Newer
Older
# include:
# # include the component located in the current project from the current SHA
# - component: gitlab.com/$CI_PROJECT_PATH/full-pipeline@$CI_COMMIT_SHA
# inputs:
# stage: build
#
# stages: [build, test, release]
stages:
- build
parallel:
matrix:
- OPENTOFU_VERSION: '1.6.0-rc1'
variables:
# OpenTofu image build variables:
DOCKER_DIND_IMAGE: "docker:24.0.7-dind"
PLATFORMS: linux/amd64,linux/arm64
BASE_IMAGE: "alpine:3.18.4"
GITLAB_OPENTOFU_IMAGE_NAME: "$CI_REGISTRY_IMAGE/internal/gitlab-opentofu-$OPENTOFU_VERSION:$CI_COMMIT_SHA"
gitlab-opentofu-image:
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
stage: build
services:
- "$DOCKER_DIND_IMAGE"
image: "$DOCKER_DIND_IMAGE"
before_script:
# See note on the `build terraform` job about this image
- docker run --rm --privileged tonistiigi/binfmt
# Registry auth
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
script:
- docker buildx create --use
# NOTE: we disable provenance for now
# because it causes troubles with the registry and older clients.
# See
# - https://gitlab.com/gitlab-org/terraform-images/-/issues/104
# - https://gitlab.com/gitlab-org/terraform-images/-/merge_requests/184#note_1328485943
- docker buildx build
--platform "$PLATFORMS"
--build-arg BASE_IMAGE=$BASE_IMAGE
--build-arg OPENTOFU_VERSION=$OPENTOFU_VERSION
--file Dockerfile
--tag "$GITLAB_OPENTOFU_IMAGE_NAME"
--provenance=false
--push
.
# Check if `component-job` is added.
# This example job could also test that the included component works as expected.
# You can inspect data generated by the component, use GitLab API endpoints, or third-party tools.
# ensure-job-added:
# stage: test
# image: badouralix/curl-jq
# script:
# - |
# route="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/jobs"
# count=`curl --silent --header "PRIVATE-TOKEN: $API_TOKEN" $route | jq 'map(select(.name | contains("component-job"))) | length'`
# if [ "$count" != "1" ]; then
# exit 1
# fi
# If the pipeline is for a new tag with a semantic version, and all previous jobs succeed,
# create the release.
# create-release:
# stage: release
# image: registry.gitlab.com/gitlab-org/release-cli:latest
# rules:
# - if: $CI_COMMIT_TAG =~ /\d+/
# script: echo "Creating release $CI_COMMIT_TAG"
# release:
# tag_name: $CI_COMMIT_TAG
# description: "Release $CI_COMMIT_TAG of components repository $CI_PROJECT_PATH"