// the find
terramate-io/terramate
Open-source Infrastructure as Code (IaC) orchestration platform: GitOps workflows, orchestration, code generation, observability, drift detection, asset management, policies, Slack notifications, and more. Integrates with Terraform, OpenTofu, Terragrunt, Kubernetes, GitHub Actions, GitLab CI/CD, BitBucket Pipelines, and any other CI/CD platform.
Terramate is a Go-based orchestration layer that sits on top of Terraform, OpenTofu, or Terragrunt. It adds stack-level change detection via Git, code generation to keep configs DRY, and GitOps-friendly CI/CD blueprints. It's for teams running large monorepo IaC setups where running the full plan on every PR is too slow or too risky.
Git-based change detection is the core value proposition and it's done well — it tracks changes in referenced modules and upstream dependencies, not just the stack directory itself. The code generation for backend and provider configs is genuinely useful for large monorepos where copy-paste HCL drift is a real problem. Onboarding is non-destructive: you can add it to an existing Terraform repo with one command and it won't touch your existing state or HCL. The in-repo test server (cloud/testserver) means cloud integration tests don't require a live account, which is a sign of mature test infrastructure.
The good stuff (drift detection, observability, asset management, misconfiguration policies) is all in Terramate Cloud, the SaaS tier — the open-source CLI is the loss leader. With only 124 forks against 3.6k stars, community contribution is thin; this is effectively a company-controlled tool with an open-source CLI wrapper. The HCL-based config language adds a new thing to learn on top of HCL you're already writing for Terraform, and globals/generate blocks have their own quirks that will surprise you. At scale, the graph-based orchestration works well, but the documentation on ordering guarantees and failure modes in parallel runs is sparse — you'll be reading source code when things go wrong.