Is there any benefit to using workspaces over just introducing some variables and having an 'environment' variable?
You can have a directory per environment and a directory of shared resources that are used by all environments.
It seems like workspaces add a new construct to be learned and another thing to add to all commands without much benefit. Could we just stick with the simple way of doing this?
The proposal shows an example on how to isolate environments without duplicating some code. It acts, more or less, as a template for the architecture which you render it according to the values (environments/accounts).
I agree it isn't a simplest way to do that, but I don't think that it add as much complexity this. Perhaps it could be more laborious for the point of view of architecture, but it could be easier to handle and maintain.
Been a while since I used workspaces but my understanding is that you have:
- a directory that has the infrastructure code
- a directory per environment that has the specific configuration to be applied to that environment
It's a pretty classic separation of code and config. Might not be intuitive to everyone I guess, but that separation is very beneficial I find.
For instance, adding a new environment is relatively trivial. Not something you do all the time granted, but I have had the need on occasions.
You described my pattern. I don’t care for it. I just don’t know what other pattern I could apply. It can get really messy and the code duplication is a headache. Humans don’t read the middle if that makes sense. So you’re having to keep a very keen eye on making the environment directories the same in my experience.
Things like terragrunt can be really helpful. I don’t use terraform without it.
Performance. I've seen workspaces with just a thousand resources take 30 minutes to plan and apply. That's a pretty reasonable number to get to if you have per developer or per customer environments, or deploy infrastructure to multiple regions.
They seem to play nicer with Terraform Cloud, when I've used it. I'm not sure how useful they are if it's just vanilla tf, especially if your codebase is simple. I guess it's just extra isolation for safety, perhaps.
You can have a directory per environment and a directory of shared resources that are used by all environments.
It seems like workspaces add a new construct to be learned and another thing to add to all commands without much benefit. Could we just stick with the simple way of doing this?