k3s/.gitlab-ci.yml

stages:
  - lint
  - build
  - destroy

include:
  - project: 'developerdurp/jobtemplates'
    ref: main
    file: 
      - 'terraform.yml'
      - 'ansible.yml'

plan:
  stage: lint
  variables:
    WORKDIR: $CI_PROJECT_DIR/terraform
    ARGUMENTS: -var=pm_password=$pm_password -var=pm_api_url=$pm_api_url -var-file=terraform.tfvars
  allow_failure: false
  extends: .terraform_plan
  rules: 
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"   
      changes:
        compare_to: refs/heads/main
        paths:
          - 'terraform/*'       
      when: always
    - when: never

k3s:
  stage: build
  variables:
    WORKDIR: $CI_PROJECT_DIR/terraform
    ARGUMENTS: -var=pm_password=$pm_password -var=pm_api_url=$pm_api_url -var-file=terraform.tfvars
  allow_failure: false
  extends: .terraform_apply   
  rules:
    - if: '$CI_COMMIT_BRANCH == "main"'
      changes:
        compare_to: refs/heads/main
        paths:
          - 'terraform/*'       
      when: always
    - when: never          

k3s-ansible:
  stage: build
  variables:
    WORKDIR: $CI_PROJECT_DIR/ansible
    FILE: main.yml
    REQUIREMENTS: requirements.yml
  allow_failure: false
  extends: .ansible_apply
  before_script: 
    - cat $ansible > $WORKDIR/ansible 
  #rules:
  #  - if: '$CI_COMMIT_BRANCH == "main"'
  #  - changes:
  #      - 'terraform/*'



#ansible-apply:
#  stage: apply
#  variables:
#    DEBIAN_FRONTEND: noninteractive
#    K8S_AUTH_KUBECONFIG: config
#  image:
#    name: ubuntu:latest
#  script:
#    - apt update && apt install ansible -y
#    - ansible-galaxy install -r $CI_PROJECT_DIR/group_vars/requirements.yml
#    - ansible-playbook $CI_PROJECT_DIR/jobs/main.yml
#  needs:
#    - apply
#  only:
#    changes:
#      - terraform.tf 
#      - terraform.tfvars 
#      - jobs/main.yml           
#    
#destroy:
#  stage: destroy
#  image:
#    name: hashicorp/terraform:light
#    entrypoint:
#      - '/usr/bin/env'
#      - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
#  variables:
#    PLAN: plan.tfplan
#    JSON_PLAN_FILE: tfplan.json
#    TF_IN_AUTOMATION: "true"
#    GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_PROJECT_NAME}
#  cache:
#    key: "$CI_COMMIT_SHA"
#    paths:
#      - .terraform
#  script:
#    - apk add --update curl jq
#    - alias convert_report="jq -r '([.resource_changes[].change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
#    - terraform --version
#    - terraform init -reconfigure -backend-config="address=${GITLAB_TF_ADDRESS}" -backend-config="lock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="unlock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="username=gitlab-ci-token" -backend-config="password=${CI_JOB_TOKEN}" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5"      
#    - terraform destroy -auto-approve -var-file=terraform.tfvars
#  only:
#    changes:
#      - terraform.tf 
#      - terraform.tfvars 
#      - jobs/main.yml     
#  when: manual          
#
#ansible-update:
#  stage: apply
#  image:
#    name: ubuntu:latest
#  script:
#    - apt update && apt install ansible -y
#    - ansible-galaxy install -r $CI_PROJECT_DIR/group_vars/requirements.yml
#    - ansible-playbook $CI_PROJECT_DIR/jobs/update.yml    
#  rules:
#    - if: $CI_PIPELINE_SOURCE == "schedule"
#      when: always 
#
#ansible-update-dns:
#  stage: apply
#  image:
#    name: ubuntu:latest
#  script:
#    - apt update && apt install ansible -y
#    - ansible-galaxy install -r $CI_PROJECT_DIR/group_vars/requirements.yml
#    - ansible-playbook $CI_PROJECT_DIR/jobs/dns.yml          
#  only:
#      changes:
#        - jobs/dns.yml     
#