Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in the GitOps way. With the power of Flux together with Terraform, TF-controller allows you to GitOps-ify infrastructure, and application resources, in the Kubernetes and Terraform universe, at your own pace.
"At your own pace" means you don't need to GitOps-ify everything at once.
TF-controller offers many GitOps models:
- GitOps Automation Model: GitOps your Terraform resources from the provision steps to the enforcement steps, like a whole EKS cluster.
- Hybrid GitOps Automation Model: GitOps parts of your existing infrastructure resources. For example, you have an existing EKS cluster. You can choose to GitOps only its nodegroup, or its security group.
- State Enforcement Model: You have a TFSTATE file, and you'd like to use GitOps enforce it, without changing anything else.
- Drift Detection Model: You have a TFSTATE file, and you'd like to use GitOps just for drift detection, so you can decide to do things later when a drift occurs.
To get started check out this guide on how to GitOps your Terraform resources with TF-controller and Flux.
Check out the documentation for a list of features and use cases.
- Support the GitOps way to "apply"
- Drift detection
- Support auto-apply so that the reconciliation detect drifts and always make changes
- Interop with Kustomization controller's health checks
- Terraform outputs as Kubernetes Secrets
- Secret and ConfigMap as input variables
- Support the GitOps way to "plan" / "re-plan"
- Support a multi-tenant model
- Test coverage reaching 68.2%
- Containerd compatibility
- ARM64 & Gravitron support
- Improve security
- Performance and scalability
- Interop with Notification controller's Events and Alert
- CLI implementation:
tfctl - Test coverage reaching 75%
- Write back and show plan in PRs
- Test coverage reaching 80%
- TBD