env0 has always been about helping developers maintain provisioned resources in the cloud from their IaC framework of choice. We provide an infrastructure-centric, governance layer for automating and managing your infrastructure.
We worked well for customers who already had infrastructure provisioned in the cloud. But what if you need to support infrastructure developers and still need the management layer that env0 provides? We refer to this process of creating new infrastructure through automation as “Day 0” environment creation. In other words, we need an automated way of creating the env0 resources when a developer submits new IaC to git.
This post shows one such way of automating the creation of the env0 environment resources by using our TF provider and some shell magic.
First, let's assume we have a Terraform developer that needs to write new TF code and test it in a sandbox environment. The developer typically would request for cloud credentials to use on his/her local machine. After the initial testing is done, the developer will want to submit the code through a PR process so that the IaC can be provisioned in a higher level environment. This is where our story begins.
The developer creates his/her infrastructure code in this example under our folder called “dynamic-environments.” This folder is designated as the location that will be scanned by our script in order to auto-generate the corresponding env0 environment.
The PR, once created, will trigger a PR Plan on an env0 environment that will scan for changes in the folder, and generate the TF vars to be consumed, and eventually it will generate the corresponding developer resources in a new env0 environment. We call this env0 environment the “Day 0” environment.
Once the PR is approved and merged, the “Day 0” environment will begin creating the new resources in the dynamic-environment folder.
In order to get this workflow setup, we will first need to create a “Day 0” environment as described above. The environment will exist in a “management” project that the developer does not need access to. This environment will be configured to listen to changes from the template directory as well as the “dynamic-environment” directory. This way, whenever a new PR includes a new folder in the “dynamic-environment” directory, it will trigger this environment to help generate a new environment.
Once this is done, you can simply have your developers submit their environments through a PR, and once the PR has been accepted and merged, env0 will detect that environment and create the environment based on the contents of their folder structure.
Check out the code, and adapt it to your repo structure.
Other ideas that we could implement on top of this pattern include:
We could add a speculative plan of the new environment as a PR comment feedback
We could scan a file, as opposed to a folder to generate the environments.