This repository contains Terraform code to provision infrastructure on Google Cloud Platform (GCP). The Terraform execution is automated and managed through a Jenkins pipeline, with support for multiple environments.
repo/
└── terraform_code/
├── env-dev/ # Terraform configs for Dev environment
│ ├── main.tf
│ ├── variables.tf
│ ├── outputs.tf
│ └── terraform.tfvars
├── env-stage/ # (Optional) Stage environment configs
├── env-prod/ # (Optional) Prod environment configs
└── modules/ # Shared reusable modules
Jenkinsfile # Pipeline definition for Jenkins
-
Jenkins instance with:
-
Terraform installed (
>=1.x) -
Google Cloud SDK installed
-
Required Jenkins plugins:
-
- A GCP Service Account with sufficient IAM permissions.
- JSON key stored in Jenkins Credentials.
- Pipeline will export this for Terraform authentication.
The Jenkins pipeline (Jenkinsfile) is designed with the following stages:
- Checkout → Clone this repo
- Select Environment → Choose environment folder (
env-dev,env-stage,env-prod) - Init → Run
terraform initin the selected folder - Validate → Run
terraform validate - Plan → Run
terraform planand display changes - Apply → Deploy infra (manual approval optional)
- Destroy (optional/manual) → Tear down infra for cleanup
If you want to test Terraform locally for env-dev:
cd repo/terraform_code/env-dev
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account.json"
export GOOGLE_PROJECT="your-project-id"
terraform init
terraform plan -var-file=terraform.tfvars
terraform apply -var-file=terraform.tfvars-
Do not commit service account keys or sensitive variables.
-
Use
.gitignorefor:*.tfstate *.tfstate.backup terraform.tfvars .terraform/ -
Store state remotely in GCS backend with locking.
-
Apply least privilege IAM roles for service accounts.