debian-mirror-gitlab/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml

62 lines
1.4 KiB
YAML
Raw Normal View History

2018-03-17 18:26:18 +05:30
# Official image for Hashicorp's Terraform. It uses light image which is Alpine
# based as it is much lighter.
#
# Entrypoint is also needed as image by default set `terraform` binary as an
# entrypoint.
image:
2020-04-22 19:07:51 +05:30
name: registry.gitlab.com/gitlab-org/gitlab-build-images:terraform
2018-03-17 18:26:18 +05:30
entrypoint:
- '/usr/bin/env'
- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
# Default output file for Terraform plan
variables:
PLAN: plan.tfplan
2020-04-22 19:07:51 +05:30
JSON_PLAN_FILE: tfplan.json
2018-03-17 18:26:18 +05:30
cache:
paths:
- .terraform
2021-03-08 18:12:59 +05:30
- .terraform.lock.hcl
2018-03-17 18:26:18 +05:30
before_script:
2020-05-24 23:13:21 +05:30
- alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
2018-03-17 18:26:18 +05:30
- terraform --version
- terraform init
stages:
- validate
- build
2019-07-31 22:56:46 +05:30
- test
2018-03-17 18:26:18 +05:30
- deploy
validate:
stage: validate
script:
- terraform validate
plan:
stage: build
script:
- terraform plan -out=$PLAN
2020-04-22 19:07:51 +05:30
- "terraform show --json $PLAN | convert_report > $JSON_PLAN_FILE"
2018-03-17 18:26:18 +05:30
artifacts:
paths:
- $PLAN
2020-04-22 19:07:51 +05:30
reports:
terraform: $JSON_PLAN_FILE
2018-03-17 18:26:18 +05:30
# Separate apply job for manual launching Terraform as it can be destructive
# action.
apply:
stage: deploy
environment:
name: production
script:
- terraform apply -input=false $PLAN
dependencies:
- plan
2021-06-08 01:23:25 +05:30
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: manual