Terraform
You can define OpsLevel services and checks with Hashicorp's Terraform tool.
With the OpsLevel Terraform provider, you can manage your service, teams and maturity rubric data with the same familiar tool you use to automate the rest of your infrastructure.
You can read more in-depth documentation about each Terraform resource
and data-source
on the Terraform registry.
Before we can get started please make sure you have Terraform installed.
Defining your first OpsLevel service
First we need to define the OpsLevel provider so that Terraform can pull in the provider plugin. We will also need give the provider an OpsLevel API token.
NOTE: the following code snippets assume you understand the basics of how Terraform works.
{
provider "opslevel" {
api_token = "XXX" // or environment variable OPSLEVEL_API_TOKEN
}
Next we will need a few pieces of existing data from OpsLevel which are used when defining a service.
The following uses datasources to retrieve the available values for lifecycle
and tier
which will be used in the creation of your new service entry.
data "opslevel_lifecycle" "beta" {
filter {
field = "alias"
value = "beta"
}
}
data "opslevel_tier" "tier2" {
filter {
field = "index"
value = "2"
}
}
Then we need to create a team which will be the owner of the service. You will need to make sure the team’s manager email is associated with an user in your OpsLevel account.
resource "opslevel_team" "foo" {
name = "foo"
manager_email = "[email protected]"
responsibilities = "Responsible for foo frontend and backend"
}
Now that we have all the necessary pieces of data we can define our new service entry.
resource "opslevel_service" "foo" {
name = "foo"
description = "foo service"
framework = "rails"
language = "ruby"
lifecycle_alias = data.opslevel_lifecycle.beta.alias
tier_alias = data.opslevel_tier.tier3.alias
owner_alias = opslevel_team.foo.alias
}
You can read more about all the fields available to set for a service entry here.
Creating Checks
Now that we have a service and team defined in your account let’s start to leverage the power of OpsLevel’s rubric system by defining a check.
Before we define the check we will need some additional datasources for rubric category
and level
.
data "opslevel_rubric_category" "security" {
filter {
field = "name"
value = "Security"
}
}
data "opslevel_rubric_level" "bronze" {
filter {
field = "name"
value = "Bronze"
}
}
Now we can define a check that validates that a repository is specified for each service entry in OpsLevel.
resource "opslevel_check_repository_integrated" "foo" {
name = "foo"
enabled = true
category = data.opslevel_rubric_category.security.id
level = data.opslevel_rubric_level.bronze.id
owner = opslevel_team.foo.id
notes = "Optional additional info on why this check is run or how to fix it"
}
If you take a look at your Rubric report in OpsLevel you should see that your newly created service entry is failing to pass this check. Let’s fix that with Terraform.
Before we can attach a repository to a service we need to make sure a Git Integration is setup on our account. Then we can reference that repository using an alias that resembles the repository clone URI.
resource "opslevel_service_repository" "bar" {
service = opslevel_service.foo.id
repository_alias = "github.com:example/bar"
}
If you refresh the Rubric report in OpsLevel you should see that your newly created service is now passing this check.
Congratulations! Your service catalog and maturity rubric is fully managed without leaving the comfort of Terraform.
Exporting and importing existing account data
For existing OpsLevel customers we have an easy approach to convert your entire OpsLevel account into Terraform configuration so you can fully control your account with Terraform.
First you will need to install our CLI.
With that installed you can now run a command which will export all of your OpsLevel account’s data to Terraform configuration as well as giving you an import.sh
script that includes all of the terraform import
statements that need to be run.
OPSLEVEL_API_TOKEN=XXX opslevel export terraform
This will create a directory named terraform
and inside will be a series of *.tf files with all of the configuration needed to manage your OpsLevel account with Terraform.
Before you get started on modifying configuration files and importing, initialize and then populate the Terraform state file.
Run the following command to initialize the Terraform state file if you are not using an existing Terraform workspace.
terraform init
Run the following script within the terraform directory to populate your Terraform state file.
bash import.sh
Updated about 2 years ago