Skip to content

devoteamgcloud/petra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

536 Commits

.github

.github

 
 

cmd

cmd

 
 

docs

docs

 
 

internal

internal

 
 

tests

tests

 
 

vendor

vendor

 
 

.gitignore

.gitignore

 
 

.goreleaser.yml

.goreleaser.yml

 
 

Dockerfile

Dockerfile

 
 

Dockerfile.manual

Dockerfile.manual

 
 

Dockerfile.petractl

Dockerfile.petractl

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

cosign.pub

cosign.pub

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

mkdocs.yml

mkdocs.yml

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

Petra (Private Terraform Registry)


Latest Release Build Status Documentation Linter Release

Petra is a lightweight tool that allows to host your own private Terraform registry using Google Cloud Storage as a storage backend.

Petra is not an official Devoteam product and is provided as-is to the community.

Welcome to VHS

Components

petra (server)

Server to get a terraform module versions / get a signed URL to download a module from a private registry (Google Cloud Storage bucket). Configured by the following env vars :

  • GCS_BUCKET: Bucket used to host Terraform modules
  • SIGNED_URL: (Optional) Enables the use of a Signed URL for the download api routes. Defaults to false and just forwards a gcs:// link

petractl (cli)

CLI to upload / remove / upload a terraform module to a private registry (Google Cloud Storage bucket).

Example usage :
bash petractl push --bucket tf-registry-petra ../tests/mod1

Deployment

Deploy Server on Cloud Run

Cloud Run's service account must have the following roles:

  • Service Account Token Creator (used to create signed url)
  • Storage Object Admin (access objects in bucket) for the bucket where you store the terraform modules.

Then terraform init:

// main.tf
module "my_module" {
  source  = "{CLOUD_RUN_URL}/{NAMESPACE}/{MODULE}/{PROVIDER}/{VERSION}"
}

or specify the module version separately :

// main.tf
module "my_module" {
  source  = "{CLOUD_RUN_URL}/{NAMESPACE}/{MODULE}/{PROVIDER}"
  version = "{VERSION}"
}

Deploy Server on GKE with Workload Identity

Activate Workload Identity and the service account must have the following roles:

  • Service Account Token Creator (create signed url)
  • Storage Object Admin (access objects in bucket) for the bucket where you store the terraform modules

Then terraform init:

// main.tf
module "my_module" {
  source  = "{PETRA_SERVER}/{NAMESPACE}/{MODULE}/{PROVIDER}"
  version = "{VERSION}"
}

Development

Follow these steps if you are OK installing and using Go on your machine.

  1. Install Go.
  2. Install Visual Studio Code.
  3. Install Go extension.
  4. Clone and open this repository.
  5. F1 -> Go: Install/Update Tools -> (select all) -> OK.

Release

The release workflow is triggered each time a tag with v prefix is pushed.

CAUTION: Make sure to understand the consequences before you bump the major version. More info: Go Wiki, Go Blog.

Maintainance

Remember to update Go version in .github/workflows

Notable files:

Contributing

Simply create an issue or a pull request.

FAQ

How can I customize the release or add deb/rpm/snap packages, Homebrew Tap, Scoop App Manifest etc

Take a look at GoReleaser docs as well as its repo how it is dogfooding its functionality.

About

Private Terraform Registry Manager

devoteamgcloud.github.io/petra/

Topics

go terraform google-cloud-storage google-cloud-platform private-registry

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

39 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 33

v0.4.2 Latest
Jul 12, 2023
+ 32 releases

Packages 2

 
 

Contributors 5

Languages