Skip to content
validate.yml 2.77 KiB
Newer Older
Timo Furrer's avatar
Timo Furrer committed
spec:
  inputs:
    # Job and Stage name
    as:
      default: 'validate'
      description: 'Defines the name of this job.'
    stage:
      default: 'validate'
      description: 'Defines the stage that this job will belong to.'

    # Versions
    # This version is only required, because we cannot access the context of the component,
    # see https://gitlab.com/gitlab-org/gitlab/-/issues/438275
    version:
      default: 'latest'
      description: 'Version of this component. Has to be the same as the one in the component include entry.'
Timo Furrer's avatar
Timo Furrer committed
    opentofu_version:
Timo Furrer's avatar
Timo Furrer committed
      default: '1.7.1'
Timo Furrer's avatar
Timo Furrer committed
      options:
Timo Furrer's avatar
Timo Furrer committed
        - '1.7.1'
Ben Brown's avatar
Ben Brown committed
        - '1.7.0'
        - '1.7.0-alpha1'
Timo Furrer's avatar
Timo Furrer committed
        - '1.6.2'
Timo Furrer's avatar
Timo Furrer committed
        - '1.6.1'
Timo Furrer's avatar
Timo Furrer committed
        - '1.6.0'
        - '$OPENTOFU_VERSION'
Timo Furrer's avatar
Timo Furrer committed
      description: 'OpenTofu version that should be used.'

    # Images
    image_registry_base:
      default: '$CI_REGISTRY/components/opentofu'
      description: 'Host URI to the job images. Will be combined with `image_name` to construct the actual image URI.'
Timo Furrer's avatar
Timo Furrer committed
    # FIXME: not yet possible because of https://gitlab.com/gitlab-org/gitlab/-/issues/438722
    # gitlab_opentofu_image:
    #   # FIXME: This should reference the component tag that is used.
    #   #        Currently, blocked by https://gitlab.com/gitlab-org/gitlab/-/issues/438275
    #   # default: '$CI_REGISTRY/components/opentofu/gitlab-opentofu:$[[ inputs.opentofu_version ]]'
    #   default: '$CI_REGISTRY/components/opentofu/gitlab-opentofu:$[[ inputs.version ]]-opentofu$[[ inputs.opentofu_version ]]'
    #   description: 'Tag of the gitlab-opentofu image.'
    image_name:
      default: 'gitlab-opentofu'
      description: 'Image name for the job images. Hosted under `image_registry_base`.'

Timo Furrer's avatar
Timo Furrer committed
    # Configuration
    root_dir:
Timo Furrer's avatar
Timo Furrer committed
      default: ${CI_PROJECT_DIR}
      description: 'Root directory for the OpenTofu project.'
    state_name:
      default: default
      description: 'Remote OpenTofu state name.'
Timo Furrer's avatar
Timo Furrer committed

---

'$[[ inputs.as ]]':
  stage: $[[ inputs.stage ]]
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    - if: $CI_OPEN_MERGE_REQUESTS  # Don't add it to a *branch* pipeline if it's already in a merge request pipeline.
      when: never
    - if: $CI_COMMIT_BRANCH        # If there's no open merge request, add it to a *branch* pipeline instead.
  cache:
    key: "$__CACHE_KEY_HACK"
Timo Furrer's avatar
Timo Furrer committed
    paths:
      - $TF_ROOT/.terraform/
Timo Furrer's avatar
Timo Furrer committed
  variables:
    # FIXME: work around to make slashes work in `cache:key`. see https://gitlab.com/gitlab-org/gitlab/-/issues/439898
    __CACHE_KEY_HACK: "$[[ inputs.root_dir ]]"
Timo Furrer's avatar
Timo Furrer committed
    TF_ROOT: $[[ inputs.root_dir ]]
    TF_STATE_NAME: $[[ inputs.state_name ]]
Timo Furrer's avatar
Timo Furrer committed
  image:
    name: '$[[ inputs.image_registry_base ]]/$[[ inputs.image_name ]]:$[[ inputs.version ]]-opentofu$[[ inputs.opentofu_version ]]'
Timo Furrer's avatar
Timo Furrer committed
  script:
    - gitlab-tofu validate