Terrakube
2.20.0
2.20.0
  • Introduction
  • Updates
  • Getting started
    • 📐Architecture
    • 🔐Security
    • 🚀Getting Started
    • 💿Docker Images
    • 🌐Docker Compose
    • 🚗Docker Compose + Traefik
    • 📥Deployment
      • 🔨Helm Chart
      • 🚀Minikube
      • 🔑Minikube + HTTPS
      • ✈️Ingress Configuration
      • 🔐User Authentication (DEX)
      • 💾Storage backend
        • Azure Storage Account
        • Amazon Cloud Storage
        • Google Cloud Storage
        • Minio (S3 compatible)
      • 🛰️Database Backend
        • SQL Azure
        • PostgreSQL
        • MySQL
        • H2
      • 🔐Custom CA Certs
      • ⚙️Custom Terraform CLI Builds
      • 👮Self-Hosted Agents
      • 📶Proxy Configuration
      • 🛡️Token Security
      • 🚦Open Telemetry
    • 🤵User Management
      • Azure Active Directory
      • Google Cloud Identity
      • Amazon Cognito
      • Github
  • 📓User Guide
    • Organizations
      • Creating an Organization
      • Global Variables
      • Team Management
      • API Tokens
      • Templates
        • Default Templates
        • Persistent Context
        • Import Templates
        • UI Templates
        • Filter global variables in jobs
        • Template Scheduling in Jobs
      • Tags
    • VCS Providers
      • Github
      • Github Enterprise
      • GitLab
      • Gitlab EE and CE
      • Bitbucket
      • Azure DevOps
      • SSH
    • Workspaces
      • Overview
      • Creating Workspaces
      • Terraform State
      • Share Workspace State
      • Variables
      • Workspace scheduler
      • API-driven Workflow
      • CLI-driven Workflow
      • Ephemeral Workspaces
    • Private Registry
      • Publishing Private Modules
      • Using Private Modules
    • Policy Enforcement (OPA)
    • Cost Estimation
    • Drift Detection
    • CI/CD Integration
      • Github Actions
      • Bitbucket
    • Terrakube CLI
      • Getting started
      • Installation
      • Commands
        • terrakube login
        • terrakube logout
        • terrakube organization
          • organization list
          • organization create
          • organization update
          • organization delete
        • terrakube team
          • team list
          • team create
          • team update
          • team delete
        • terrakube workspace
          • workspace list
          • workspace create
          • workspace update
          • workspace delete
          • workspace variable
            • variable list
        • terrakube variable
          • variable update
          • variable delete
          • variable create
        • terrakube job
          • job list
          • job create
        • terrakube module
          • module list
          • module create
          • module update
          • module delete
    • Reference
      • Executor
        • Terraform Execution Flow
        • Terraform Versions
    • Migrating to Terrakube
  • 🎓Learn
    • What is Terrakube
      • Section Overview
      • Terraform in a Nutshell
      • Terraform Challenges at Enterprise Level
      • Introducing Terrakube
      • Summary and Up Next
    • Deploying using Terrakube
  • 📖API
    • 🌟Getting started
    • ⚙️Methods
      • Globalvar
      • Organization
      • Teams
      • Workspace
      • Variables
      • History
      • Jobs
      • Template
      • Schedule
      • Step
      • Module
      • Vcs
      • Provider
      • Personal Access Token
      • Team API Tokens
      • SSH Key
      • Agent
Powered by GitBook
On this page
  1. User Guide
  2. Workspaces

Ephemeral Workspaces

PreviousCLI-driven WorkflowNextPrivate Registry

Last updated 1 year ago

The following will show how easy is to implement an ephemeral workspace using Terrakube custom schedules and templates with the remote CLI-driven workflow.

The first step will be to create a new organization, lets call it "playground".

Once we have the playground organization, we need to add a team with access to create templates like the following:

We will also need a team with access to create/delete a workspace only, like the following:

Teams names will depend on your Dex configuration.

Once we have the two teams in our new playground organization, we can proceed and create a new template that we will be using to auto destroy all the workspace:

Lets call it "delete-playground" and it will have the following code:

flow:
  - type: "terraformDestroy"
    name: "Destroy Playground"
    step: 100
  - type: "disableWorkspace"
    name: "Delete Workspace"
    step: 200

Now we can update the default template that is used when we are using the remote CLI-driven workflow, this template is inside every organization by default and is called "Terraform-Plan/Apply-Cli", usually we don't need to update this template but we will do some small changes to enable ephemeral workspaces in the playground organization.

We need to go the the templates inside the organization settings and edit the template

We will add a new step in the template, this will allow to schedule a job that will be using the "delete-playground" template that we have created above.

We need to use the following template code:

flow:
- type: "terraformPlan"
  name: "Terraform Plan from Terraform CLI"
  step: 100
- type: "approval"
  name: "Approve Plan from Terraform CLI"
  step: 150
  team: "TERRAFORM_CLI"
- type: "terraformApply"
  name: "Terraform Apply from Terraform CLI"
  step: 200
- type: "scheduleTemplates"
  step: 300
  name: "Setup auto destroy"
  templates:
    - name: "delete-playground"
      schedule: "0 0/5 * ? * * *"

If we pay special attention we just add a new section where we define that the schedule will run every five minutes after the Terraform apply is completed.

In this example we will schedule the template every five minutes for testing purposes.

  name: "Setup auto destroy"
  templates:
    - name: "delete-playground"
      schedule: "0 0/5 * ? * * *"

Now we need to define our Terraform code, lets use the following simple example:

terraform {
  cloud {
    organization = "playground"
    hostname = "8080-azbuilder-terrakube-h128dcdc7l1.ws-us105.gitpod.io"

    workspaces {
      tags = ["myplayground", "example"]
    }
  }
}

resource "null_resource" "previous" {}

resource "time_sleep" "wait_5_seconds" {
  depends_on = [null_resource.previous]

  create_duration = "5s"
}

resource "null_resource" "next" {
  depends_on = [time_sleep.wait_5_seconds]
}

output "creation_time" {
    value = time_sleep.wait_5_seconds.create_duration
}

Run terraform login to connect to our Terrakube instance:

terraform login 8080-azbuilder-terrakube-h128dcdc7l1.ws-us105.gitpod.io

Now we can run terraform init to initialize our workspace inside the playground organization, lets use "myplayground" for the name of our new workspace

Let's run terraform apply and create our resources:

Preparing the remote apply...

To view this run in a browser, visit:
https://8080-azbuilder-terrakube-h128dcdc7l1.ws-us105.gitpod.io/app/playground/myplayground/runs/1

Waiting for the plan to start...

***************************************
Running Terraform PLAN
***************************************

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # null_resource.next will be created
  + resource "null_resource" "next" {
      + id = (known after apply)
    }

  # null_resource.previous will be created
  + resource "null_resource" "previous" {
      + id = (known after apply)
    }

  # time_sleep.wait_5_seconds will be created
  + resource "time_sleep" "wait_5_seconds" {
      + create_duration = "5s"
      + id              = (known after apply)
    }

Plan: 3 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + creation_time = "5s"

Do you want to perform these actions in workspace "myplayground"?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

null_resource.previous: Creating...
null_resource.previous: Creation complete after 0s [id=7198759863280029870]
time_sleep.wait_5_seconds: Creating...
time_sleep.wait_5_seconds: Creation complete after 5s [id=2023-10-18T16:05:14Z]
null_resource.next: Creating...
null_resource.next: Creation complete after 0s [id=855270182201609076]

Apply complete! Resources: 3 added, 0 changed, 0 destroyed.

Outputs:

creation_time = "5s"

Our new workspace is created and if we go the organization we can see all the information

The job will be running to create the resources:

We can see that our job is completed and the setup auto destroy have created a new schedule for our workspace:

We could go to the schedules tab:

This schedule will run in 5 minutes:

After waiting for 5 minutes we will see that Terrakube have created a new Job automatically

If we check the details for the new job we can see that a terraform destroy will be executed:

All of the workspace resources are deleted and the workspace will be deleted automatically after the destroy is completed.

Once the Job is completed, our workspace information is deleted from Terrakube

If we are using AWS, AZURE, GCP or any other terraform provider that allow to inject the credentials using environment variables we could use "global variables" to define those.

Global variables will be injected automatically to any workspace inside the playground organization.

The schedule is using Quartz format, to learn more about this use this .

📓
link