• Terraform and OpenTofu support
• Quickstart an OpenTofu project in pipelines
• Quickstart a Terraform project in pipelines
  • Latest Terraform template (deprecated)
  • Stable and advanced Terraform templates (deprecated)
  • Use a Terraform template (deprecated)
  • Build and host your own Terraform CI/CD templates
  • Terraform template recipes
• Related topics

Infrastructure as Code with OpenTofu and GitLab

To manage your infrastructure with GitLab, you can use the integration with OpenTofu to define resources that you can version, reuse, and share:

• Manage low-level components like compute, storage, and networking resources.
• Manage high-level components like DNS entries and SaaS features.
• Use GitLab as an OpenTofu state storage.
• Store and use OpenTofu modules to simplify common and complex infrastructure patterns.
• Incorporate GitOps deployments and Infrastructure-as-Code (IaC) workflows.

Watch a video overview of the features GitLab provides with the integration with OpenTofu.

The following examples primarily use OpenTofu, but they can work with Terraform as well.

Terraform and OpenTofu support

GitLab integrates with both Terraform and OpenTofu. Most features are fully compatible, including:

• GitLab-managed Terraform/OpenTofu state
• Terraform/OpenTofu integration in merge requests
• Terraform/OpenTofu Module Registry

For simplicity, the GitLab documentation refers primarily to OpenTofu. However, differences between the Terraform and OpenTofu integration are documented.

Quickstart an OpenTofu project in pipelines

OpenTofu can integrate with all Terraform-specific GitLab features with the GitLab OpenTofu CI/CD component.

You can add a validate, plan, and apply workflow to your pipeline by including the component:

include:
  - component: gitlab.com/components/opentofu/validate-plan-apply@<VERSION>
    inputs:
      version: <VERSION>
      opentofu_version: <OPENTOFU_VERSION>
      root_dir: terraform/
      state_name: production

stages: [validate, build, deploy]

For more information about templates, inputs, and how to use the OpenTofu CI/CD component, see the OpenTofu CI/CD component README.

Quickstart a Terraform project in pipelines

The integration with GitLab and Terraform happens through GitLab CI/CD. Use an include attribute to add the Terraform template to your project and customize from there.

To get started, choose the template that best suits your needs:

• Latest template
• Stable template and advanced template

All templates:

• Use the GitLab-managed Terraform state as the Terraform state storage backend.
• Trigger four pipeline stages: test, validate, build, and deploy.
• Run Terraform commands: test, validate, plan, and plan-json. It also runs the apply only on the default branch.
• Check for security problems using IaC Scanning.

Latest Terraform template (deprecated)

The latest template is compatible with the most recent GitLab version. It provides the most recent GitLab features, but can potentially include breaking changes.

You can safely use the latest Terraform template:

• If you use GitLab.com.
• If you use a self-managed instance updated with every new GitLab release.

Stable and advanced Terraform templates (deprecated)

If you use earlier versions of GitLab, you might face incompatibility errors between the GitLab version and the template version. In this case, you can opt to use one of these templates:

• The stable template with a skeleton that you can built on top of.
• The advanced template to fully customize your setup.

Use a Terraform template (deprecated)

To use a Terraform template:

1. On the left sidebar, select Search or go to and find your project you want to integrate with Terraform.
2. Select Code > Repository.

3. Edit your .gitlab-ci.yml file, use the include attribute to fetch the Terraform template:

   include:
    # To fetch the latest template, use:
     - template: Terraform.latest.gitlab-ci.yml
    # To fetch the advanced latest template, use:
     - template: Terraform/Base.latest.gitlab-ci.yml
    # To fetch the stable template, use:
     - template: Terraform.gitlab-ci.yml
    # To fetch the advanced stable template, use:
     - template: Terraform/Base.gitlab-ci.yml
   

4. Add the variables as described below:

   variables:
     TF_STATE_NAME: default
     # If your terraform files are in a subdirectory, set TF_ROOT accordingly. For example:
     # TF_ROOT: terraform/production
   

5. Optional. Override in your .gitlab-ci.yml file the attributes present in the template you fetched to customize your configuration.

Build and host your own Terraform CI/CD templates

Although GitLab no longer distributes the Terraform CI/CD templates and terraform-images (the underlying job images, including terraform), you can still use Terraform in GitLab pipelines.

To learn how to build and host your own templates and images, see the Terraform Images project.

Terraform template recipes

For GitLab-curated template recipes, see Terraform template recipes.

Related topics

• Use GitLab as a Terraform/OpenTofu Module Registry.
• To store state files in local storage or in a remote store, use the GitLab-managed Terraform/OpenTofu state.
• To collaborate on Terraform code changes and IaC workflows, use the Terraform integration in merge requests.
• To manage GitLab resources like users, groups, and projects, use the GitLab Terraform provider. The GitLab Terraform provider documentation is available on the Terraform docs site.
• Create a new cluster on Amazon Elastic Kubernetes Service (EKS).
• Create a new cluster on Google Kubernetes Engine (GKE).
• Troubleshoot issues with GitLab and Terraform.
• View the images that contain the gitlab-terraform shell script.