Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/casa-de-vops/terraform-code-standards

Comprehensive set of Terraform coding standards designed for enterprise-level projects
https://github.com/casa-de-vops/terraform-code-standards

automation automation-framework azure azuredevops devsecops devsecops-best-practices devsecops-pipeline github-actions iac iac-framework iac-projects iac-terraform infrastructure-as-code infrastructure-automation standards terraform terraform-project

Last synced: 2 days ago
JSON representation

Comprehensive set of Terraform coding standards designed for enterprise-level projects

Awesome Lists containing this project

README

        

# Terraform Coding Standards for Azure Infrastructure Projects

### ⚠️ **Advisory: Active Development** ⚠️

This repository is in **active** development. Until finished, use at your own discretion.

## Overview

This project aims to establish a comprehensive set of Terraform coding standards designed for enterprise-level projects. The goal is to ensure consistency, maintainability, and best practices across all Terraform configurations within the organization. These standards will guide Terraform code development, enabling teams to collaborate effectively and create robust, scalable, and secure infrastructure.

## Table of Contents

- [Introduction](#introduction)
- [Why Coding Standards?](#why-coding-standards)
- [Scope](#scope)
- [Getting Started](#getting-started)
- [Coding Standards](#coding-standards)
- [Directory Structure](./docs/directory_structure.md)
- [Domain Specific Files](./docs/domain_specific_files.md)
- [Naming Conventions](./docs/naming_conventions.md#naming-conventions)
- [Resource and State Management](./docs/resource_and_state_management.md)
- [Modules](./docs/module.md)
- [Variables and Outputs](./docs/variables_and_outputs.md)
- [Version Control](./docs/version_control.md)
- [Documentation](./docs/documentation.md)
- [Testing and Validation](./docs/testing_and_validation.md)
- [Azure Github Actions Workflows](#azure-github-actions-workflows)
- [Workflow Overview](./.github/workflows/README.md)
- [Azure DevOps Workflows](#azure-devops-workflows)
- [Workflow Overview](./.azuredevops/README.md)
- [Terraform CI/CD Workflow](./.azuredevops/docs/DEPLOY.md)
- [Terraform Force-Unlock Workflow](.azuredevops/docs/UNLOCK.md)
- [Contributing](#contributing)
- [License](#license)

## Introduction

As organizations scale their infrastructure using Terraform, maintaining consistency and adherence to best practices becomes crucial. This project sets forth a standardized approach to writing, organizing, and managing Terraform code within enterprise environments. The standards outlined here are intended to be flexible enough to accommodate various use cases while being strict enough to ensure quality and security.

## Why Coding Standards?

- **Consistency:** Ensure all Terraform code follows a uniform structure and style, making it easier for teams to collaborate.
- **Maintainability:** Facilitate code reviews, updates, and debugging by adhering to clear guidelines.
- **Security:** Incorporate best practices to safeguard against common security vulnerabilities in infrastructure code.
- **Scalability:** Enable infrastructure to grow and evolve without becoming unmanageable.
- **Compliance:** Align with organizational policies and regulatory requirements.

## Scope

These standards are based on my experience as a DevOps engineer primarily working in the Azure cloud environment. While many of these recommendations are general enough to apply across different cloud platforms—such as AWS and Google Cloud—they are scoped to reflect best practices and lessons learned from Azure-centric projects. Users are encouraged to adapt these standards as necessary to fit the specific needs and characteristics of other cloud environments.

These guidelines are intended for use by DevOps engineers, cloud architects, and developers involved in infrastructure management, particularly within Azure-based projects.

## Coding Standards

The **Coding Standards** section provides comprehensive guidelines to ensure consistency and best practices across your codebase. It includes documentation on [Directory Structure](./docs/directory_structure.md), [Domain Specific Files](./docs/domain_specific_files.md), [Naming Conventions](./docs/naming_conventions.md#naming-conventions), [Resource and State Management](./docs/resource_and_state_management.md), [Modules](./docs/module.md), [Variables and Outputs](./docs/variables_and_outputs.md), [Version Control](./docs/version_control.md), [Documentation](./docs/documentation.md), and [Testing and Validation](./docs/testing_and_validation.md). This section ensures that all team members adhere to a uniform set of coding practices, facilitating maintainability and scalability.

[^ table of contents ^](#table-of-contents)

## Azure GitHub Actions Workflows
[![Trigger Terraform Orchestration](https://github.com/casa-de-vops/terraform-code-standards/actions/workflows/trigger.yml/badge.svg)](https://github.com/casa-de-vops/terraform-code-standards/actions/workflows/trigger.yml)

The **GitHub Actions Workflows** section provides a set of reusable and scalable templates designed to automate the Terraform workflow across multiple environments in Azure. This includes validation, planning, security scanning, and applying Terraform configurations. The workflows are parameterized to support different environments and workloads, streamlining infrastructure management and improving deployment efficiency.

1. **[Deployment Workflow](./.github/workflows/README.md)**
- **Purpose:** Automates the validation, planning, inspection (security scanning), and application of Terraform configurations.
- **Features:**
- Validates Terraform configurations.
- Generates Terraform execution plans.
- Scans configurations for security vulnerabilities.
- Applies Terraform configurations to manage infrastructure across various environments.

[^ table of contents ^](#table-of-contents)

## Azure DevOps Workflows
[![Build Status](https://dev.azure.com/casa-de-vops/Terraform-Standards/_apis/build/status%2Fterraform-code-standards?repoName=terraform-code-standards&branchName=main)](https://dev.azure.com/casa-de-vops/Terraform-Standards/_build/latest?definitionId=529&repoName=terraform-code-standards&branchName=main)

The Azure DevOps Workflows section offers a set of reusable and scalable templates designed to automate the Terraform workflow across multiple environments in Azure. This includes validation, planning, security scanning, and applying Terraform configurations. The pipelines are parameterized to accommodate different environments and workloads, streamlining infrastructure management and enhancing deployment efficiency.

1. [Deployment Pipeline](./.azuredevops/docs/DEPLOY.md)
- **Purpose:** Automates the validation, planning, inspection (security scanning), and application of Terraform configurations.
- **Features:**
- Validates Terraform configurations.
- Generates execution plans.
- Scans configurations for security vulnerabilities.
- Applies the Terraform configurations to manage infrastructure across different environments.

2. [Unlock Pipeline](./.azuredevops/docs/UNLOCK.md)
- **Purpose:** Automates the unlocking process of Terraform state files, ensuring that locked states due to failed or interrupted operations can be safely unlocked.
- **Features:**
- Unlocks Terraform state files to allow further operations.
- Validates that the state has been successfully unlocked.
- Supports multiple environments and is fully parameterized.

[^ table of contents ^](#table-of-contents)

## Getting Started

To begin using these standards, clone this repository and review the documentation provided. Ensure that all new Terraform code follows the guidelines outlined in this document. Teams should also conduct code reviews to enforce adherence to these standards.

```bash
git clone https://github.com/casa-de-vops/terraform-code-standards.git
```

## Contributing

We welcome contributions from the community! If you'd like to contribute, please follow these steps:

1. Fork the repository.
2. Create a new branch (`git checkout -b feature/your-feature`).
3. Make your changes and commit them (`git commit -m 'Add your feature'`).
4. Push to the branch (`git push origin feature/your-feature`).
5. Open a Pull Request.

Please ensure your code adheres to the standards outlined in this document before submitting.

## License

This project is licensed under the Apache License. See the [LICENSE](LICENSE) file for more details.

[^ table of contents ^](#table-of-contents)