Infrastructure-as-Code Templating
Working with modules can involve a lot of boilerplate code that can be difficult to maintain due to the sheer amount of copy / paste required to apply updates.
To combat this, we have created a basic templating system for automatically managing the most tedious maintenance tasks
when using Panfactum submodules in your .tf
files.
The templating system works as follows:
-
Add the
# pf-generate: <directive>
and# end-generate
blocks to your.tf
code:module "kube_labels" { source = "github.com/Panfactum/stack.git//packages/infrastructure/kube_workload_utility?ref=edge.24-09-12" # pf-generate: set_vars # end-generate }
-
Run
pf-update-iac
. -
The code will automatically be updated:
module "util" { source = "github.com/Panfactum/stack.git//packages/infrastructure/kube_workload_utility?ref=edge.24-09-12" # pf-generate: set_vars pf_stack_version = var.pf_stack_version pf_stack_commit = var.pf_stack_commit environment = var.environment region = var.region pf_root_module = var.pf_root_module pf_module = var.pf_module is_local = var.is_local extra_tags = var.extra_tags # end-generate }
Using this method, you can be sure your variables are being passed through to all modules, and this code can be easily updated if the calling conventions update in the future.
Directives
We provide the following template directives:
standard_vars
Adds variable declarations for the standard input variables that are automatically injected by Terragrunt and consumed by every Panfactum IaC module:
# pf-generate: standard_vars
variable "environment" {
description = "The name of the environment the infrastructure is being deployed into. #injected"
type = string
default = null
}
...
variable "pf_stack_commit" {
description = "The commit hash for the version of the Panfactum stack being used #injected"
type = string
default = "xxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
# end-generate
pass_vars
Passes the standard input variables into a submodule:
module "workflow_perms" {
source = "github.com/Panfactum/stack.git//packages/infrastructure/kube_sa_auth_workflow?ref=edge.24-09-12"
# pf-generate: pass_vars
pf_stack_version = var.pf_stack_version
pf_stack_commit = var.pf_stack_commit
environment = var.environment
region = var.region
pf_root_module = var.pf_root_module
is_local = var.is_local
extra_tags = var.extra_tags
# end-generate
}
pass_vars_no_extra_tags
The same as set_vars
but does not pass extra_tags
. This allows you to customize the extra_tags
input
without it being overridden by the templating system.
set_vars
The same as pass_vars
, but also passes the pf_module
input variable. This is useful for utility modules
where you want the panfactum.com/pf-module
tag to be set to the calling module, not the submodule.
We recommend this for kube_workload_utility and aws_tags.
module "util" {
source = "github.com/Panfactum/stack.git//packages/infrastructure/kube_workload_utility?ref=edge.24-09-12"
# pf-generate: set_vars
pf_stack_version = var.pf_stack_version
pf_stack_commit = var.pf_stack_commit
environment = var.environment
region = var.region
pf_root_module = var.pf_root_module
pf_module = var.pf_module
is_local = var.is_local
extra_tags = var.extra_tags
# end-generate
}
set_vars_no_extra_tags
The same as set_vars
but does not pass extra_tags
. This allows you to customize the extra_tags
input
without it being overridden by the templating system.
set_vars_no_region
The same as set_vars
but does not pass region
. This allows you to customize the region
input
without it being overridden by the templating system. This is useful in modules that deploy resources in
multiple regions.