Skip to content

Drift Detection

Drift Detection runs a Plan operation againt all Dirspaces in a repository. If changes are found then a GitHub Issue in the repository is automatically created. Reconciliation can optionally be enabled.

Terrateam Configuration Terrateam behavior can be configured via a config.yml. This file is located in a directory named .terrateam at the root of your Terraform repository: .terrateam/config.yml.

See Configuration documentation for details.

Configuration

Top-level key: drift

See Configuration Reference documentation for details.

KeyTypeDescription
enabledBooleanSpecified whether drift detection is enabled. If set to false, drift detection and reconciliation will not run. Default is false.
scheduleStringThe interval to run drift detection and reconciliation: hourly, daily, weekly, monthly
reconcileBooleanSpecified whether reconciliation is enabled. Default is false.

Default configuration:

drift:
  enabled: false
  reconcile: false

Example configuration:

drift:
  enabled: true
  reconcile: false
  schedule: daily

Drift Detection operations are equivalent to Plan operations. Existing Workflows and Hooks run for all Drift Detection operations. The following environment variable is defined for Plan and Apply operations initiated by Drift Detection:

  • TERRATEAM_RUN_KIND=drift

Schedule

The schedule key can be set to one of the following values:

  • hourly
  • daily
  • weekly
  • monthly

There is no default and this key is required.

Reconciliation

The reconcile key will enable or disable reconciliation. Drift Detection automatically runs a Plan operation against all of a repositories Dirspaces. If changes are found and reconciliation is enabled then an Apply operation will automatically run against the Terraform Plan file that is generated.

Notifications

GitHub Issues

If changes are found during Drift Detection initiated operations then a GitHub Issue can be created with the following configuration:

hooks:
  plan:
    post:
      - type: drift_create_issue

Duplicate issues for identical changes will not be created.

GitHub Issue Drift Detected

Slack

It’s easy to create a Slack notification using the official GitHub integration for Slack.

  1. Install the app against your desired Slack workspace and channel
  2. Use the /github command to subscribe to your Terraform repository: 
    /github subscribe owner/repo issues

Slack Drift Detected

Custom Notifications

To create a custom notification or action when Drift Detection initiated operations find changes, one could implement a custom hook using the Terrateam configuration file.

Hooks

hooks:
  plan:
    post:
      - type: run # run drift-notify.sh on every drift run with changes
        cmd: ['bash', '-c', '$TERRATEAM_ROOT/drift-notify.sh']

Example notification script

#!/usr/bin/env bash
set -e

if [[ "$TERRATEAM_RUN_KIND" == "drift" ]] && [[ -f "$TERRATEAM_RESULTS_FILE" ]]; then
  jq < "$TERRATEAM_RESULTS_FILE"
fi