Blog

Life is too short to learn Bash

February 5, 2023

As an experienced software developer, I often find that writing scripts in sh or Bash can be a challenging task. Issues such as missing environment variables, the difficulty of using tools like xargs and jq, and the need to constantly re-learn how to write a for loop make the process frustrating. Although these issues are not inherent limitations of the language, other programming languages can also call external programs and make decisions based on their output.

Static Analysis of Terraform code with Checkov

by Pedro Santos

April 23, 2022

In the previous post about terraform, I make a case for testing your Terraform code with Go and Terratest. For this post, I’ll be making a case for static analysis tools. Static analysis tools for Terraform are a powerful mechanism to help your team follow industry best-practices. Conversely, your organization’s infrastructure team can leverage static analysis tools and custom checks to document and enforce company-wide policies. These tools operate on the Terraform code or in the Terraform plan.

Extending Terraform with custom providers

by Pedro Santos

April 19, 2022

Note: this is a fairly advanced topic. It assumes you have some experience with Go and understand the Terraform state and resource life-cycle. One of Terraform’s most significant drawbacks is that there is no clean way of injecting custom functionalities. The canonical solution for injecting custom functionality is to use a local_exec provisioner combined with a shell script. In my opinion, this functionality is not enough for the following reasons:

Testing Terraform code with Go and Terratest

by Pedro Santos

April 18, 2022

As a cloud engineer, I love Terraform. With Terraform, I don’t have to worry about keeping track of infrastructure changes or compute dependencies between each component. Terraform is also cloud-agnostic, so all the Terraform knowledge I’ve accrued over the years can quickly transfer between cloud providers and even into Kubernetes clusters. While Terraform protects the user against many common mistakes, errors still creep up. An error I’ve encountered many times was a network security group misconfiguration that prevented VMs from communicating inside a Vnet.