OTS: Open Terraforming Server

Overview

OTS: Open Terraforming Server

A prototype open source alternative to terraform enterprise.

Functionality is currently limited:

  • State backend (state stored in a sqlite database)
  • Workspace management (supports terraform workspace commands)
  • Local execution mode (plans and applies run locally)

Getting Started

These steps will get you started with running everything on your local system. You'll setup the server, configure SSL so that terraform trusts the server, and then configure terraform. You'll then be able to run terraform commands using the server as a remote backend.

demo

  1. Download and extract a release.

  2. Generate SSL cert and key. For example, to generate a self-signed cert and key for localhost:

    openssl req -x509 -newkey rsa:4096 -sha256 -keyout key.pem -out cert.crt -days 365 -nodes -subj '/CN=localhost' -addext 'subjectAltName=DNS:localhost'
  3. Ensure your system trusts the generated cert. For example, on Linux:

    sudo cp cert.crt /usr/local/share/ca-certificates
    sudo update-ca-certificates
    
  4. Run the OTS daemon:

    ./otsd -ssl -cert-file cert.crt -key-file key.pem

    The daemon runs in the foreground and can be left to run.

  5. In another terminal create an organization:

    curl -H"Accept: application/vnd.api+json" https://localhost:8080/api/v2/organizations -d'{
      "data": {
        "type": "organizations",
        "attributes": {
          "name": "mycorp",
          "email": "[email protected]"
        }
      }
    }'
  6. Enter some dummy credentials (this is necessary otherwise terraform will complain):

    cat > ~/.terraform.d/credentials.tfrc.json <<EOF
    {
      "credentials": {
        "localhost:8080": {
          "token": "dummy"
        }
      }
    }
    EOF
  7. Configure the terraform backend and define a resource:

    cat > main.tf <<EOF
    terraform {
      backend "remote" {
        hostname = "localhost:8080"
        organization = "mycorp"
    
        workspaces {
          name = "dev"
        }
      }
    }
    
    resource "null_resource" "e2e" {}
    EOF
  8. Run terraform!:

    terraform init
    terraform plan
    terraform apply

Next Steps

OTS is a mere prototype but a roadmap of further features could be:

  • User AuthN/Z
  • Remote execution mode
  • Agents
  • Github integration
  • Policies (OPA?)
  • Web frontend

Building

You'll need Go installed.

Clone the repo, and then build and install the binary using the make task:

git clone https://github.com/leg100/ots
cd ots
make install

That'll create a binary inside your go bins directory (defaults to $HOME/go/bin).

Issues
  • Restructure to use conventional layout

    Restructure to use conventional layout

    Use standard go package layout for project structure. This will help to keep the project organised as it grows in size & complexity.

    opened by ghost 1
  • Lint using staticcheck and address issues

    Lint using staticcheck and address issues

    Use staticcheck for linting. Make it a pre-condition for PR merges.

    opened by leg100 0
  • Cache plugins

    Cache plugins

    null

    opened by leg100 0
  • Aim for parity between http client and server interfaces

    Aim for parity between http client and server interfaces

    We want the client and server APIs to be identical where possible. This is useful for components such as the agent, which could use either API, depending on whether it is running remotely (client) or in-process (server). Currently only the latter is possible, but by making the interfaces identical the former will be easier to implement too.

    opened by leg100 0
  • Websocket server

    Websocket server

    null

    opened by leg100 0
  • Rename from ots to otf

    Rename from ots to otf

    null

    opened by leg100 0
  • Execution environment

    Execution environment

    Refactor. Introduces an executor, or an execution environment, for processing 'jobs'. Jobs are always a plan or an apply, but this new abstraction hides their complexity from the agent, the component responsible for remote executions of plans and applies. The agent now need only be concerned with an executor and a job.

    opened by leg100 0
  • Store logs on disk

    Store logs on disk

    Store logs on disk rather than in the DB.

    opened by leg100 0
  • Coalesce update status func

    Coalesce update status func

    Clean up run update status functionality.

    opened by leg100 0
  • Fix log writer

    Fix log writer

    null

    opened by leg100 0
  • Honor terraform version

    Honor terraform version

    oTF just uses whatever version of terraform is in its PATH, ignoring both the:

    • default version specified in the codebase
    • per-workspace version specified in workspace obj

    It should honor both. It should probably download the specified version too if not found.

    opened by leg100 0
  • Unexpected behaviour when POST'ing to the organizations endpoint without an accept header

    Unexpected behaviour when POST'ing to the organizations endpoint without an accept header

    POST requests to the /api/v2/organizations endpoint without an Accept header produce a HTTP status 404:

    $ curl -i https://localhost:8080/api/v2/organizations -d'{
      "data": {
        "type": "organizations",
        "attributes": {
          "name": "mycorp",
          "email": "[email protected]"
        }
      }
    }'
    HTTP/2 404 
    content-type: text/plain; charset=utf-8
    x-content-type-options: nosniff
    content-length: 19
    date: Sat, 19 Jun 2021 17:30:34 GMT
    
    404 page not found
    

    My interpretation of the JSON:API spec is that in this case the server should respond with 406 not acceptable. I'm happy to make the change if that sounds correct?

    opened by ghost 2
  • BDD for E2E testing?

    BDD for E2E testing?

    Could a BDD framework like behave be used for E2E testing using the terraform binary? This would simplify creating & updating test cases, and would simplify testing with new versions of the terraform CLI.

    opened by ghost 3
Releases(v0.0.11)
Owner
Louis Garman
All things Kubernetes and Terraform.
Louis Garman
Neko is a cross-platform open-source animated cursor-chasing cat. This is the reimplementation write in Go.

Neko Neko is a cat that chases the mouse cursor across the screen, an app written in the late 1980s and ported for many platforms. This code is a re-i

Cesar Gimenes 8 Nov 19, 2021
A bin which will keep screen open by moving a mouse

Stay Awake This is a small program which will move mouse up and down to keep screen on. This stimulates like user is doing something. Motivation I had

Nirav Patel 0 Oct 21, 2021
Code snippets by first time open source contributors

Introduction Golang code snippets by first time open source contributors Rules How to contribute Add a folder and create your desired code snippet fil

Luigi Morel 1 Oct 6, 2021
RTS: request to struct. Generates Go structs from JSON server responses.

RTS: Request to Struct Generate Go structs definitions from JSON server responses. RTS defines type names using the specified lines in the route file

Paolo Galeone 226 Nov 25, 2021
A minimalistic message queue server, in Go

lineup, a tiny queue server lineup is a very simple queue server. all it does is serve a binary-safe priority queue with a simple protocol insp

Justin Poliey 29 Jun 10, 2021
ephemeral metric aggregation server

hemera hemera is a zero-dependency statsd implementation written in Go. The project takes advantage of modular packages and interfaces to make connect

Andres Orozco 15 Jun 13, 2020
server for dozenplans

DozenPlans Server 学习养成计划主要是针对考研学生用户的任务管理系统, 用户可以添加 学习 任务, 每个任务都有自己的主题、 完成时间和优先级, 根据设定的完成时间和优先级对 用户进行不同频率的提醒, 直到其完成该任务, 任务可以设定提醒频率和时间期限, 避免导致任务越堆积越多, 除

null 3 Sep 17, 2021
thermal print server for esc pos printers

thprint thprint is an extremely simple printing server for thermal printers connected to raspberry pis. This printing server exposes a print endpoint

chidoba MEXICAN GRILL 1 Nov 4, 2021
Count Dracula is a fast metrics server that counts entries while automatically expiring old ones

In-Memory Expirable Key Counter This is a fast metrics server, ideal for tracking throttling. Put values to the server, and then count them. Values ex

Mailsac 13 Dec 3, 2021
Redis powered simple OTS service - contains two endpoints, to create and find a secret

Onetimesecret This is a simple service that stores and finds your secret. Small but powerfull service - does not have any unnesseccery dependencies. H

Dimitar Iliev 0 Nov 20, 2021
Open-IM-Server is open source instant messaging Server.Backend in Go.

Open-IM-Server Open-IM-Server: Open source Instant Messaging Server Instant messaging server. Backend in pure Golang, wire transport protocol is JSON

OpenIM Corporation 5.1k Nov 25, 2021
Open-IM-Server is open source instant messaging Server.Backend in Go.

Open-IM-Server is open source instant messaging Server.Backend in Go.

OpenIM Corporation 5.4k Dec 4, 2021
Feishu/Lark Open API Go Sdk, Support ALL Open API and Event Callback.

lark 中文版 README Feishu/Lark Open API Go Sdk, Support ALL Open API and Event Callback. Created By Code Generation. Install go get github.com/chyroc/lar

chyroc 106 Nov 30, 2021
Magma is an open-source software platform that gives network operators an open, flexible and extendable mobile core network solution.

Connecting the Next Billion People Magma is an open-source software platform that gives network operators an open, flexible and extendable mobile core

Magma 1.1k Dec 7, 2021
SigNoz helps developers monitor their applications & troubleshoot problems, an open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open source Application Performance Monitoring (APM) & Observability tool

Monitor your applications and troubleshoot problems in your deployed applications, an open-source alternative to DataDog, New Relic, etc. Documentatio

SigNoz 4.7k Sep 24, 2021
go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data.

go-opa-validate go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data. Installation Usage Cont

chenk 3 Nov 7, 2021
An open-source, distributed, cloud-native CD (Continuous Delivery) product designed for developersAn open-source, distributed, cloud-native CD (Continuous Delivery) product designed for developers

Developer-oriented Continuous Delivery Product ⁣ English | 简体中文 Table of Contents Zadig Table of Contents What is Zadig Quick start How to use? How to

null 0 Oct 19, 2021
mesh-kridik is an open-source security scanner that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rules.

mesh-kridik Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security scanner that performs various security checks on a

chenk 4 Nov 30, 2021
Uniqush is a free and open source software system which provides a unified push service for server side notification to apps on mobile devices.

Homepage Download Blog/News @uniqush Introduction Uniqush (\ˈyü-nə-ku̇sh\ "uni" pronounced as in "unified", and "qush" pronounced as in "cushion") is

Uniqush 1.3k Nov 29, 2021
Headscale - An open source, self-hosted implementation of the Tailscale control server

Headscale - An open source, self-hosted implementation of the Tailscale control server

Juan Font 2.4k Nov 28, 2021
CasaOS - A simple, easy-to-use, elegant open-source home server system.

CasaOS - A simple, easy-to-use, elegant open-source home server system. CasaOS is an open-source home server system based on the Docker ecosystem and

IceWhale 591 Nov 28, 2021
An open source Pusher server implementation compatible with Pusher client libraries written in Go

Try browsing the code on Sourcegraph! IPÊ An open source Pusher server implementation compatible with Pusher client libraries written in Go. Why I wro

Hava 0 Oct 15, 2021
Uses the Finger user information protocol to open a TCP connection that makes a request to a Finger server

Finger Client This client uses the Finger user information protocol to open a TCP connection that makes a request to a Finger server. Build and Run Ru

Linda Xiao 0 Oct 7, 2021
Free and open source, powerful network-wide ads & trackers blocking DNS server

Privacy protection center for you and your devices Free and open source, powerful network-wide ads & trackers blocking DNS server. AdGuard.com | Wiki

Lupael 1 Nov 20, 2021
An open source Pusher server implementation compatible with Pusher client libraries written in GO

Try browsing the code on Sourcegraph! IPÊ An open source Pusher server implementation compatible with Pusher client libraries written in Go. Why I wro

Claudemiro 341 Dec 2, 2021
Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go.

Ponzu Watch the video introduction Ponzu is a powerful and efficient open-source HTTP server framework and CMS. It provides automatic, free, and secur

Ponzu 5.4k Dec 5, 2021
a framework in golang for game server or app server

einx a framework in golang for game server or app server. a example server for einx (https://github.com/Cyinx/game_server_einx) Features User-Friendly

Cyinx 391 Nov 25, 2021
Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl. At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

Mateusz Gozdek 3 May 19, 2021