Terraform automation that feels invisible.

OpenTaco is a CI/CD orchestrator purpose-built for Terraform.

Raise a PR and OpenTaco runs terraform plan automatically, posting the output as a comment. Approve and merge, it applies. State is versioned with rollback built in. Drift is detected on a schedule and filed as issues in GitHub.

Terraform runs natively in your CI. Your cloud credentials never leave your environment. No third-party compute, no secrets shared with a SaaS.

PR Automation Auto-plan on PR, apply on merge. PR-level locking prevents conflicts. Configurable approval gates.
State Management Versioned state with RBAC, cross-account support, and one-click rollback.
Drift Detection Scheduled scans detect infrastructure drift. Auto-creates issues in GitHub, Jira, Linear, or Slack.
Remote Runs Execute Terraform commands remotely via TFE protocol. Logs stream back to your terminal or CI.
Self-Hosted Run it on your infra. Open source. No vendor lock-in. Your secrets stay yours.

Most teams don't need Terraform Cloud. They need their existing CI to understand Terraform, to know what a plan is, what a state lock means, when to apply, and when to wait.

OpenTaco gives your CI that understanding.

trusted by

Uber · Decathlon · Hard Rock · Tigris · HP Enterprise · Checkatrade · URBN

Your CI already runs your code. Let it run your infrastructure too.

Get started View on GitHub