What is a Template?
A template in env0 defines a type of environment that can be deployed.
Click Run Now on a template to create a new environment.
A template consists of a name, a description, a valid set of configuration files describing the deployment, and a set of Variables and Secrets.
A template can be created out of two different types - Terraform or Terragrunt.
A Terraform type template requires your git repository to include the relevant
.tf files that describe your environment. When selected, the
terraform executable will be in charge of deploying your environment.
A Terragrunt type template requires your git repository to include the relevant terragrunt configuration with its valid folder hierarchy that consists of the relevant
.tf files. Learn more on the official Terragrunt documentation. When selected, the
terragrunt executable will be in charge of deploying your environment.
A Pulumi type template requires your git repository to include the relevant code that describes your environment. When selected, the
pulumi executable will run and deploy your environment.
A CloudFormation type template requires your git repository to include the CF template JSON or YAML that describes your environment. When selected, the
aws cloudformation commands will manage your environment.
A Kubernetes type template requires your git repository to contain the relevant YAML or JSON files to describe resources that are managed in your cluster. When selected, two executables are run -
Kustomize labels your resources so you'll know they are managed by env0, and as part of which environment they were created.
Kubectl runs the actual commands to manage the resources, and shows the plans and changes between deploys.
Create a Template
To create a new template, click ADD A NEW TEMPLATE on the top left in the Templates screen.
Enter the details for the git repository containing the relevant configuration files: the repository, a branch or tag name, and the path for the root directory of the Terraform/Terragrunt configuration.
Please note that you can only create templates in the Organization context, not Project.
If your VCS is not GitHub, GitLab or Bitbucket
You can either enter the details yourself, or copy the full URL of where your relevant configuration resides, and let env0 extract the values. Please note that extraction of values currently works for HTTP/S Git repositories only. If you use SSH, please enter your repository URL manually.
Also, in order to access a private repository, you will need a git access token. In the Select Token field, select a token from a list of predefined access token available to env0. To define a git access token in env0 see Manage Git Tokens.
Once your template is created, you can edit its Variables, by locating it in the template list, clicking on the Settings link and selecting the Variables tab. By default, your environment inherits variables set at the Organization level, but you can override these or create new ones.
For examples on how to create a template see examples.
Templates can only be added, deleted or edited in an Organization scope. In a Project scope, you can only associate or disassociate a template with the project.
You can view the Organization's templates in the Templates tab. You can view the template code, or create a new environment from the template.
If you have appropriate permissions, you can change the settings of an existing template. For example, you can refer it to another Terraform/Terragrunt configuration, in a different repo, branch, or tag, or edit the variables.
You can also delete a template, in which case it can no longer be used to create new environments.
Changes you make to your template will only affect new deployments based on the template. To update an Active environment with the template changes you must redeploy the environment.
On-Premises Git Servers Support
In case that your git server is on your private network, you need to enable port forwarding and grant public access using a public IP (and a high port number). It is strongly recommended that you open that port in your firewall for incoming traffic only from env0's IPs (detailed below) in order to ensure proper and secure access to your git server.
Current env0 outgoing IP addresses are -
Manage Git Connectivity
To access a private Git repository via HTTP/S, env0 needs a read-only access token.
Git access tokens are managed centrally in env0 and are referred to by templates.
Only users with an Organization Admin role can manage git tokens in env0.
To see the list of git tokens, select the Credentials tab in Organization Settings page. You can add or remove git tokens.
To add a new git token, click Add Token. Enter a name for the token, and the token value from your git hosting service.
If your git hosting service requires a username as well as a token (such as BitBucket or Gitlab), enter the token value as
For details on how to generate an access token, refer to the documentation of your git hosting service:
- Personal access tokens (Github)
- Personal access tokens (GitLab)
- App Passwords (Bitbucket)
- Personal access tokens (AzureDevOps)
To access a private Git repository via SSH, env0 needs a private SSH key that has been allowed to access the Git repository.
SSH Keys are managed much like tokens, and can be configured on the Organization level by Admins.
To enable SSH connectivity to your Git repository, first associate an SSH key with your template
Automatic Retry Policy
When running your IAC flow, you might want env0 to automatically retry in case of an error.
Automatic retries are configured per template.
To enable automatic retry
- Find the "Retry on failure" section at the bottom of template settings page.
- Choose if you would like your template to be retried on Deploy, Destroy, or in both cases, and the number of times to retry.
- You can also define a Regex pattern so env0 will only retry on certain errors. If you do not provide a Regex pattern, all errors will be retried.
Updated 10 months ago