Unlocking Infrastructure as Code Efficiency with Spacelift
- Problems with Traditional CI tools
- Traditional CI tools aren’t good for stateful applications so concurrent runs are difficult are problematic with IaC tools
What is Spacelift ?
- Spacelift is a CI/CD tool designed specifically for IaC = State locking & Concurrent runs
- Generate & Preview plans before applying PRs
- Access control policies to define what users able to do
- Can be used to manage the IaC state
- Drift Detection
Spacelift Concepts
2. Stacks = Combination of Source code for IaC + Terraform State + Env variable
3. Policy = Spacelift uses Open Policy Agent (OPA) to provide a way to declarative write policies as code
- Login = Who gets to log in to Spacelift
- Access = who gets to access individual stacks
- Approval = who can approve/reject a run
- Initialization = which Runs & Tasks can be started
- Notification = routing and filtering notification
- Plan = which changes can be applied
- Push = how git push events are interpreted
- Task = which one-off commands can be executed
- Trigger = what happens when blocking runs terminate
4. To view a brief demonstration, navigate to your GitHub profile and create a public or private repository for Terraform code. We’ll use basic code for this demonstration.
5. Then, in your IDE, where you can write your Terraform code, I’m using Ubuntu as it’s just basic code. You can clone or view the repository at the following link:
https://github.com/shri2904/Spacelift-demo.git6. Then, visit the Spacelift website and click on “Start for free.” Select the option “GitHub” to integrate with Spacelift. You can utilize a 14-day trial period for learning purposes.
After selecting the “GitHub” option to integrate with Spacelift, you will be directed to the Spacelift window.
7. Next, in the top left corner, you’ll find “Stack.” Click on that, then select the “Create Stack” option.
8. Then, provide a name for your stack and click on “Continue.”
9. In the next window, select your repository, branch, and optionally specify the project root if your code is located under a specific directory. Then, click on “Continue” again.
10. In the following window, choose the provider and version, and select “Spacelift” as the manager for your Terraform backend. Then, click on “Create & Continue.”
11. Lastly, simply click on “Continue” for the upcoming windows, as we haven’t configured all the options yet; this is just a demonstration. Eventually, you’ll be able to view your stack.
12. To run that stack, you need to push some changes into your GitHub repository.
13. The error you encountered is expected because AWS credentials were not specified. This is fine since it’s part of the setup process.
14. To set the environment variable, click on “Back” from your current window. Then, you’ll see the option labeled “Environment.” Navigate to that and click on “Edit.”
15. then as in the below image you should give a name to your environment variable and assign it a value. Then, mark it as “Secret” to ensure that the value is hidden. Finally, save your keys.
16. After saving your key in environment variables, you can go back to your stacks and push some changes again to your repository. Alternatively, you can navigate to your stack and click on the “Trigger” option again.
17. Now it’s going through the planning stage, so please wait for some time. Here, you can observe the Terraform plan. If you notice the pop-up, it will display “Unconfirmed.”
18. So, check your plan, and if everything looks good, click on “Confirm.” If there’s anything wrong, you can click on “Discard” to cancel the changes. I’m going to confirm these changes now.
19. Wait for some time for the job to complete. You can observe that our job is running successfully. In the logs, you’ll find the “instance_id” and “public_ip” of our instance. You can also check your AWS account to verify if the instance has been launched.
20. Now, to view the resources under the stack, go back and click on “Resources.”
In the resources section, you’ll see “3 blocks.” Hover over that and click on the middle one, which is “aws-instance-app-server.” When you click on it, a large pop-up will appear on the right side, providing detailed information about your server. You can also see other output blocks as well.
21. So, because it’s a basic demo, I’ll explain why Spacelift and how it works, or how you can set up your first CI job. Of course, what I’ve written is just the tip of the iceberg; Spacelift offers more features such as concurrent runs, queued states, tasks, policies, and mounted files. If you’d like to learn more about these features, please let me know so I can provide detailed information in the blog.
