actually
got
my
hands
dirty.
So
I
took
this
as
an
opportunity
to
try
and
learn
something
new
and
in
a
game.
The
docs
really
helped
here
so
for
those
that
aren't
familiar
terraform
backends
or
what
contains
this
state
of
your
infrastructure.
A
If
you,
if
you're,
not
familiar
with
terraform,
it's
a
tool
designed
to
allow
you
to
declare
what
you'd,
like
your
infrastructure
to
be
and
to
look
like
and
then
it'll
go
through
the
process
of
you
can
hit
validate
the
sort
of
lint
and
check
that
your
declaration
is
is
well-formed.
Then
you
do
a
terraform
plan
which
compares
what
your
declaration
is
versus,
what
your
infrastructure
actually
is
and
apply
tries
to
make
the
to
match,
and
so
the
backend
is
really
that
that
stateful
store
of
what
actually
is
in
in
production
by
default.
A
If
you
just
download,
terraformer
install
it
and
run
it,
it's
gonna
use
what
they
call
the
local
back-end,
and
that
is
just
like
th
state
files
that
are
like
binary
stores
of
State
on
your
local
disk.
That's
all
well
and
good,
and
it's
fine
if
you're
just
a
one-person
team.
But
if
you
want
to
collaborate
with
others
having
a
shared
store.
State
is
really
important
to
make
sure
that
you're
all
singing
the
same
tune.
A
Likewise
the
ability
to
lock
that
down,
while
you're,
doing
eight
and
apply,
which
can
be
kind
of
a
multi
minute,
quite
a
long
process,
depending
on
what
you
want
your
infrastructure
to
be,
it
look
like
being
able
to
lock
that
and
say:
listen
like
I'm
making
a
change
and
everybody
else
may
be
collaborating
with
me.
Please
don't
collaborate
and
step
on
my
toes.
A
Actually,
I
think
that's
next
slide,
so
I'm
jumping
ahead.
For
now.
The
the
technical
tidbits
here
are
that,
if
you're,
if
you're,
calm
user,
you
really
don't
mean
to
think
about
it
right
it
just
works
and
I
can
show
off
where
the
HTTP
endpoint
exists
and
how
that
looks.
If
you're
a
self
managed
customer
today,
the
sort
of
technical
tip
it
is,
we
use
local
storage.
So
it's
like
VAR
opt
get
lab,
something
where
state
is
stored.
Any
lab
does
encrypt
that
state,
but
you
can
also
opt
to
use
object.
Storage
such
as
Amazon
s3.
A
Now
the
the
PowerPoint
dad
joke
I've
been
waiting
all
morning
to
make
here.
I
mentioned
and
I
wanted
to
give
specific
props
that
make
let's
click,
who's
the
e/m
in
configure
for
a
really
good
documentation
and
I've
linked
here
to
his
example,
project
which
really
helped
me
get
going
from
0
to
100
real
quick.
A
So
this
is
like
a
quick
and
a
glance
summary
of
any
additions
to
or
removals
you're
making
to
your
infrastructure,
as
as
terraform
plan
provides,
but
disappears
directly
in
the
merge
request,
with
a
handy
link
to
the
actual
job
that
created
that
full
terraform
plan
out
put
and
we've
actually
got
a
step
farther
and
we've
created
a
an
inheritable
or
customizable
template.
As
part
of
you
know,
just
like
the
Auto
DevOps
build
or
test
templates
you
can
inherit,
but
you
don't
actually
have
to
use
it.
A
You
just
have
to
sort
of
obey
the
the
artifact
output
in
here
and
I've,
taken
a
screenshot
of
at
least
a
piece
of
what
that
good
lab
CI
would
look
like,
but
it's
the
artifacts
reports
terraform
object
that
the
merge
request
looks
for
if
that
exists,
and
if
it's
well-formed
JSON
that
it
can
parse
it'll
show
a
quick.
You
know
kind
of
one-line
summary
that
I
hope
I
can
hopefully
show
off
here
of
exactly
what
Terra
formats
provided
to
you
again.
If
you
take
nothing
away
other
than
this.
A
The
point
is
by
giving
our
users
immediate
glanceable
information
directly
in
the
mr
we're
helping
them
deliver
better
software
faster
or
in
this
case,
better
infrastructure
faster
and
now
for
the
fun
part.
The
demo,
so
I've
got
a
public
project
here
that
you
have
a
fruity
clone
of
for
play
with
those
you
wish
that
hopefully
it'll
work,
but
as
Marcus
shown
that
live
demos
are
always
a
bit
of
fun.
A
The
joke
here
is:
it's
always
good
to
be
more
efficient
when,
when
we're
running
up
get
labs
TCP
bill.
So
what
the
project
here
actually
does
is
you
can
use
it
to
spin
up
a
kubernetes
cluster
in
gke,
so
Nick
Nicholas
click
head
had
a
good
example
of
using
AWS
and
spinning
up
an
ec2
instance
inside
of
a
defined
BPC
I
thought
I'd,
try
something
of
a
different
approach
and
one
of
the
different
cloud
providers
to
provide
folks
kind
of
a
different
choice
of
examples.
A
So
the
project
itself
is
pretty
straightforward.
There's
a
good
lab
see,
I
am
like
you're
defined.
We
define
the
image
we're
using
the
terraform
image,
and
actually
all
of
this
was
pretty
much
a
copy-paste
out
of
the
template
that
I've
linked
in
the
slides,
visible
for
script.
That
runs
that
actually
defines
an
alias-
and
this
is
the
alias
that's
used
to
convert
the
output
of
terraform
plan,
remove
any
sensitive
credentials,
and
then
you
can
use
that
later
on
during
the
planned
stage.
A
Pardon
me
the
build
stage.
This
is
the
plan.
Job
terraform
will
show
the
output
of
plan
and
then
convert
between
your
pipe
beginning
to
convert
report,
which
is
then
writes
a
file
in
the
container
point
JSON,
which
the
job
passes
out
as
an
artifact.
That's
what
really
triggers
the
magic
and
the
the
merge
request
view
so
the
other
stuff
I'll
show
off
relating
to
the
HTTP
state
back-end.
So
it's
a
pretty
pretty
basic
State
backing,
so
it's
it
authenticates
via
the
use
of
an
API
token.
A
So
it
looks
very
much
like
another
API
calls.
If
you've
got
a
valid
gitlab
API
took,
and
you
can,
you
can
do
it
like
a
curl
like
an
HTTP
GET
against
your
project,
ID
terraform
state
and
then
the
project
name
that
should
work
this
contains.
In
my
case,
this
is
version
4
of
the
terraform
terraformers,
understanding
of
my
infrastructure
state
and
there's
a
big
pile
of
JSON
here
that
describes.
There's
there's
some
resources
like
there's
a
EPC
and
Google's
compute
network.
There's
a
managed
subnet.
A
A
Yeah
when
we
show
off
the
the
mr
widget
and
then
I
think
I'll
yield
to
time
and
any
QA,
so
maybe
you've
got
a
cluster
up,
but
but
your
boss
is
on
your
shoulder
and
says:
hey,
listen!
You
wrote
your
cost
me
500
bucks
a
month
for
this
Q&A.
This
quest,
you
guys
size
it
down
in
this
case.
Here's
an
example,
mr
to
actually
make
a
very
basic
change
to
the
GK
I
need
to
file,
which
is
where
your
again,
where
you're
declaring
your
desired
infrastructure.
A
Previously
we
had
N
one
standard,
one
machines
in
the
note
pool
and
you
could
maybe
size
it
down
to
a
two
medium,
which
is
like
a
lighter
weight,
less
performant
machine
again.
The
point
of
merge
request
is
collaboration
right.
So
as
a
result
of
that
potentially
mirja
Beltaine
in
this
branch,
you
can
see
here
that
the
pipeline
is
run
was
successful
and,
as
a
result,
I've
got
a
terraform
plan
summary
here.
It's
a
very
quick.
It
looks
like
four
to
add
so
in
case
of
gke
and
kubernetes
clusters
in
general.
A
Terraform
doesn't
always
necessarily
provide
the
most
meaningful
sort
of
Delta,
but
there's
also
a
handy
link
out
here
to
the
the
full
output
of
tariffs
on
plan
which
they're,
given
some
knowledge
and
experience,
probably
able
to
parse
better
than
I.
That
would
help
help
you
understand
what
are
the
changes
they're
actually
being
making
made
here
as
part
of
this
merge
request,
that's
pretty
much
the
summary
any
questions
before
we
run
at
a
time
here,
I.
A
A
Won't
happen,
it's
it's
pretty
much
analogous
to
the
same
way
like
the
g-unit
XML
or
the
code.
Quality
reporting
works
as
long
as
you
specify
that
artifact
terraform
report
object,
so
any
job
that
passes
that
out
and
provided
its
json
formatted.
The
mr
will
show
that
widget
provided
that
artifact
has
been,
has
been
created
and
it
alert
parse
it
and
give
you
that
sort
of
changes.
Addition,
the
solutions,
okay,.
A
C
A
A
Showcase
first
thing:
I
hit
on
this
was
a
horrendous
bug,
so
do
not
put
any
periods
in
the
name
of
your
project
because
they
that,
if
there's
a
period
in
the
project,
slug
the
terraform
back
and
just
floral
for
us,
so
I
said
there
for
an
hour
wondering
what
am
I
doing
wrong.
Like
my
terraform
backend
doesn't
work
and
I've
open
it
issued
the
engineering
team
is
on
it,
but
everything
I
everything,
I,
try
and
demo
I
just
break
so
product.
Folks,
beware:.
E
Next
question
I
was
wondering:
is
our
our
container
team
they
implement
Auto,
DevOps
and
review
apps
I.
Don't
think
that
they
make
use
of
like
you
know,
terraform
or
infrastructure
is
cold
tools,
so
I
want
to
as
it
does
it
make
sense
to
try
to
re-implement
the
review
hat
feature
like
just
the
whole
provision
in
something
vironment.
Does
it
make
sense,
implement
that
in
tariffs
on?
Do
you
see
any
issues
with
that
in
terms
of
how
that
will
work,
yeah.
A
A
Think
in
the
case
of
a
review
I
just
today,
there's
probably
not
much
that
actually
changes
from
an
infrastructure
perspective
right,
like
you
really
just
you're,
making
an
ingress
change,
which
is
probably
a
bit
sort
of
below
them,
or
maybe
above
the
layer
of
terraform.
So
you
think,
if
you
think
her
form
is
like
in
the
case
of
kubernetes
managing
you
know
what
zones
or
regions
your
cluster
being
what
size
of
node
you
want
to
use.
It's
not
to
say
you
couldn't
do
that
with
terraforming.
A
Maybe
if
there's
any
folks
on
the
call
or
that
had
expertise
in
terraform
would
state
an
opinion
like
oh
yeah,
you
can
definitely
manage
that
in
terraform
and
make
that
change
in
terraform
today.
How
do
we
do
it?
We
use
like
we
just
passed
a
change
to
be
ingress,
like
the
in
genetics
and
ingress
chart
right
to
turn
up
like
a
specific
sort
of
review.
Ab
domain
name,
yeah.
E
I
think,
like
the
last
time,
I
I
read
through
it,
it's
like
there's
a
specific
job
that
spins
up
against
it.
Does
that
deployment
that
ingress
service
deploy
and
all
those
other
components
I
was
just
wondering
it's
like
there
any
plans
to
try
to
re-implement
yeah
I
think
what
you
said
makes
sense
is
that
the
nature
of
the
change
is
not
that
dramatic.
It's
just
you're,
just
being
a
temporary
environment.
It's
probably
just
the
same,
deploy
every
time,
love.
A
The
question
and
I
think
it'd
be
interesting
to
see
how
we
evolve
in
us.
This
way,
all
right,
like
I,
asked
the
question
in
one
of
my
last
slides.
There
I
think
the
combination
of
like
infrastructure
is
K
and
how
we
evolve
there,
plus
what
we're
doing
with
releases
and
release
evidence
I
think
that's
gonna
be
really
neat
to
see
how
those
play
together.
I
know
we're
at
time
so
I'll
yield
back
to
Chris,
but
thanks
for
question.
B
Thanks
to
all
our
presenters
today,
I
know
Simon
and
Christian
had
to
drop
off
big
thanks
to
them
to
Chloe
mark
and
Jeanie,
thanks
to
John
woods,
for
the
idea
to
kind
of
have
a
separate
focus
area
on
this
versus
just
doing
in
the
hall
hands
really
appreciate
the
support,
great
questions.
We
will
see
you
all
next
week.