Newer
Older
spec:
inputs:
# Job and Stage name
as:
default: 'destroy'
description: 'Defines the name of this job.'
stage:
default: 'cleanup'
description: 'Defines the stage that this job will belong to.'
# Versions
# This version is only required, because we cannot access the context of the component,
# see https://gitlab.com/gitlab-org/gitlab/-/issues/438275
version:
default: 'latest'
description: 'Version of this component. Has to be the same as the one in the component include entry.'
base_os:
default: 'alpine'
options:
- 'alpine'
- 'debian'
- '$GITLAB_OPENTOFU_BASE_IMAGE_OS'
description: 'Base OS of GitLab OpenTofu image.'
default: '1.8.4'
- '1.8.4'
- '1.8.3'
- '1.8.2'
- '1.8.1'
- '1.8.0'
- '1.7.3'
- '1.7.2'
description: 'OpenTofu version that should be used.'
# Images
image_registry_base:
Thomas de Grenier de Latour
committed
default: '$CI_TEMPLATE_REGISTRY_HOST/components/opentofu'
description: 'Host URI to the job images. Will be combined with `image_name` to construct the actual image URI.'
# FIXME: not yet possible because of https://gitlab.com/gitlab-org/gitlab/-/issues/438722
# gitlab_opentofu_image:
# # FIXME: This should reference the component tag that is used.
# # Currently, blocked by https://gitlab.com/gitlab-org/gitlab/-/issues/438275
Thomas de Grenier de Latour
committed
# # default: '$CI_TEMPLATE_REGISTRY_HOST/components/opentofu/gitlab-opentofu:$[[ inputs.opentofu_version ]]'
# default: '$CI_TEMPLATE_REGISTRY_HOST/components/opentofu/gitlab-opentofu:$[[ inputs.version ]]-opentofu$[[ inputs.opentofu_version ]]'
image_name:
default: 'gitlab-opentofu'
description: 'Image name for the job images. Hosted under `image_registry_base`.'
default: ${CI_PROJECT_DIR}
description: 'Root directory for the OpenTofu project.'
state_name:
default: default
description: 'Remote OpenTofu state name.'
no_plan:
default: true
type: boolean
description: 'Whether a plan file should be used.'
plan_name:
default: 'destroy-plan'
description: 'The name of the plan file to use. Will be used for TF_PLAN_CACHE and TF_PLAN_JSON.'
description: 'Whether the destroy job is manual or automatically run.'
---
'$[[ inputs.as ]]':
stage: $[[ inputs.stage ]]
environment:
resource_group: $TF_STATE_NAME
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_destroy ]]" == "true"'
- when: manual
cache:
# FIXME: work around to make slashes work in `cache:key`. see https://gitlab.com/gitlab-org/gitlab/-/issues/439898
__CACHE_KEY_HACK: "$[[ inputs.root_dir ]]"
TF_ROOT: $[[ inputs.root_dir ]]
TF_STATE_NAME: $[[ inputs.state_name ]]
TF_APPLY_NO_PLAN: $[[ inputs.no_plan ]]
TF_PLAN_NAME: $[[ inputs.plan_name ]]
name: '$[[ inputs.image_registry_base ]]/$[[ inputs.image_name ]]:$[[ inputs.version ]]-opentofu$[[ inputs.opentofu_version ]]-$[[ inputs.base_os ]]'