search

binbashar / leverage

Binbash Leverage CLI intended to orchestrate Leverage Reference Architecture for AWS (www.binbash.co/leverage)
https://pypi.org/project/leverage/
Apache License 2.0
17 stars 2 forks source link

Feature | Implement Pre-flight Terraform Version Checks in Leverage CLI #259

Closed exequielrafaela closed 1 week ago

exequielrafaela commented 4 months ago

Describe the Feature

Implement a pre-flight check feature within the Leverage CLI that validates the versions of Terraform modules, Terraform core, and Terraform providers before deployment to ensure they meet predefined version criteria.

Expected Behavior

The Leverage CLI should perform automated checks against the versions of Terraform modules, core, and providers utilized in the Reference Architecture project layer. If versions are outdated or do not meet the criteria set for stability and security, the CLI should issue a warning.

Use Case

The motivation for this feature arises from the necessity to standardize version management across multiple deployments, ensuring all Terraform configurations are consistently updated. This helps prevent the "configuration drift" and incompatibility issues that can arise from using multiple versions of Terraform tools in different parts of the architecture, such as the Landing Zone, SSO, and Security Baseline.

Describe Ideal Solution

A desirable solution includes:

Additional Context

Adding this feature will significantly streamline the process of maintaining up-to-date and secure infrastructure deployments. It aligns with best practices for infrastructure as code (IaC) management by enforcing version consistency and reducing the administrative burden on individual developers. This feature is particularly critical as we scale up operations and increase the frequency of deployments and updates across various projects.

borland667 commented 4 months ago

@exequielrafaela @diego-ojeda-binbash do we have a list of components and versions we want to check for ?

borland667 commented 4 months ago

@exequielrafaela @diego-ojeda-binbash

As agreed in planning.

We'll start with a simple check of the module by inspecting the git source and comparing current vs latest by the time we run leverage tf init in that layer.

exequielrafaela commented 1 week ago

We'll favor https://developer.mend.io/github/binbashar/le-tf-infra-aws for this issue.