Terraform Operator

Simple operator to automate terraform configuration creation on kubernetes
Alternatives To Terraform Operator
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Devops Exercises41,762
3 days ago14otherPython
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
a day ago1May 10, 20225otherShell
I am using this repository to document my journey learning about DevOps. I began this process on January 1, 2022, and plan to continue until March 31. I will be dedicating one hour each day, including weekends, to gaining a foundational understanding of the various aspects of DevOps. This will be a 90-day intensive study period. 2022 & 2023 inc.
Microservices Demo13,929
7 hours ago43August 04, 202241apache-2.0Python
Sample cloud-first application with 10 microservices showcasing Kubernetes, Istio, and gRPC.
Terraformer9,83512 days ago20November 15, 202189apache-2.0Go
CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
a month ago17gpl-3.0Go
Modern self-hosting framework, fully automated from empty disk to operating services with a single command.
Devops Guide6,318
a month ago5mitHTML
DevOps Guide - Development to Production all configurations with basic notes to debug efficiently.
Docker Android5,451
a month ago98otherShell
Android in docker solution with noVNC supported and video recording
Checkov5,42146 hours ago2,207July 07, 2022197apache-2.0Python
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
2 months ago10mit
Kubernetes clusters for the hobbyist.
Steampipe5,01336 hours ago352September 20, 2022286agpl-3.0Go
Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required.
Alternatives To Terraform Operator
Select To Compare

Alternative Project Comparisons

Terraform Operator

Currently still in POC stage, there are plans to extend this functionality soon. Feel free to create issues but note it's only one person working here 😄

Simply want the binary run make.


The following are needed to run this repo:

  • Kubernetes cluster - minikube is a simple tool for this
  • Helm - binary can be found here

Make sure to have also forked and cloned the repo if you are deploying with flux. This is recommended since it'll sync all your changes and help you to deploy consistently.

Building the operator

To build the operator image run the following:

IMG=<image-repo> make docker-build

Now push to your repo run:

IMG=<image-repo> make docker-push

Running Helm and Flux

To install helm flux please run the following:

kubectl create ns flux

Next we need to create the CRD's for helm operator in advance of creating the deployment:

kubectl apply -f https://raw.githubusercontent.com/fluxcd/helm-operator/1.1.0/deploy/crds.yaml

Now we can add the fluxcd charts and run a install:

helm repo add fluxcd https://charts.fluxcd.io

helm upgrade -i flux fluxcd/flux \
    --namespace flux \
    --set [email protected]:krubot/terraform-operator \
    --set git.readonly=true \
    --set git.path=deploy \
    --set rbac.pspEnabled=true

helm upgrade -i helm-operator fluxcd/helm-operator \
    --namespace flux \
    --set git.ssh.secretName=flux-git-deploy \
    --set helm.versions=v3

The following need to now be run to get the pubic ssh key:

kubectl -n flux logs deployment/flux | grep identity.pub | cut -d '"' -f2

This should output should be the whole key which you add to your deployments configuration within your github repo. This key does not need write access so don't tick this box.

Running some tests

To test that the deployment please checkout the infra namespace and validate in the logs that the terraform operator is running correctly.

Workflow identity service account

If running this on the google kubernetes engine then make sure you have workload identity enable. The link below is to the terraform config argument where this must be set:


The using the gcloud cli you can generate the terraform-operator service account and permissions:

$ gcloud --project=<project> iam service-accounts create terraform-operator --display-name "Terraform operator service account"
$ gcloud --project=<project> iam service-accounts add-iam-policy-binding --role "roles/iam.workloadIdentityUser" --member "serviceAccount:<project>.svc.id.goog[infra/terraform-operator]" [email protected]<project>.iam.gserviceaccount.com
$ gcloud projects add-iam-policy-binding <project> --member='serviceAccount:[email protected]<project>.iam.gserviceaccount.com' --role='roles/storage.admin'

(<project> is the gcp project id)

This can be then added to the release values and used in the helm deploy:

  create: true
  name: terraform-operator
    create: true
    name: [email protected]<project>.iam.gserviceaccount.com
Popular Kubernetes Projects
Popular Terraform Projects
Popular Virtualization Categories

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.