Skip to main content

Automatic provider publishing

When generating a Terraform provider, liblab will also create a GitHub action that can be used to automatically publish your provider to the Terraform Registry.

Generated publish action

When you generate a Terraform provider with liblab build, liblab not only generates the Terraform Provider code, but it also generates a GitHub action that will automatically publish your provider to the Terraform Registry when you tag a commit in the repo.

This action is located in the .github/workflows directory, named publish-provider.yml.

Pre-requisites

Before you can run this action to publish your provider to the Terraform Registry, you need to have the following set up:

  • A GitHub repository for your provider that must match the following naming convention

    terraform-provider-<NAME>

    where <NAME> is the name of your provider. This is the repository that your Terraform provider code will be added to.

  • The following actions secrets set up in your repository:

    • GPG_PRIVATE_KEY - a GPG key used to sign the provider before publishing it to the Terraform Registry
    • PASSPHRASE - The passphrase for the GPG key

Running the action

The action is triggered when a commit in the repository is tagged, and the tag is in the format vX.Y.Z, where X, Y, and Z are numbers, for example, v1.0.0. This tag is then used to create a release in the repository, and that release is then used to publish the provider to the Terraform Registry.

The tag is used as the provider version, so to successfully publish to Terraform this tag must be in the format vX.Y.Z.

The action will take care of the rest, including signing the provider with the GPG key and pushing it to the Terraform Registry. It will be published under the namespace of your organization or user, and the name of the provider will be the same as the repository name.

Example

GitHub repo nameGitHub tagTerraform RegistryProvider version
https://github.com/excitingsoda/terraform-provider-my-sodav1.0.0excitingsoda/my-sodav1.0.0

The version will be derived from the tag name. For example if your tag was v1.0.0, the provider will be published with version v1.0.0.