BestAlternative

les meilleures alternatives open source

English中文ItalianoDeutschFrançais

Digger

Visiter le siteVoir le dépôt

Open-source CI/CD orchestrator for Terraform with pull request automation, drift detection, and enterprise-grade security. Self-hostable with private runners.

Overview:

Digger (now rebranded to OpenTaco) is an open-source CI/CD system designed specifically for running Terraform and OpenTofu. It integrates natively into your existing CI pipeline, avoiding the need for a separate, dedicated CI system to manage infrastructure provisioning. By running Terraform jobs inside the same compute environment as your application CI, Digger aims to enhance security and reduce costs, as cloud access secrets are not shared with a third-party service. It is positioned as a tool for teams and developers already using Terraform who want to automate infrastructure changes through pull request workflows.

Core Features:

  • PR Automation: Runs Terraform plan and apply commands directly in pull request comments.

  • Private Runners: Uses your existing CI's compute environment, negating the need for separate, dedicated runners.

  • RBAC via OPA: Supports Open Policy Agent (OPA) for role-based access control policies.

  • PR-Level Locks: Provides locking mechanisms at the pull request level to prevent race conditions across multiple PRs, supplementing Terraform's native state locks.

  • Drift Detection: Includes functionality to detect infrastructure drift.

  • Self-Hosted Orchestrator: The minimal backend (orchestrator) that triggers CI jobs can be self-hosted.

Use Cases:

  • Developers automating Terraform deployments: Running plan and apply commands triggered by comments on pull requests.

  • Teams using existing CI systems: Reusing the same CI (e.g., GitHub Actions, GitLab CI) for both application and infrastructure code without duplicating the CI/CD stack.

  • Enforcing infrastructure access policies: Using Open Policy Agent (OPA) to define and enforce role-based access control for Terraform operations.

  • Managing multiple infrastructure environments: Coordinating Terraform runs across different projects or cloud accounts within a pull request workflow.

Why It Matters:

As an open-source tool, Digger offers a way to manage Terraform automation without introducing a second, specialized CI system. Its design keeps job execution within a team's existing CI environment, which can simplify security management by not exposing cloud secrets to an external platform. The ability to self-host the orchestration backend and the inclusion of features like PR-level locking and OPA-based RBAC provide a practical, developer-centric alternative to dedicated TACOS (Terraform Automation and Collaboration Software) such as Atlantis or Terraform Cloud.

PartagerXLinkedInReddit

Outils associés

Kestra26,774Prefect22,290Temporal19,974

Statistiques du projet

Étoiles

4,929

Forks

588

Licence

MIT

Métadonnées

Alternative à
Red Hat Ansible
Catégorie
Workflow Orchestration