Terraform + Ansible can handle anything. My suggestion is to write external Terraform providers to cover infrastructure pieces with whatever language your company uses (you said nodejs above), as that's a realistic expectation to have installed everywhere.
Ansible should be used to ease anything that requires a -> b -> c flow. Doing this with Terraform is possible, yet I find it's much more digestable at a glance with Ansible hence why I suggest using them side-by-side.
Think of Terraform as your environment builder, and Ansible as your task-runner to run things in said environment.
It's also important to have things structured well. My current position uses a Makefile across all Terraform projects with well defined plan/apply key-words that are applicable across them all. Terraform should also have a single "module repo" with nested modules accessed via:
source = "git@gitrepo.fqdn:org/project.git//path/to/thing?ref=commit_hash"
(don't forget to pin your modules!!)
I find that those two tools fill 95% of use-cases, and the other 5% are better served with one-off tools anyway.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Terraform + Ansible can handle anything. My suggestion is to write external Terraform providers to cover infrastructure pieces with whatever language your company uses (you said nodejs above), as that's a realistic expectation to have installed everywhere.
Ansible should be used to ease anything that requires a -> b -> c flow. Doing this with Terraform is possible, yet I find it's much more digestable at a glance with Ansible hence why I suggest using them side-by-side.
Think of Terraform as your environment builder, and Ansible as your task-runner to run things in said environment.
It's also important to have things structured well. My current position uses a Makefile across all Terraform projects with well defined plan/apply key-words that are applicable across them all. Terraform should also have a single "module repo" with nested modules accessed via:
source = "git@gitrepo.fqdn:org/project.git//path/to/thing?ref=commit_hash"
(don't forget to pin your modules!!)
I find that those two tools fill 95% of use-cases, and the other 5% are better served with one-off tools anyway.