GitHub Agentic Workflows can automate the tedious parts of Terraform provider upgrades. By combining a Terraform MCP server, reusable agents, and skills imported from a shared repository, the workflow detects new provider versions, scans for deprecated resources, applies safe migrations (including `moved` blocks), generates upgrade documentation, and opens a draft PR for human review. A real example shows upgrading AzureRM from 3.75.0 to 4.63.0, automatically migrating deprecated `azurerm_sql_*` resources to their MSSQL equivalents. Safety is enforced via Safe Outputs — PRs are always drafts and nothing merges automatically. The pattern reduces a 30–60 minute manual upgrade task to roughly 5 minutes of PR review.
Table of contents
The Real Problem with Terraform Provider UpgradesA Different Approach: Agentic WorkflowsGitHub Workflow: how it worksReal Example: AzureRM Provider UpgradeWhy This Matters for Platform Engineering TeamsPractical TakeawaysFinal ThoughtsSort: