Terraform Provider

Whilst the Pact Broker has APIs and can be automated, not everything can be configured statically in a config file and it can be time consuming to build your own automation. Furthermore, the lifecycle of use cases on the broker (for example, adding a webhook for a new application) should not require a configuration change and application restart as proposed by issues such as this.

It is common practice to apply infrastructure-as-code practices to both self-hosted and SaaS products alike, and up until now, we lacked this capability.

Introducing Terraform 🚀

Today we announce the release of our Terraform provider v0.0.1. Terraform is a tool that lets you use Infrastructure as Code to provision and manage any cloud, infrastructure, or service.

Example Pact Terraform Run 

Terraform allows infrastructure to be expressed as code in a simple, human readable language called HCL (HashiCorp Configuration Language). Here is an example that provisions two Pacticipants (AdminUI and GraphQLAPI), a Webhook for when the contract changes between the systems and an encrypted Jenkins secret:

variable "token" {
  type = string
}

provider "pact" {
  host = "https://dius.pact.dius.com.au"
  access_token = var.token
}


resource "pact_token" "read_only_api_token" {
  type = "read-only"
  name = "Local dev token"
}
resource "pact_token" "read_write_api_token" {
  type = "read-write"
  name = "CI token"
}

resource "pact_pacticipant" "AdminUI" {
  name = "AdminUI"
  repository_url = "github.com/foo/admin"
}

resource "pact_pacticipant" "GraphQLAPI" {
  name = "GraphQLAPI"
  repository_url = "github.com/foo/api"
}

resource "pact_webhook" "ui_changed" {
  description = "Trigger an API build when the UI changes"
  webhook_provider = {
    name = "GraphQLAPI"
  }
  webhook_consumer = {
    name = "AdminUI"
  }
  request {
    url = "https://foo.com/some/endpoint"
    method = "POST"
    username = "test"
    password = "password1"
    headers = {
      "X-Content-Type" = "application/json"
    }
    body = <<EOF
{
  "pact": "$${pactbroker.pactUrl}"
}
EOF
  }

  events = ["contract_changed_event", "contract_published"]
  depends_on = [pact_pacticipant.billy, pact_pacticipant.sally]
}

resource "pact_secret" "jenkins_token" {
  name = "JenkinsTriggerToken"
  description = "API token to trigger Jenkins builds"
  value = "super secret thing"
}
Example Pact Terraform File

Before you apply changes, Terraform provides an execution plan of changes, which can be reviewed for safety and then applied and provisioned. Terraform will detect any changes that have been made to the resources remotely and re-apply the configuration to prevent drift.

You can read our documentation on the resources we support here.

Available now

The provider is available for download now and supports the following resources:

  • Pacticipants
  • Webhooks
  • Secrets
  • API Tokens

As the broker API progresses, we will add support for other items such as

  • Certificate management for integrations with internal CA-signed systems
  • Integration Whitelists
  • SAML and SSO setup
  • User and group management

What's next?

Want to see something else here? Help us prioritise what we do next!