Setup CONTRIBUTIONS.md

Tapir

A Private Terraform Registry

Tapir is the registry you always wanted if you are using Terraform at enterprise scale. Core values of Tapir is to provide

visibility
transparency
increases adoption rate
security
quality for your Terraform modules.

Feedback

You can send feedback and feature requests via GitHub issues. Either vote existing issues or feel free to raise an issue.

Why?

Modules

Terraform modules are reusable parts of infrastructure code. The most crucial part of re-usability is transparency and visibility. Since Terraform supports Git-based modules there are several disadvantages that come along with this capability.

Access to Git repos are often designed on team level, no access for others per default
Search capabilities are very limited, in terms you are searching for specific Terraform modules
You may not get insights in the codes quality and security measures
Module versioning is not enforced
Documentation formats vary or docs are missing at all. This is where Tapir jumps in.

Providers

If you make use of custom providers, or just want to have them mirrored you need an Artifactory to store the binaries. Additionally, users of the module need to break out the Toolchain and manually setup providers and copy them into the global provider directory. Supporting Terraform providers, Tapir does not help you to get your providers visible, but also keeps the users within the toolchain of Terraform only. That means:

Build providers with the same process and pipeline and make use of official HashiCorp provider project template.
Increase security and enforce providers to be GPG signed. Running terraform init will check if SHASUMS are valid before downloading the actual provider binary.
Help your users to focus on the infrastructure code rather that the setup. Tapir provides ready-to-copy code with a proper provider config example.

About Tapir

Tapir is an implementation of the official Terraform registry protocol. You can easily run an instance on your own with the full flexibility and power a central registry has.

It will provide you a simple, but powerful UI to search for modules and providers that are available across your organization.
It implements the official Terraform registry protocols
- modules and providers supported
It scans the module source code on push, you will have insights about the code quality and security measures
- Tapir integrates Trivy for that purpose
It generates documentation and stats for the module
- See module dependencies, inputs, outputs and resources that will be generated
- Tapir integrates terraform-docs for that purpose
It provides several storage adapters
- currently S3, AzureBlob and Local
It provides several database adapters for the data
- currently Dynamodb (default), Elasticsearch, CosmosDb
It provides a REST-API for custom integrations and further automation Tapir is build on Quarkus and ReactJS. You can run Tapir wherever you can run Docker images.
If you run Tapir with local storage, it can even be operated in an air-gaped environment, with no internet access

Apart from the above, this is what Wikipedia knows about Tapirs.

Overview

Deployment

NOTE starting with version 0.6.0 authentication is required. Hence, you need an OIDC IDP to run Tapir. Read more about the authentication below.

You can run Tapir wherever you can run Docker images. Images are available on DockerHub pacovk/tapir and AWS Elastic Container Registry public.ecr.aws/pacovk/tapir. There are samples with Terraform in examples/.

Other deployment options available are:

Helm Chart

Configure

Tapir is configured via environment variables. You can learn how to set up Tapir here.

How-to

To see how to use Tapir, please read the usage docs.

Troubleshoot

See troubleshooting docs

Roadmap

Add more storage adapter
- GCP
Add more Database adapter
- Postgresql
Provide a Github/ Gitlab integration to crawl for additional code metrics and ownership informations

Contribution

If you want to contribute to this project, please read the contribution guidelines. A detailed How-to guide on local development can be found in the docs.

Actively searching for contributors.
Feedback is always appreciated 🌈
Feel free to open an Issue (Bug- /Feature-Request) or provide a Pull request. 🔧

Contributors ✨

Thanks go to these wonderful people (emoji key):

_PacoVK 👀 📆 🚧 💡 💻 📖	_{Andrea Defraia} 💡	_Wmxs 🐛 🤔	_{Jonasz Łasut-Balcerzak} 💡 💻	_{Tim Chaffin} 👀	_{Tim Chaffin} 📖	_{Tom Beckett} 💡 💻
_{Oleksandr Kuzminskyi} 🐛	_{GrzegorzHejman} 🐛	_{Cédric Braekevelt} 🐛