Newer
Older
variables:
TEST_PROJECT_DIR: 'tests/iac'
image: "$GITLAB_OPENTOFU_IMAGE_NAME"
variables:
TF_STATE_NAME: ci-unit-$CI_JOB_ID
cache:
key: "$OPENTOFU_VERSION-$CI_COMMIT_REF_SLUG"
paths:
before_script:
- gitlab-tofu version
- jq --version
after_script:
- curl --request DELETE -u "gitlab-ci-token:$CI_JOB_TOKEN" "$CI_API_V4_URL/projects/$CI_PROJECT_ID/terraform/state/$TF_STATE_NAME"
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- gitlab-tofu init
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- gitlab-tofu init -get=true -no-color
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- export TF_INIT_FLAGS="-get=true -no-color"
- gitlab-tofu init
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- export TF_INIT_FLAGS="-get=true"
- gitlab-tofu init -no-color
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- gitlab-tofu init
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- gitlab-tofu init -get=true -no-color
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- export TF_INIT_FLAGS="-get=true -no-color"
- gitlab-tofu init
- .opentofu-versions
stage: test
script:
- export DEBUG_OUTPUT=true
- export TF_INIT_FLAGS="-get=true"
- gitlab-tofu init -no-color
- .opentofu-versions
stage: test
script:
- gitlab-tofu init
- |
cat <<EOF > $TF_ROOT/backend_override.tf
terraform {
backend "local" {}
}
EOF
- export TF_INIT_NO_RECONFIGURE=true
- FAILED=false
- gitlab-tofu init -no-color >/tmp/output.txt 2>&1 || FAILED=true
- cat /tmp/output.txt
- test $FAILED = true
- 'grep "Error: Backend configuration changed" /tmp/output.txt'
- .opentofu-versions
stage: test
script:
- gitlab-tofu init
- |
cat <<EOF > $TF_ROOT/backend_override.tf
terraform {
backend "local" {}
}
EOF
- gitlab-tofu init
script:
- apk add --update $PKG
- |
cat <<'EOF' > test.sh
set -x
# NOTE: as part of the test fixture, we need to overwrite the CI_SERVER_HOST,
# so that this test also properly works on GitLab self-managed.
export CI_SERVER_HOST=gitlab.example.com
export TF_TOKEN_gitlab_example_com=mysecrettoken
. $(which gitlab-tofu)
terraform_authenticate_private_registry
test "$TF_TOKEN_gitlab_example_com" = "mysecrettoken"
EOF
- $SHELL test.sh
parallel:
matrix:
- SHELL: "bash"
PKG: "bash"
- SHELL: "zsh"
PKG: "zsh"
- SHELL: "ksh"
PKG: "loksh"
script:
- apk add --update $PKG
- |
cat <<'EOF' > test.sh
set -x
# NOTE: as part of the test fixture, we need to overwrite the CI_SERVER_HOST,
# so that this test also properly works on GitLab self-managed.
export CI_SERVER_HOST=gitlab.example.com
. $(which gitlab-tofu)
terraform_authenticate_private_registry
test -n "$TF_TOKEN_gitlab_example_com"
EOF
- $SHELL test.sh
parallel:
matrix:
- SHELL: "bash"
PKG: "bash"
- SHELL: "zsh"
PKG: "zsh"
- SHELL: "ksh"
PKG: "loksh"
- .opentofu-versions
stage: test
script:
- gitlab-tofu fmt
- .opentofu-versions
stage: test
script:
- gitlab-tofu validate
- .opentofu-versions
stage: test
variables:
TF_PLAN_CACHE: $OPENTOFU_VERSION-plan.cache
script:
- gitlab-tofu plan
- if [[ ! -f "$OPENTOFU_VERSION-plan.cache" ]]; then echo "expected to find a plan.cache file"; exit 1; fi
- gitlab-tofu plan-json
- if [[ ! -f "plan.json" ]]; then echo "expected to find a plan.json file"; exit 1; fi
artifacts:
paths:
- "$TEST_PROJECT_DIR/*-plan.cache"
- .opentofu-versions
stage: test
variables:
TF_PLAN_CACHE: $OPENTOFU_VERSION-plan.cache
before_script:
- !reference [.gitlab-tofu-test, before_script]
- gitlab-tofu plan
before_script:
- !reference [.gitlab-tofu-test, before_script]
- gitlab-tofu plan
- gitlab-tofu apply
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
- apk add --update $PKG
script:
- |
cat <<'EOF' > test.sh
set -x
test -z "$TF_GITLAB_SOURCED"
. $(which gitlab-tofu)
test $TF_GITLAB_SOURCED
EOF
- |
mkdir /usr/local/sbin
cat <<'EOF' > /usr/local/sbin/terraform
#/!usr/bin/env sh -e
echo "Called Terraform, but shouldn't have!!"
false
EOF
chmod +x /usr/local/sbin/terraform
- $SHELL test.sh
parallel:
matrix:
- SHELL: "bash"
PKG: "bash"
- SHELL: "zsh"
PKG: "zsh"
- SHELL: "ksh"
PKG: "loksh"
STATE_NAME: $CI_JOB_NAME
script:
- export TF_IMPLICIT_INIT=false
- FAILED=false
- gitlab-tofu $CMD -no-color >/tmp/output.txt 2>&1 || FAILED=true
- cat /tmp/output.txt
- test $FAILED = true
parallel:
matrix:
- CMD: apply
ERROR: 'Error: Failed to load "plan.cache" as a plan'
- CMD: destroy
ERROR: 'Error: Backend initialization required, please run "tofu init"'
- CMD: plan
ERROR: 'Error: Backend initialization required, please run "tofu init"'
- CMD: validate
ERROR: 'This module is not yet installed. Run "tofu init" to install all modules'
STATE_NAME: $CI_JOB_NAME
script:
# NOTE: running `gitlab-tofu apply` wouldn't fail
# because of the implicit `terraform init`.
- FAILED=false
- gitlab-tofu -- apply -no-color >/tmp/output.txt 2>&1 || FAILED=true
- cat /tmp/output.txt
- test $FAILED = true
- 'grep "Error: Backend initialization required, please run \"tofu init\"" /tmp/output.txt'
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
gitlab-tofu-state-name-auto-urlencode:
extends:
- .gitlab-tofu-test
stage: test
variables:
OPENTOFU_VERSION: $LATEST_OPENTOFU_VERSION
script:
- apk add --update $PKG
- |
cat <<'EOF' > test.sh
set -x
export TF_STATE_NAME=production/europe
. $(which gitlab-tofu)
test "$TF_STATE_NAME" = "production%2Feurope"
EOF
- $SHELL test.sh
parallel:
matrix:
- SHELL: "bash"
PKG: "bash"
- SHELL: "zsh"
PKG: "zsh"
- SHELL: "ksh"
PKG: "loksh"
gitlab-tofu-state-name-auto-urlencode-ff-disabled:
extends:
- .gitlab-tofu-test
stage: test
variables:
OPENTOFU_VERSION: $LATEST_OPENTOFU_VERSION
script:
- apk add --update $PKG
- |
cat <<'EOF' > test.sh
set -x
export TF_FF_AUTO_URLENCODE_STATE_NAME=false
export TF_STATE_NAME=production/europe
. $(which gitlab-tofu)
test "$TF_STATE_NAME" = "production/europe"
EOF
- $SHELL test.sh
parallel:
matrix:
- SHELL: "bash"
PKG: "bash"
- SHELL: "zsh"
PKG: "zsh"
- SHELL: "ksh"
PKG: "loksh"