Terrateam executes the following steps when it receives an event from GitHub:
- Is it a Terrateam event? - Only events related to pull requests are processed.
- Does the pull request include infrastructure changes? - The list of changed files is examined and if any changes match your Terrateam configuration, the pull request is considered an infrastructure change.
- Can the user perform this operation? - The initiator of the plan or apply is evaluated against the RBAC rules to ensure that they have permission to perform the change.
- Has the pull request passed apply requirements? - If the user has initiated an apply, verify that the pull request has passed all configured checks.
- Do plans exist? - If the user has initiated an apply, do plans exist for the changes?
- Are there any locks? - If another user has a change that is in progress that impacts the same set of resources as those in the pull request, Terrateam does not allow an apply. A change being "in progress" means it has either been merged to the main branch or applied. This check ensures that the code is synchronized with your deployed infrastructure.
- Are there any conflicting operations? - Check that no apply is currently in progress that would conflict with this change.
- Initiate the Terrateam GitHub Action - If all of these checks have passed, initiate the Terrateam GitHub Action. The GitHub Action performs the plan or apply on the changes the user specified.
- Report results back to user - When the GitHub Action completes, it reports the results to the Terrateam service which then reports them back to the user.
All feedback is reported to the pull request via comments, users can stay in GitHub through the entire process. Terrateam is built on GitOps principles which means it is entirely configured within the repository.
For a more detailed explaination, see the How it Works section of the documentation.