Terraform Provider: TLS

The TLS provider provides utilities for working with Transport Layer Security keys and certificates. It provides resources that allow private keys, certificates and certificate requests to be created as part of a Terraform deployment.

Documentation, questions and discussions

Official documentation on how to use this provider can be found on the Terraform Registry. In case of specific questions or discussions, please use the HashiCorp Terraform Providers Discuss forums, in accordance with HashiCorp Community Guidelines.

We also provide:

• Support page for help when using the provider
• Contributing guidelines in case you want to help this project
• Design documentation to understand the scope and maintenance decisions

The remainder of this document will focus on the development aspects of the provider.

Compatibility

Compatibility table between this provider, the Terraform Plugin Protocol version it implements, and Terraform:

TLS Provider	Terraform Plugin Protocol	Terraform
>= 4.x	5	>= 0.12
>= 3.x	5	>= 0.12
>= 2.x	4 and 5	<= 0.12
>= 0.x	4	<= 0.11

Details can be found querying the Registry API that return all the details about which version are currently available for a particular provider. Here are the details for TLS (JSON response).

Requirements

• Terraform
• Go (1.23)
• GNU Make
• golangci-lint (optional)

Development

Building

1. git clone this repository and cd into its directory
2. make will trigger the Golang build

The provided GNUmakefile defines additional commands generally useful during development, like for running tests, generating documentation, code formatting and linting. Taking a look at it's content is recommended.

Testing

In order to test the provider, you can run

• make test to run provider tests
• make testacc to run provider acceptance tests

It's important to note that acceptance tests (testacc) will actually spawn terraform and the provider. Read more about they work on the official page.

Generating documentation

This provider uses terraform-plugin-docs to generate documentation and store it in the docs/ directory. Once a release is cut, the Terraform Registry will download the documentation from docs/ and associate it with the release version. Read more about how this works on the official page.

Use make generate to ensure the documentation is regenerated with any changes.

Using a development build

If running tests and acceptance tests isn't enough, it's possible to set up a local terraform configuration to use a development builds of the provider. This can be achieved by leveraging the Terraform CLI configuration file development overrides.

First, use make install to place a fresh development build of the provider in your ${GOBIN} (defaults to ${GOPATH}/bin or ${HOME}/go/bin if ${GOPATH} is not set). Repeat this every time you make changes to the provider locally.

Then, setup your environment following these instructions to make your local terraform use your local build.

Testing GitHub Actions

This project uses GitHub Actions to realize its CI.

Sometimes it might be helpful to locally reproduce the behaviour of those actions, and for this we use act. Once installed, you can simulate the actions executed when opening a PR with:

# List of workflows for the 'pull_request' action
$ act -l pull_request

# Execute the workflows associated with the `pull_request' action 
$ act pull_request

Releasing

The releasable builds are generated from the build GH workflow and the release/promotion process is completed via internal HashiCorp deployment tooling. Prior to release, the changelog should be updated in main with the changie tool, example:

changie batch 4.1.0 && changie merge

License

Mozilla Public License v2.0