Atlantis is actually a DevOps tool that helps organizations to automate their infrastructure management and deployment processes. It is an open-source tool that streamlines the management of infrastructure as code (IaC) and helps teams collaborate more effectively on large-scale infrastructure projects.
At its core, Atlantis is designed to work with Terraform, a popular infrastructure provisioning tool. It provides a centralized workflow for managing Terraform configuration files, allowing teams to review and approve changes before they are applied to production environments.
One of the key benefits of Atlantis is that it helps to reduce the risk of errors and misconfigurations in infrastructure deployments. By providing a standardized workflow and approval process, it ensures that all changes are thoroughly tested and reviewed before they are applied.
Additionally, Atlantis integrates with many popular DevOps tools, including GitHub, Bitbucket, and GitLab, making it easy to incorporate into existing workflows. It also provides detailed reporting and notifications, allowing teams to stay on top of infrastructure changes and quickly identify any issues that arise.
Overall, Atlantis is a powerful tool for organizations looking to streamline their infrastructure management and deployment processes. By automating many of the tedious and error-prone tasks associated with infrastructure management, it allows teams to focus on delivering high-quality products and services to their customers.
**
Getting started with Atlantis...
**
To read more about Atlantis go to https://www.runatlantis.io/.
With Atlantis, developers are able to write and apply Terraform safely. They submit pull requests, can run atlantis plan
until their change looks good and then get approval from Ops to apply.
Installation Guide
There are multiple ways to install/deploy Atlantis ": Installation Guide
Helm-chart seems pretty straight forward to be defined in values.yml
https://www.runatlantis.io/docs/deployment.html#kubernetes-helm-chart
Based on the Version Control System : Github / Enterprise , GitLab, .. setup the Webhook as described in WebHook Configuration
Atlantis Configuration
Three methods for configuring Atlantis:
Passing flags to the atlantis server command
Creating a server-side repo config file and using the --repo-config flag
Placing an atlantis.yaml file at the root of your Terraform repositories
Details on Configuring Atlantis
Workflow Hooks
As part of Workflow setup:
Pre Workflow Hooks
Post Workflow hooks
For Atlantis also supports Terragrunt apart from Terraform but not natively.
Atlantis supports with help of Custom Worksflows
Using-Atlantis
Once Atlantis is Installed, Configured and Workflows are in-place Atlantis will be in action with supported commands Atlantis in Action
How Atlantis Works
There are different aspects that need to be understood in detail while using Atlantis
-
Locking
the environment/workspace while provisioning infra in collaboration -
Autoplan
how the infrastructure changes should be configured with any change in repo. -
Automerge
how tge changes should be merged with successful PR plan.
More Details
More robust setup
with the above deployment and configuration, you are all set to use Atlantis but there are few more things that can be put in place for a better and a safer utilization of Atlantis.
The atlantis.yaml
file actually requires Project setup which has to be modified manually in case any folders are added ex. in GitHub which has to be monitored by Atlantis. If there are few resources to be provisioned and monitored than this looks fine to be managed manually but in most of the cases provisioning is not limited and anything that involves manual intervention is prone to error.
This can be automated by using another open-source tool by Transcend.io terragrunt-atlantis-config
This generates the project section automatically based on the changes done and raised during PR.
Adding Code Analysis Tool
Can we ever imagine sitting back and manually reading each line of code to find flaws? To ease our work, several types of static analysis tools are available in the market which helps to analyze the code during the development and detect fatal defects early in the SDLC phase.
Some tools that have been proven to be the best-fit in IAC for Terraform are:
The good thing about these Static Code Analysis tools are they can be used in conjunction with each other which increases the code coverage perimeter.
Pre-commit Hooks for Terraform
Enforcing Terraform Linting and Security Standards Using Pre-Commit Hooks
We can use Pre-Commit Hooks as an on-demand tool to integrate and use these tools before checking code into source control.
Installation, Hooks, Usage all described in detail at https://github.com/antonbabenko/pre-commit-terraform#readme
Top comments (1)
Excellent writeup. Thanks