Publish Terraform Modules with JFrog CLI

Run Terraform commands with Artifactory provider integration and optional build-info collection.

This topic covers the following tasks:

• Configure Terraform for Artifactory (jf terraform-config)
• Publish Terraform modules (jf terraform)

When to Use

Use jf terraform to publish Terraform providers and modules to Artifactory. This command packages and deploys Terraform artifacts — it does not wrap terraform init or terraform plan.

Prerequisites

• Configure a server with jf config add or jf c add.
• Authentication to Artifactory is required.
• A local Terraform repository must exist in Artifactory. Create one via Administration → Repositories → Add Repositories → Local, selecting Terraform as the package type.
• Run jf terraform-config in the project directory before the first operation.

📘

Note

: The terraform CLI binary is not required. jf terraform packages and publishes modules directly — it never invokes the terraform binary.

Configuration: jf terraform-config

Generate Terraform configuration for deployment to Artifactory. Run this once per project before your first Terraform operation.

To configure Terraform for Artifactory:

1. From your project directory, run jf terraform-config with --server-id-deploy and --repo-deploy (see Non-Interactive Configuration with Flags).
2. Confirm .jfrog/projects/terraform.yaml exists (see How to Verify).

Synopsis

jf terraform-config [options]

Aliases: tfc

Configuration Options

Configuration Examples

View Help

jf terraform-config --help

Non-Interactive Configuration with Flags

jf terraform-config --server-id-deploy=<server-id> --repo-deploy=<repo-name>

Where:

• <server-id>: The server ID configured using jf config add
• <repo-name>: The name of the Terraform repository in Artifactory

For example:

jf terraform-config --server-id-deploy=my-server --repo-deploy=terraform-local

Why Run Config First?

You must run jf terraform-config before using jf terraform for deployment. The config creates .jfrog/projects/terraform.yaml specifying the Artifactory repository for Terraform provider/module uploads. Without it, jf terraform does not know where to deploy artifacts.

👍

Shortcut

: In CI/CD, pass all flags non-interactively so the config step is fully automated and reproducible. Ensure the .jfrog/projects/terraform.yaml file does not already exist before running, or delete it first — if the file exists, the CLI prompts interactively: Configuration file already exists. Override it? (y/n), which blocks non-TTY environments.

Configuration Notes

• Deployment only: Terraform config supports artifact deployment but not resolution. Terraform providers are resolved via Terraform's own registry mechanism.
• Run once per project: Re-run when changing the deployment repository. If the config file already exists, the CLI will prompt for confirmation before overwriting.

Expected Output

$ jf terraform-config --server-id-deploy=my-server --repo-deploy=terraform-local
terraform build config successfully created.

How to Verify

After running, confirm the configuration exists:

cat .jfrog/projects/terraform.yaml

Expected file contents:

version: 1
type: terraform
deployer:
    repo: terraform-local
    serverId: my-server

📘

Note

: Unlike other build tools, there is no resolver section — Terraform config supports deployment only.

Build: jf terraform

Run Terraform commands with Artifactory provider integration and optional build-info collection.

To publish Terraform modules to Artifactory:

1. Run jf terraform-config in the project directory if you have not already (see Configuration).
2. From the module directory, run jf terraform (or jf tf) with the publish subcommand and required --namespace, --provider, and --tag flags (see Build Examples).

Synopsis

jf terraform <terraform-arguments> [options]

Aliases: tf

Arguments

Build Options

Build Examples

Publish a Terraform Module

The command creates a package for the Terraform module in the current directory and publishes it to the configured Terraform repository:

jf tf p --namespace=<namespace> --provider=<provider> --tag=<tag>

Where:

• <namespace> is the Terraform namespace (for example, example, myorg)
• <provider> is the Terraform provider name (for example, aws, azure, gcp)
• <tag> is the version tag (for example, v0.0.1)

For example:

jf tf p --namespace=example --provider=aws --tag=v0.0.1

Publish with Exclusions

The published package will not include module paths matching test or ignore:

jf tf p --namespace=example --provider=aws --tag=v0.0.1 --exclusions="*test*;*ignore*"

Publish with Build-Info

The published module will be recorded as an artifact of build my-build with build number 1:

jf tf p --namespace=example --provider=aws --tag=v0.0.1 --build-name=my-build --build-number=1
jf rt build-publish my-build 1

Important Notes

• Mandatory flags: --namespace, --provider, and --tag are required for all publish operations — both module and provider publishing.
• Terraform providers: This command is used to publish and manage Terraform providers and modules in Artifactory, not for general Terraform workflows.
• Build-info: Use --build-name and --build-number to track provider/module deployments.

CI/CD Example (GitHub Actions)

# .github/workflows/build.yml
steps:
  - uses: actions/checkout@v4
  - name: Setup JFrog CLI
    uses: jfrog/setup-jfrog-cli@v4
    env:
      JF_URL: ${{ vars.JF_URL }}
      JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
  - name: Configure Terraform
    run: jf terraform-config --server-id-deploy=setup-jfrog-cli-server --repo-deploy=terraform-local
  - name: Publish Terraform module
    run: jf tf p --namespace=example --provider=aws --tag=v0.0.1 --build-name=my-terraform --build-number=${{ github.run_number }}
  - name: Publish build info
    run: jf rt build-publish my-terraform ${{ github.run_number }}

Troubleshooting

Enable debug logging: export JFROG_CLI_LOG_LEVEL=DEBUG

Related Topics

• Build Tools Overview — Capabilities matrix and tool reference
• Native Mode — Supported packages with Native Mode