terraform-infra
npx skills add https://github.com/oimiragieo/agent-studio --skill terraform-infra
Agent 安装分布
Skill 文档
Terraform Infrastructure Skill
Installation
The skill invokes the Terraform CLI. Install:
- macOS:
brew tap hashicorp/tap && brew install hashicorp/tap/terraform - Windows:
choco install terraformor download from HashiCorp - Linux (apt): Add HashiCorp repo then
sudo apt update && sudo apt install terraform(see HashiCorp install)
Verify: terraform --version
Cheat Sheet & Best Practices
Workflow: terraform init â terraform fmt â terraform validate â terraform plan -out=tfplan â review â terraform apply tfplan. Use terraform show tfplan to inspect.
Hacks: Always run plan before apply; never apply blind. Use remote state (e.g. S3 + lock) for team work. Prefer -auto-approve only in CI with reviewed plans. Use terraform state list and terraform state show <resource> to debug. Use service accounts / workload identity in pipelines; avoid static keys.
Certifications & Training
HashiCorp Terraform Associate (004): IaC concepts, Terraform fundamentals, state, modules, Terraform Cloud. Learning path. Skill data: init â fmt â validate â plan -out â apply; remote state; no blind apply.
Hooks & Workflows
Suggested hooks: Pre-apply: run terraform plan -out=tfplan and gate on review. CI: apply only after plan approval. Use with devops (primary).
Workflows: Use with devops (primary). Flow: init â plan â review â apply; use state commands for debugging. See ci-cd-implementation-rule for pipeline integration.
Overview
Provides 90%+ context savings vs raw Terraform MCP server. Includes critical safety controls for infrastructure operations.
Requirements
- Terraform CLI (v1.0+)
- Cloud provider credentials configured
- Working directory with .tf files
Tools (Progressive Disclosure)
Planning & Validation
| Tool | Description | Confirmation |
|---|---|---|
| plan | Generate terraform plan | No |
| validate | Validate configuration | No |
| fmt | Format terraform files | No |
State Operations
| Tool | Description | Confirmation |
|---|---|---|
| show | Display current state | No |
| list | List state resources | No |
| state-mv | Move resource in state | Yes |
Workspace Operations
| Tool | Description | Confirmation |
|---|---|---|
| workspace-list | List workspaces | No |
| workspace-select | Select workspace | No |
| workspace-new | Create workspace | Yes |
Execution (â ï¸ Dangerous)
| Tool | Description | Confirmation |
|---|---|---|
| apply | Apply changes | REQUIRED |
Blocked Operations
| Tool | Status |
|---|---|
| destroy | BLOCKED |
| state-rm | BLOCKED |
Quick Reference
# Initialize
terraform init
# Plan changes
terraform plan -out=tfplan
# Validate
terraform validate
# Apply (requires -auto-approve for automation)
terraform apply tfplan
Configuration
- Working directory: Must contain terraform files
- TFVAR*: Variable values via environment
- TF_WORKSPACE: Active workspace
Safety Controls
â ï¸ terraform apply ALWAYS requires confirmation â ï¸ terraform destroy is BLOCKED by default â ï¸ State modifications require confirmation â ï¸ Review plan output before apply
Agent Integration
- devops (primary): Infrastructure management
- architect (secondary): Infrastructure design
- cloud-integrator (secondary): Cloud provisioning
Troubleshooting
| Issue | Solution |
|---|---|
| Init failed | Check provider credentials |
| State locked | Check for other operations |
| Plan failed | Review error output carefully |
Memory Protocol (MANDATORY)
Before starting:
Read .claude/context/memory/learnings.md
After completing:
- New pattern ->
.claude/context/memory/learnings.md - Issue found ->
.claude/context/memory/issues.md - Decision made ->
.claude/context/memory/decisions.md
ASSUME INTERRUPTION: If it’s not in memory, it didn’t happen.