PHPackages                             vortos/vortos-iac - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [DevOps &amp; Deployment](/categories/devops)
4. /
5. vortos/vortos-iac

ActiveLibrary[DevOps &amp; Deployment](/categories/devops)

vortos/vortos-iac
=================

Vortos IaC export — generates Terraform (.tf.json) from compiled framework resource declarations. Pure codegen: no cloud credentials, no network calls.

v1.0.0-alpha-128(yesterday)00MITPHPPHP &gt;=8.2

Since Jun 13Pushed yesterdayCompare

[ Source](https://github.com/Vortos/vortos-iac)[ Packagist](https://packagist.org/packages/vortos/vortos-iac)[ RSS](/packages/vortos-vortos-iac/feed)WikiDiscussions main Synced today

READMEChangelogDependencies (3)Versions (2)Used By (0)

Vortos IaC — Terraform Export
=============================

[](#vortos-iac--terraform-export)

Generates Terraform (`.tf.json`) files from resource declarations the framework already compiles — Kafka transports from `MessagingConfig`, the object-store bucket from `vortos-object-store`. Pure codegen: **no cloud credentials, no network calls, no infrastructure mutation**. Terraform stays the provisioning engine; Vortos config becomes the source of intent.

Quick start
-----------

[](#quick-start)

```
php bin/console vortos:make:infra-config --provider=confluent
```

This scaffolds `src/Shared/Infrastructure/Iac/AppInfraConfig.php`:

```
#[InfraConfig]
final class AppInfraConfig
{
    #[RegisterTerraformExporter]
    public function kafkaTopics(): KafkaTopicsExporterDefinition
    {
        return KafkaTopicsExporterDefinition::create('kafka-topics')
            ->provider(KafkaProvider::Confluent)
            ->clusterRef('confluent_kafka_cluster.main')
            ->outputFile('infra/kafka_topics.tf.json');
    }
}
```

Register it in your DI config (like any `MessagingConfig`), then:

```
php bin/console vortos:iac:export            # write infra/kafka_topics.tf.json (+ _variables)
php bin/console vortos:iac:export --dry-run  # print to stdout
php bin/console vortos:iac:export --check    # CI: exit 1 if files drifted
```

Resource *shape* (partitions, retention, replication) stays in each module's `MessagingConfig` — `partitions()`, `replicationFactor()`, `topicConfig()` are the provisioning intent. `InfraConfig` is app-level (one per project, a deployment concern), choosing only providers and output paths.

Providers
---------

[](#providers)

ResourceProvider enumTerraform resourceKafka topic`KafkaProvider::Confluent``confluent_kafka_topic` (confluentinc/confluent)Kafka topic`KafkaProvider::Kafka``kafka_topic` (Mongey/kafka — self-hosted &amp; MSK)Bucket`ObjectStoreProvider::Aws``aws_s3_bucket` (hashicorp/aws)Bucket`ObjectStoreProvider::CloudflareR2``cloudflare_r2_bucket` (cloudflare/cloudflare)Security model
--------------

[](#security-model)

- **Secrets cannot reach generated files.** `Env` references become typed Terraform `variable` blocks (`sensitive = true` when the name looks secret); values come from `terraform.tfvars`/CI at apply time. Literal values on secret-looking attributes fail the export (`->allowLiteral('path')` is the explicit, greppable opt-out). SASL/SSL/DSN settings are never exported — they are client auth, not topic infrastructure.
- **No injection surface.** Output is Terraform JSON, never templated HCL. `${...}` expressions are emitted only by validated variable/reference classes; `${`/`%{` in user data is escaped per spec.
- **Filesystem jail.** Output paths are relative, `.tf.json`-suffixed, traversal- and symlink-checked against the project dir, written atomically. Files lacking the generated-file header are never overwritten; there is no `--force`.
- **Compile-time failure.** Duplicate names/paths, unknown providers, bad globs, unresolvable placeholders fail the container build, not the export.

CI recipe
---------

[](#ci-recipe)

```
- name: Terraform drift check
  run: php bin/console vortos:iac:export --check
```

Run `terraform validate` / `plan` against the generated files in your infra pipeline as usual.

Adding a new resource family (maintainers)
------------------------------------------

[](#adding-a-new-resource-family-maintainers)

Four files, mirroring `Exporter/Kafka/`:

1. **Definition** — extend `AbstractExporterDefinition`; `compileSpec()` reads compiled container parameters and returns a static spec (use `PlaceholderTranslator::translate()` for any value that may hold an `%env(...)%` placeholder; throw `\LogicException` for misconfiguration).
2. **Exporter** — implement `ExporterInterface`; map the spec onto a `TerraformDocument` (`SpecValue::decode()` turns spec values into variables/references). Pure transform: no I/O.
3. **Provider mapper(s)** — one per Terraform provider if the family supports several (see `KafkaTopicMapperInterface`).
4. **Golden-file tests** — compile a fixture container, export, byte-compare rendered output (see `KafkaTopicsExportTest`).

Register the exporter service in `IacExtension` and add it to the `ExportRunner` exporter map.

###  Health Score

35

—

LowBetter than 77% of packages

Maintenance100

Actively maintained with recent releases

Popularity0

Limited adoption so far

Community2

Small or concentrated contributor base

Maturity31

Early-stage or recently created project

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/d4a94fd7127f8bdb58b2bb2249a140569a584b67b2df184f1e8594b497d397e2?d=identicon)[Sachintha-De-Silva](/maintainers/Sachintha-De-Silva)

### Embed Badge

![Health badge](/badges/vortos-vortos-iac/health.svg)

```
[![Health](https://phpackages.com/badges/vortos-vortos-iac/health.svg)](https://phpackages.com/packages/vortos-vortos-iac)
```

###  Alternatives

[friendsoftypo3/content-blocks

TYPO3 CMS Content Blocks - Content Types API | Define reusable components via YAML

101466.4k45](/packages/friendsoftypo3-content-blocks)[aeliot/todo-registrar

Register TODOs from source code in issue tracker

153.0k](/packages/aeliot-todo-registrar)[ecotone/symfony-bundle

Ecotone for Symfony — CQRS, Event Sourcing, Sagas, Durable Workflows, and Outbox on top of Symfony Messenger, via PHP attributes.

11241.1k1](/packages/ecotone-symfony-bundle)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)