Member-only story
Using Dependabot to update private Terraform modules
Dependabot is an offering from GitHub mostly known for updating software package versions in the common range of software languages (pip, npm, gems etc).
It can also be used for managing private Terraform module versions across your GitHub organisation, to ensure that your Terraform deployment repositories keep up with the latest features and fixes from your private Terraform modules.
NOTE: This setup is only available for GitHub organisations (unless your Terraform modules are publically available).
The setup
This article assumes you have the following repository layout for deploying your Terraform modules:
- One module repository containing your Terraform module(s)
- One “deployment” repository, which calls your Terraform module via specific release versions to deploy it into your cloud estate.
We’ll now dive into the configuration required on both sides to allow Dependabot to manage updates to your private Terraform modules.
Module repository:
Your Terraform module should be stored in a repository and versioned with releases using semantic versioning (this will be used by Dependabot to detect new versions. If you have multiple Terraform…
