Deploy Terraform Modules from Git Branches

• Introduction
• Step-by-Step Guide
• Code Example
• Additional Notes
• Summary
• Conclusion
• References

When defining Terraform modules, you have the flexibility to specify particular branches from your Git repository as the source. This is achieved using the ref argument within the source parameter of your module block. This argument accepts various references, including branch names and tag names, similar to the git checkout command. By specifying a branch, you can target specific versions of your module for different environments or deployments. When Terraform processes your configuration, it clones the specified branch and utilizes the code within it to deploy your module. Keep in mind that Terraform adheres to your local Git configuration, including any authentication settings. If you make changes to the module code in the specified branch, you need to run terraform get or terraform init again to fetch the latest updates.

To use a specific branch from a Git repository as the source for your Terraform module, you can specify the branch name using the ref argument within the source parameter of your module block.

For example, to use the branch named "feature/new-vpc" from a repository hosted on GitHub, your module block would look like this:

module "example" {
  source = "github.com/your-username/your-module-repo?ref=feature/new-vpc"
  # ... other module configuration ...
}

This tells Terraform to fetch the module code from the specified branch ("feature/new-vpc") of the repository.

The ref argument accepts any reference that the git checkout command would accept, including branch names and tag names. This allows you to use specific versions of your module for different environments or deployments.

Terraform will clone the specified branch of the repository and use the code within it to deploy your module. It's important to note that Terraform will respect your local Git configuration, including any authentication settings you have in place.

If you update the module code in the specified branch, you'll need to run terraform get or terraform init again to download the latest changes.

This code demonstrates how to deploy an AWS VPC using a Terraform module sourced from a specific Git branch. It defines a module that pulls from a specified branch of a GitHub repository. The code then configures the module with a VPC name and CIDR block. This allows for using different versions or feature branches of a module in your Terraform deployments.

This example demonstrates how to deploy an AWS VPC using a Terraform module sourced from a specific branch.

Module Repository:

Let's assume you have a Terraform module for deploying a VPC in a GitHub repository: https://github.com/your-username/terraform-aws-vpc. This repository has a branch named feature/enhanced-subnet with some improvements to the subnet configuration.

Main Terraform Code:

# Configure the AWS Provider
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
}

provider "aws" {
  region = "us-west-2"
}

# Use the VPC module from the specific branch
module "vpc" {
  source = "github.com/your-username/terraform-aws-vpc?ref=feature/enhanced-subnet"

  vpc_name = "my-vpc"
  cidr_block = "10.0.0.0/16"
}

Explanation:

1. Module Definition: The module "vpc" block defines a module named "vpc".
2. Source with Branch: The source argument specifies the module's source repository and branch:
   • github.com/your-username/terraform-aws-vpc: This is the URL of the GitHub repository.
   • ?ref=feature/enhanced-subnet: This uses the ref argument to specify the branch named "feature/enhanced-subnet".
3. Module Configuration: The remaining lines configure the module with specific values for the VPC name and CIDR block.

Execution:

1. Save the code as main.tf.
2. Run terraform init to download the module from the specified branch.
3. Run terraform apply to deploy the VPC using the module's code.

This example demonstrates how to leverage the ref argument to utilize specific branches from your Git repositories for your Terraform modules, allowing for better version control and environment-specific deployments.

• Versioning Best Practices: While using branches offers flexibility, for production environments, it's generally recommended to use tags for module versions. Tags provide a static snapshot of your code, ensuring consistency across deployments.
• Local Development and ref: When using a branch with ref during local development, ensure your local repository has the branch checked out or fetched. Otherwise, Terraform might not find the specified branch.
• Authentication: If your Git repository requires authentication, ensure your local Git configuration is set up correctly with SSH keys or credentials. Terraform will use your local Git settings to authenticate with the repository.
• Terraform Cloud/Enterprise and Remote Plans/Applies: When using remote plans and applies with Terraform Cloud or Enterprise, the remote environment will need access to the Git repository. This might involve configuring SSH keys or access tokens within your Terraform Cloud/Enterprise workspace.
• Module Caching: Terraform caches downloaded modules. If you switch branches or update the ref, you might need to clear the cache (terraform init -upgrade) to ensure Terraform fetches the correct version.
• Alternative to ref: Instead of using ?ref=, you can directly embed the branch name in the repository path: github.com/your-username/your-module-repo//feature/new-vpc. This achieves the same result.
• Security Considerations: Be mindful of the code and potential secrets within the module you're fetching from a Git repository, especially if it's a public repository.

In conclusion, leveraging the ref argument within the source parameter of your Terraform module blocks provides a powerful mechanism for specifying particular branches from your Git repositories. This enables you to target specific versions of your modules, facilitating better version control and environment-specific deployments. By understanding this feature and following best practices, you can enhance the flexibility and maintainability of your Terraform infrastructure code.

• Module Sources | Terraform | HashiCorp Developer | Terraform installs modules from Git repositories by running git clone , and so it will respect any local Git configuration set on your system, including ...
• Using terraform module from a specific branch | by netscape101 ... | This is mostly for myself as notes for work, but hope you can find it useful.
• Terraform Modules pulled from git sources should allow ref to be ... | I am a Terraform Enterprise user implementing a new project. We have full separate deployments for each SDLC tier (dev, qa, prod, etc). I would like to be able to promote terraform code using the s...
• Terraform: Modules Using Git Branch As Source | Build5Nines : r ... | Posted by u/crpietschmann - 6 votes and 9 comments
• Newbie Help - Modules not re-downloaded when updated in git repo | Hi, I might be being stupid here, or not following some guideline as I’ve largely learnt this at need during our move from manual building to automated building in GCP. Essentially, I’m writing a load of modules which I then upload to bitbucket, and we have terraform fetch them and run them. However, terraform doesn’t seem to ever bother updating a module it’s already fetched, even when it’s quite clear from the git status that it’s changed. Is this by design, or am I missing some step which ...
• Git repository tags as a source in terraform module : r/devops | Posted by u/victor_yanukovich - 4 votes and 1 comment
• Terraform: Modules Using Git Branch As Source | Build5Nines | HashiCorp Terraform empowers DevOps Engineers and SREs to manage cloud resources efficiently. One of its standout features is the Terraform Modules support,
• Sourcing Terraform Modules from Azure DevOps : r/Terraform | Posted by u/[Deleted Account] - 6 votes and 8 comments
• Using Terraform Modules from Git in Azure DevOps - samcogan.com | Did you know you can reference custom Terraform modules direct from Git? Here’s how to do it, and how to make this work with an Azure DevOps pipeline