Skip to content
Snippets Groups Projects
Unverified Commit 30e9d3b1 authored by Timo Furrer's avatar Timo Furrer
Browse files

Infix backports with latest

parent a01917dd
No related branches found
No related tags found
No related merge requests found
...@@ -18,7 +18,7 @@ docs: ...@@ -18,7 +18,7 @@ docs:
BACKPORTS_DIR := backports BACKPORTS_DIR := backports
BACKPORTS_BASE_DIR := $(BACKPORTS_DIR)/OpenTofu BACKPORTS_BASE_DIR := $(BACKPORTS_DIR)/OpenTofu
BACKPORTS_BASE_FILE := $(BACKPORTS_BASE_DIR)/Base.gitlab-ci.yml BACKPORTS_BASE_FILE := $(BACKPORTS_BASE_DIR)/Base.latest.gitlab-ci.yml
.PHONY: backports .PHONY: backports
...@@ -28,7 +28,7 @@ BACKPORTS_BASE_FILE := $(BACKPORTS_BASE_DIR)/Base.gitlab-ci.yml ...@@ -28,7 +28,7 @@ BACKPORTS_BASE_FILE := $(BACKPORTS_BASE_DIR)/Base.gitlab-ci.yml
backports: backports:
@echo "Generating $(BACKPORTS_BASE_FILE) ..." @echo "Generating $(BACKPORTS_BASE_FILE) ..."
@mkdir -p $(BACKPORTS_BASE_DIR) @mkdir -p $(BACKPORTS_BASE_DIR)
@cp $(BACKPORTS_DIR)/.Base.gitlab-ci.yml $(BACKPORTS_BASE_FILE) @cp $(BACKPORTS_DIR)/.Base.latest.gitlab-ci.yml $(BACKPORTS_BASE_FILE)
@sed '1,/^---$$/d' templates/fmt.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:fmt/' | sed -e 's/$$\[\[ inputs.stage \]\]/validate/' | sed -e 's/$$\[\[ inputs.allow_failure \]\]/true/' >> $(BACKPORTS_BASE_FILE) @sed '1,/^---$$/d' templates/fmt.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:fmt/' | sed -e 's/$$\[\[ inputs.stage \]\]/validate/' | sed -e 's/$$\[\[ inputs.allow_failure \]\]/true/' >> $(BACKPORTS_BASE_FILE)
@sed '1,/^---$$/d' templates/validate.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:validate/' | sed -e 's/$$\[\[ inputs.stage \]\]/validate/' >> $(BACKPORTS_BASE_FILE) @sed '1,/^---$$/d' templates/validate.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:validate/' | sed -e 's/$$\[\[ inputs.stage \]\]/validate/' >> $(BACKPORTS_BASE_FILE)
@sed '1,/^---$$/d' templates/plan.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:plan/' | sed -e 's/$$\[\[ inputs.stage \]\]/build/' >> $(BACKPORTS_BASE_FILE) @sed '1,/^---$$/d' templates/plan.yml | sed -e 's/$$\[\[ inputs.as \]\]/.opentofu:plan/' | sed -e 's/$$\[\[ inputs.stage \]\]/build/' >> $(BACKPORTS_BASE_FILE)
......
...@@ -13,7 +13,7 @@ ...@@ -13,7 +13,7 @@
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/OpenTofu.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/OpenTofu.gitlab-ci.yml
include: include:
- template: OpenTofu/Base.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/OpenTofu/Base.gitlab-ci.yml - template: OpenTofu/Base.latest.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/OpenTofu/Base.latest.gitlab-ci.yml
stages: [validate, build, deploy] stages: [validate, build, deploy]
......
# This template is a port of the OpenTofu CI/CD component at
# https://gitlab.com/components/opentofu
# It is generated with the `make backports` command from that project.
#
# Please make sure to use the component when your project is hosted on GitLab.com
# or when you are willing to mirror the component project into your self-managed
# instance and use it from there.
#
# Attention: This template will be removed in favor of the OpenTofu CI/CD component as soon as components
# are available for self-managed instances.
#
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/OpenTofu/Base.gitlab-ci.yml
variables:
# OpenTofu CI/CD component version, see https://gitlab.com/components/opentofu/-/releases
VERSION: "latest"
# Compatible OpenTofu version, see https://gitlab.com/components/opentofu/-/releases
OPENTOFU_VERSION: "1.6.0"
# Job Image with `gitlab-tofu`
GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE: $CI_REGISTRY/components/opentofu
# The relative path to the root directory of the OpenTofu project
TF_ROOT: ${CI_PROJECT_DIR}
# The name of the state file used by the GitLab Managed Terraform state backend
TF_STATE_NAME: default
.opentofu:use-component-instead-of-template:
stage: validate
needs: []
allow_failure: true
rules:
- if: '$CI_SERVER_HOST == "gitlab.com"'
image: alpine:3.19
script:
- |
echo "You are using the OpenTofu CI/CD template on GitLab.com which is not recommended."
echo "This template is available for self-managed customers until CI/CD components are available to them and it will be removed asap."
echo " "
echo "We recommend that you migrate to the OpenTofu CI/CD component instead."
echo "The OpenTofu CI/CD component with a default configuration can be included as follows:"
echo " "
echo "include:"
echo " - component: gitlab.com/components/opentofu/full-pipeline@~latest"
echo " inputs:"
echo " version: latest"
echo " opentofu_version: 1.6.0"
echo ""
echo "stages: [validate, build, deploy, cleanup]"
echo " "
echo "You can read about more about the OpenTofu CI/CD component here:"
echo "https://gitlab.com/components/opentofu"
- 'false'
'.opentofu:fmt':
stage: validate
needs: []
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_OPEN_MERGE_REQUESTS # Don't add it to a *branch* pipeline if it's already in a merge request pipeline.
when: never
- if: $CI_COMMIT_BRANCH # If there's no open merge request, add it to a *branch* pipeline instead.
#allow_failure: true
allow_failure: true
cache:
key: "$TF_ROOT"
paths:
- $TF_ROOT/.terraform/
variables:
image:
name: '$GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE/gitlab-opentofu:$GITLAB_OPENTOFU_VERSION-opentofu$OPENTOFU_VERSION'
script:
- gitlab-tofu fmt
'.opentofu:validate':
stage: validate
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_OPEN_MERGE_REQUESTS # Don't add it to a *branch* pipeline if it's already in a merge request pipeline.
when: never
- if: $CI_COMMIT_BRANCH # If there's no open merge request, add it to a *branch* pipeline instead.
cache:
key: "$TF_ROOT"
paths:
- $TF_ROOT/.terraform/
variables:
image:
name: '$GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE/gitlab-opentofu:$GITLAB_OPENTOFU_VERSION-opentofu$OPENTOFU_VERSION'
script:
- gitlab-tofu validate
'.opentofu:plan':
stage: build
environment:
name: $TF_STATE_NAME
action: prepare
resource_group: $TF_STATE_NAME
artifacts:
# Terraform's cache files can include secrets which can be accidentally exposed.
# Please exercise caution when utilizing secrets in your Terraform infrastructure and
# consider limiting access to artifacts or take other security measures to protect sensitive information.
#
# The next line, which disables public access to pipeline artifacts, is not available on GitLab.com.
# See: https://docs.gitlab.com/ee/ci/yaml/#artifactspublic
public: false
paths:
- $TF_ROOT/plan.cache
reports:
terraform: $TF_ROOT/plan.json
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_OPEN_MERGE_REQUESTS # Don't add it to a *branch* pipeline if it's already in a merge request pipeline.
when: never
- if: $CI_COMMIT_BRANCH # If there's no open merge request, add it to a *branch* pipeline instead.
cache:
key: "$TF_ROOT"
paths:
- $TF_ROOT/.terraform/
variables:
image:
name: '$GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE/gitlab-opentofu:$GITLAB_OPENTOFU_VERSION-opentofu$OPENTOFU_VERSION'
script:
- gitlab-tofu plan
- gitlab-tofu plan-json
'.opentofu:apply':
stage: deploy
environment:
name: $TF_STATE_NAME
action: start
resource_group: $TF_STATE_NAME
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$_TF_AUTO_APPLY" == "true"'
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: manual
cache:
key: "$TF_ROOT"
paths:
- $TF_ROOT/.terraform/
variables:
image:
name: '$GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE/gitlab-opentofu:$GITLAB_OPENTOFU_VERSION-opentofu$OPENTOFU_VERSION'
script:
- gitlab-tofu apply
'.opentofu:destroy':
stage: cleanup
environment:
name: $TF_STATE_NAME
action: stop
resource_group: $TF_STATE_NAME
rules:
- if: '"$TF_CREATE_DESTROY_JOB" != "true"'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$_TF_AUTO_DESTROY" == "true"'
- when: manual
cache:
key: "$TF_ROOT"
paths:
- $TF_ROOT/.terraform/
variables:
image:
name: '$GITLAB_OPENTOFU_IMAGE_REGISTRY_BASE/gitlab-opentofu:$GITLAB_OPENTOFU_VERSION-opentofu$OPENTOFU_VERSION'
script:
- gitlab-tofu destroy
'.opentofu:delete-state':
stage: cleanup
resource_group: $TF_STATE_NAME
image: curlimages/curl:latest
script:
- curl --request DELETE -u "gitlab-ci-token:$CI_JOB_TOKEN" "$CI_API_V4_URL/projects/$CI_PROJECT_ID/terraform/state/$TF_STATE_NAME"
rules:
- if: '"$TF_CREATE_DELETE_STATE_JOB" != "true"'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: manual
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment