search

terramate-io / terramate

Terramate CLI is an open-source Infrastructure as Code (IaC) Orchestration and Code Generation tool for Terraform, OpenTofu and Terragrunt.
https://terramate.io
Mozilla Public License 2.0
3.28k stars 92 forks source link

[FEATURE] decouple git from non-git features #1953

Open Indigenuity opened 3 days ago

Indigenuity commented 3 days ago

Is your feature request related to a problem? Please describe. It looks like terramate has several great features, but it's pretty difficult to evaluate them individually when they are tightly coupled by default. For example, a default install of terramate can't perform run commands or codegen without also configuring change detection.

I just attempted to use a few of the basic features I saw from a reddit post, but on my own repo with working terraform. It started fine. This all worked:

$ brew install terramate
$ terramate create --name app-db --description "Postgres DB for the app" live/app-db
Created stack /live/app-db
$ terramate create --name redis-cache --description "redis server for the app" live/redis-cache
Created stack /live/redis-cache
$ terramate list
app-db
redis-cache

So far, so great. But when I tried the basic feature of "run this terraform command for each stack", I ran into an unexpected git failure:

$ terramate run terraform version
Error: unable to fetch remote commit
> fetching remote commit of origin/main: Git.FetchRemoteRev: git ls-remote "origin" "main" can't parse:

This is a pretty surprising error for several reasons

At this point, I didn't even know Change Detection was a feature of terramate, so I was quite confused. Even after discovering it in the docs, I'm still confused at why I can't use a terramate run command without overriding a bunch of incorrect default settings for an unrelated feature.

Describe the solution you'd like Features other than Change Detection shouldn't require the user to configure Change Detection. Personally, I'd like to use terramate features like terramate run without git being involved at all. It's not immediately clear from the documentation whether that's even possible.

soerenmartius commented 2 days ago

Hey @Indigenuity,

Thanks for the feedback, I get your point and we had some users being confused in the past about the default behavior of Terramate / tight integration with Git per default. What you are describing here is yet another feature in Terramate called safeguards that are meant to prevent you from running into scenarios that aren't favorable (e.g., to apply changes locally without going through a review and CI/CD run).

Those safeguards can be configured/disabled on a per-check basis in your Terramate project. For details, please see https://terramate.io/docs/cli/orchestration/safeguards#safeguards. To disable all safeguards, you can use the -X flag when using terramate run, e.g., terramate run -X -- pwd.

Again, thanks for the constructive feedback. I'll take some time to open up a wider discussion with the team to see how we can perhaps incorporate your feedback and make Terramate more intuitive to use!