-
Notifications
You must be signed in to change notification settings - Fork 455
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Add Support for HCL Output #225
Comments
That's interesting, do you have a specific use-case in mind? |
Programmatically generating TF files and modules for future edits by users is one of potential use cases. |
I was thinking about generating modules as a use case as well. Sort of like having a Construct package which would work with When thinking about HCL for actual users to continue to work with, I'm wondering if that would make sense for this project. It's very focused on automatically generating JSON configurations which are not optimised for human consumption. It still could in theory be achieved by using something like this with some sprinkles of |
I had similar thoughts to @JayDoubleu here. json2hcl could be a potential work around, but I really like the idea of native support. |
I'll even go step further:
|
There's the idea of supporting a workflow which is fully backed by the Terraform Cloud, so that you wouldn't need the Terraform CLI locally at all. Technically, that's still a similar concept to what we have right now, though. |
If I could run local terraform cli via some sort of API then IMHO it would be useful in CI like Azure DevOps etc. If I could print out to screen using terraform cli default interface but run commands programmatically behind the scenes... I like terraform cli and HCl from user perspective, it's just a bit pain to orchestrate so I started looking into things like pulumi. If I could programmatically
This would open wide range of possibilities like templating HCL using typescript/python but with intention for the end users to use HCL. API to interact with terraform cli is IMO very much needed feature for pipelines and orchestration of entire environments using terraform and external data which would come from other programming languages |
If you're just after Terraform orchestration, have you looked at Terragrunt? For
This sounds like a one-off code generator, since I wouldn't know how you'd reconcile changes made by the user with the generated configuration. Are you after a generator similar to create-react-app, but for Terraform HCL projects? |
The ability to produce HCL has many use cases, the human readable template generation is just one of them and yes it would look similar to react app generator you mentioned but I'm hoping cdktf is just the right tool for that already . What would make it even better is the ability to spit out HCL. ;) Regarding the api itself and terragrunt, I'm aware of terragrunt however it's just a wrapper around terraform which can be implemented in any language. What i'm after is something similar to below: app = App()
MyStack(app, "automate-everything")
synth = app.synth()
plan = app.plan(synth)
if plan.changes is not None:
if len(plan.changes.module.custom.fruits) > 4:
app.apply(synth, target='module.custom.fruits') |
That's pretty interesting! Could you create a separate issue for this?
Cool, thanks - I think I understood the use-case you were mentioning. The one-off generator use-case could also be dedicated issue and reference this issue here. |
@skorfmann Just wanted to chime in on this discussion. Supporting HCL as a target output format brings the benefits of allowing sources generated by this project to be better supported by existing tools from the terraform ecosystem. For example, these are a few of the limitations we've experienced when trying to adopt this tool.
Currently, we have a convoluted workaround where we strip out the |
@marcoferrer thanks for your input! Integration into the broader ecosystem of tooling for Terraform HCL is a very good point indeed. So far I was assuming that the JSON representation of HCL would just work in most cases, haven't looked at it in detail though.
What you're saying is, that either pure JSON or pure HCL is supported by the extension, but a mix of both is not?
I'm very interested in more details about your intended workflow. By
Haven't tested it, but judging from the code it should be supported.
That's essentially your release process for the packages / modules you're planning to distribute? |
It's actually a little worse than that. Using
We've defined standards within our organization for terraform modules for specific types of applications. These standards define at a minimum what providers / alias are expected as well as a predefined set of variables and outputs. This forms a pseudo-interface we expect each module to conform to. Ensuring modules are conforming to this interface allows us to build org specific automation and policy governance around our infrastructure lifecycle. Since terraform isn't exactly friendly to reuse of variables, outputs, and providers we were planning on defining cdk modules in Java and publishing them as a jar into an internal artifact repository. Then using maven/gradle engineers are able to pull a semantically versioned modules and instantiate it from within their local cdk module sources. This prevents the need to continually copy/paste specific files throughout all the projects. I can supply an example project to further demonstrate if you'd like.
That's odd, I tested it locally with one of our projects and ran into issues. Ill give it another shot to see if there was something I missed.
Include the Its seems that some tools arent happy with the
In a nutshell yes. Its purely to maintain the developer experience and allow the IDE to resolve definitions created by cdktf from other files being authored by engineers. The terraform cli also produces errors when trying to read hcl that includes the converted |
@marcoferrer out of curiosity, do you plan to have other teams eventually transition to writing their configuration using Java rather than hcl? |
@jsteinich Currently, that seems to be the long-term goal but we do want to be able to support cases where we might have to supplement a module with manually written HCL. The move to Java is to allow our engineers to leverage their existing experience and dependency management tools so that they are able to focus purely on terraform concepts without too much overhead of learning hcl specifics or code reuse via copy/paste. |
Yes, an example would be great!
That's certainly not ideal. Perhaps it would make sense to fork and fix
The purpose of |
Here's a distilled example of using cdk in a java project using gradle. It also demonstrates sharing common configuration between multiple modules as well as mixing HCL and json sources. #510
After looking at the implementation of
This is good to know and I agree. As long as the json syntax spec for terraform is being adhered to any issues with |
Yes this is exactly what we would do if this was supported. For example ServiceNow Cloud management only supports HCL files, not JSON. Native HCL output would be expected from this tool. |
For those of us that have implemented automation with the Terraform Api's for Cloud & Enterprise, would this issue be relevant to parsing a java object out to HCL format? For example, by taking a Map<String, someJavaModel> and doing a hclParse to obtain the string to utilize in the Terraform Api's? Example Use Case: Current Scenario: I came across this issue in researching better ways to handle this use case currently. |
There are a number of json2hcl projects and it would help to specify which one. The one by kvz looks maintained (changes from this year) and the issue with the parsing of the double slashes hasnt been created yet. https://github.com/kvz/json2hcl Edit: I haven't tried this tool but I did see the issue where hcl2 is still unsupported. |
I came across this topic related to converting Terraform CDK code to HashiCorp Configuration Language (HCL) format. I was wondering if there has been any progress in this area, specifically in terms of a built-in method to accomplish this task. If this feature is not currently available, I would appreciate any information on the best programmatic approach to achieve this conversion. From my understanding, it can be done manually using Terraform's jsonencode and hcl2_to_json commands, but I am open to other methods as well. |
I don't believe this area has been worked on and I'm not sure if there are any actively maintained tools for doing so either. |
For my project, I have developed a comprehensive Terraform CDK Cloud Deployment framework. However, in comparison to Terraform HCL, I found Terraform CDK to be more complex in terms of setup and operations. To simplify the process, my goal is to convert Terraform CDK into Terraform HCL. Alternatively, I have considered deploying Terraform CDK into a container and passing a YAML file to it. Unfortunately, I have been unable to find a way to run Terraform CDK in a container. As an end result, I am actively seeking a straightforward solution for the end-user of my tool. |
Not the OP, but our use case is to help with debugging. My team personally doesn't use CDKTF (we use pure HCL) but we have some dev teams in the organisation who are adopting CDKTF. When they have an issue with infrastructure, it would be faster and easier to determine if it's an infra, architecture or code issue if we could examine the 'HCL' that they are trying to deploy. |
This comment was marked as off-topic.
This comment was marked as off-topic.
Another use case: We use Snyk to scan our infrastructure code. Snyk can scan both CDK and TF but not json's of CDKTF, so building the hcl file would be beneficial for us here. |
There's a couple more reasons for exporting Terraform native files:
The tooling that was suggested up to now provide a less than ideal experience for the these scenarios. It does work well for say deploying a web application, but not for platform engineering where Terraform is widely adopted. |
We have two camps, a group (A) that maintains the AWS environments using hand-rolled Terraform modules and shared state in DynamoDB backend, and the developers group (B) who need to create serverless components and code who would prefer to use CDKTF to generate components which can require hand-rolling literally thousands of lines of HCL. Our pipelines are required to run pre-deployment scans on the HCL (Bridgecrew/Checkov or Kics) and applications will not deploy if they can't comply with those guardrails. So HCL output would be a useful way to bridge the gap between the groups. We are already seeing reluctance to keep current on AWS Provider and Terraform versions due to breaking changes that increasingly require cut-n-paste updates across hundreds of terraform files and the risk of corrupting shared state due to a newer breaking change.
If using jq 1.5, add this code to your ~/.jq file:
|
I came across article https://nklya.medium.com/how-to-write-hcl2-from-python-53ac12e45874 For my case, I wanted to generate hcl in python. The article suggest that we can use hclwrite from hcl golang. Seems to be a more stable approach however definitely more tedious. |
I'm going to lock this issue because it has been closed for 30 days. This helps our maintainers find and focus on the active issues. If you've found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Community Note
Description
Currently the output is JSON, but it would be great if we could output HCL.
While we can use
cd cdktf.out && terraform plan
, but could see real value/interesting solutions created if the output was HCL.The text was updated successfully, but these errors were encountered: