FAQ | This is a LIVE service | Changelog

Skip to content
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
CHANGELOG.md
View file @ d80778ff
......@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [5.1.0] - 2024-10-25
### Added
- `terraform-pipeline.yml`: for all branches on merge and push events, added terraform plan job
and optional terraform apply job when on development.
## [5.0.0] - 2024-09-25
### Changed
......
auto-devops/terraform-pipeline.yml
View file @ d80778ff
......@@ -48,9 +48,9 @@
# - TERRAFORM_APPLY_PRODUCTION_DISABLED
#
# Extending this pipeline
#
#
# If you need to add terraform jobs for any workspaces beyond "development", "staging" and "production", you can copy
# an existing environment's terraform-{plan,apply}-... jobs, changing the references to the existing workspace name.
# an existing environment's terraform-{plan,apply}-... jobs, changing the references to the existing workspace name.
include:
- local: '/terraform-pipeline-base.yml'
......@@ -79,6 +79,9 @@ terraform-apply-development:
# This is currently the only way to allow the pipeline to succeed if the optional manual development apply job was
# not triggered. See the following issue for context - https://gitlab.com/gitlab-org/gitlab/-/issues/249524.
allow_failure: true
- if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_PIPELINE_SOURCE == "push"
when: manual
allow_failure: true
- when: never
variables:
DEPLOYMENT_ENVIRONMENT: development
......
terraform-pipeline-base.yml
View file @ d80778ff
# This template implements generic template jobs for use when deploying terraform configurations.
#
#
# This template is not usually used directly. Instead, most products will want to use the more opinionated
# /auto-devops/terraform-pipeline.yml template which builds a full deployment pipeline using these "base" jobs. This
# template should only be directly "include"-d in a .gitlab-ci.yml file when a product cannot use the
......@@ -54,11 +54,11 @@ variables:
# use a credentials file so we need to unset this variable. In the future this will be fixed in the logan-terraform
# image and this statement will be able to be removed.
unset GOOGLE_APPLICATION_CREDENTIALS
for target in $TF_PLAN_TARGET; do
TF_PLAN_ARGS="$TF_PLAN_ARGS --target $target"
done
terraform init
# When using --detailed-exitcode the plan command will exit with one of the following.
......@@ -66,7 +66,7 @@ variables:
# - 0: An exit code of 0 means the command completed successfully and there were no planned changes required.
# - 1: An exit code of 1 means that the command did not complete successfully.
# - 2: An exit code of 2 means that the command completed successfully but there were proposed changes in the resulting plan.
#
#
# By allowing this job to exit with exit code 2 we are able to show an amber warning icon in the GitLab UI. This
# makes it easy to spot when an environment requires changes following a plan job.
(terraform plan $TF_PLAN_ARGS -out=${TF_DATA_DIR}/${CI_COMMIT_REF_SLUG}-${DEPLOYMENT_ENVIRONMENT}.tfplan -detailed-exitcode && exit_code=$?) || exit_code=$?
......@@ -80,7 +80,7 @@ variables:
# If terraform plan exited with 2 then we need to override the last exit code.
if [ "$exit_code" -eq 2 ]; then exit 2; fi
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_PIPELINE_SOURCE == "push"
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_TAG
- when: never
tags:
......