Back to BlogRSS
August 7, 2025josh-pollara
terrateamgitlabgitopsterraformopentofuinfrastructureannouncement

Announcing GitLab Support in Terrateam

GitLab.com and self-managed instances fully supported

Terrateam now supports GitLab (GitLab.com and self-managed). Run Terraform or OpenTofu from merge requests with the same policies and audit trail you use today.

What’s new

  • MR-driven plan/apply: plans post as MR comments; apply via terrateam apply or apply-after-merge.
  • Guardrails: approvals, passing status checks, and no merge conflicts before apply.
  • Access control: restrict who can plan/apply by environment, directory, or tag via .terrateam/config.yml.
  • Short‑lived credentials: OIDC for AWS/Azure/GCP instead of long‑lived keys.
  • Runs on your infra: use your GitLab Runners.

Supported workflows

  • Monorepo or multi-repo: scope runs by directory; tag directories for policy targeting.
  • Parallel runs with ordering: run independent directories in parallel; declare simple dependencies when order matters.
  • Apply-after-merge: optional auto-apply when the MR merges (recommended for non‑prod).
  • Comment-to-apply: terrateam apply to execute applies from the MR thread.
  • Drift & cost hooks: integrate drift checks and cost estimation in review, before apply.

Compatibility

  • Git providers: GitLab.com and self‑managed GitLab.
  • IaC: Terraform, OpenTofu, CDKTF, Pulumi, and more.
  • State: keep your existing backend (S3 + DynamoDB, GCS, Azure Blob, etc.).
  • Runners: works with your GitLab Runners.

Security model

  • OIDC over static keys: use cloud-native identity to issue short‑lived credentials at run time.
  • Least privilege: tie roles to directories/environments; restrict applies to teams.
  • Audit trail: every plan/apply is linked to commit, MR, and user.

Example: enable OIDC for AWS

# .terrateam/config.yml
hooks:
  all:
    pre:
      - type: oidc
        provider: aws
        role_arn: "arn:aws:iam::123456789012:role/terrateam"

Deployment options

Cloud (managed)

Sign up at https://terrateam.io/signup and connect your GitLab account.

Self-hosted

  • Docker Compose — single-node
  • Kubernetes — HA + horizontal scaling

Docs: https://docs.terrateam.io/self-hosted

Get started

Standardize Terraform automation across GitLab projects with MRs, policies, and short‑lived credentials. Open your first MR and review the plan in‑line.