The standards of pre-built providers and the process of testing and maintaining them

I get how to add more pre-built providers in this topic
Request new providers for CDKTF , and I still have some confusion.

  1. The answer in the topic mentions that the threshold to get a request approved is quite high. What are the criteria for request approve? Is it related to the popularity or the quality
    of the provider?
  2. Is there currently a automatic testing mechanism in place to ensure the pre-built providers’ quality, like integration testing?
  3. Do pre-build packages and its provider have similar release cycles? If the request is approved, do I need to put in the effort to maintain this repo afterward?
  1. We just recently published our policy for this here. The key is that we will no longer consider providing prebuilt packages for any Community providers, so the only ones we’d consider adding at this point are Partner providers. Those requests are more likely to be approved if we get a direct request from the Partner themselves (for example: MongoDB reached out to us to request a prebuilt mongodbatlas provider); if a regular community member requests a prebuilt package for a Partner provider, we may ask additional questions about the use case and look in our telemetry data to see how much this provider is being used already.
  2. There isn’t any special integration testing for prebuilt providers, no, although we do have a few internal tests and example repos that rely on the prebuilt AWS provider. Usually if there are issues affecting any prebuilt providers, they affect all of them, and we work to address those issues as quickly as we’re alerted to them. It is possible but rare for an issue to affect one specific prebuilt provider; if that happens, the root cause of the issue is typically something in the underlying Terraform provider that needs to be addressed there, and not in any of the CDKTF layers. I’ll also add that the process of generating the CDKTF bindings is complex enough that if the build automation is passing, that usually is a good sign that the prebuilt provider will work; it is rare for the build to pass but the prebuilt package to not be working.
  3. To address the first question, our cdktf-provider-project comes with automation that checks nightly (via GitHub Actions) whether there’s a new version of the underlying Terraform provider, and if so, it will publish a new version of the prebuilt package. So, generally, yes, the release cycles should be the same with a margin of 1 day.

To address the second question, there’s really two options here:

  1. You could make a request for HashiCorp to start publishing a prebuilt package for a given Terraform provider. If that request is approved, HashiCorp will handle all of the maintenance so nothing further is expected from you. However, I want to set realistic expectations about the likelihood of this being approved; our team is basically maxed out on the amount of ongoing maintenance we can handle, which is why we’re intentionally being as restrictive as we can possibly be about publishing additional prebuilt providers ourselves.
  2. You can publish your own prebuilt package. The easiest way to do that is to use the cdktf-provider-project; the instructions for that are here (ignore the line that says “Add a new repository over here”; that’s not relevant in this scenario). We know the documentation is a bit sparse and we’re going to be working to improve the instructions in the coming weeks because we’ve been getting more and more of these requests. In any case, if you go with this option, the ongoing maintenance of the prebuilt package is your own responsibility. Many things (like routine dependency upgrades and the nightly checks for new provider versions) are automated, but every now and then the automations fail (with causes ranging from GitHub outages or rate limits, to JSII dependency upgrades having subtle breaking changes, to the underlying Terraform provider publishing a new version that causes an issue) so investigating those failures will take some time.

Hope this helps.

Thanks a lot! It’s very helpful!

Hi, xiehan!
Does the above process work for all five supported languages? May I ask if it is possible to choose to build some resources instead of all resources supported by the Provider? And if there is a problem with the usage, how do we go about updating it, do we just go and update the Provider to update the pre-build packages?
Thank you!