diff --git a/scripts/terraform-apply.sh b/scripts/terraform-apply.sh new file mode 100644 index 0000000..f1846eb --- /dev/null +++ b/scripts/terraform-apply.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform validate +terraform apply -auto-approve $ARGUMENTS \ No newline at end of file diff --git a/scripts/terraform-destroy.sh b/scripts/terraform-destroy.sh new file mode 100644 index 0000000..f91ae7a --- /dev/null +++ b/scripts/terraform-destroy.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform validate +terraform destroy -auto-approve $ARGUMENTS \ No newline at end of file diff --git a/scripts/terraform-fmt.sh b/scripts/terraform-fmt.sh new file mode 100644 index 0000000..eb24f7a --- /dev/null +++ b/scripts/terraform-fmt.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform fmt +terraform fmt -diff -check -write=false \ No newline at end of file diff --git a/scripts/terraform-init.sh b/scripts/terraform-init.sh new file mode 100644 index 0000000..4ef2a6f --- /dev/null +++ b/scripts/terraform-init.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform init +terraform init -reconfigure -backend-config="address=${GITLAB_TF_ADDRESS}" -backend-config="lock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="unlock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="username=gitlab-ci-token" -backend-config="password=${CI_JOB_TOKEN}" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5" \ No newline at end of file diff --git a/scripts/terraform-plan.sh b/scripts/terraform-plan.sh new file mode 100644 index 0000000..fa36778 --- /dev/null +++ b/scripts/terraform-plan.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform plan +apk add --update curl jq +alias convert_report="jq -r '([.resource_changes[].change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'" +terraform plan -out=$PLAN $ARGUMENTS +terraform show --json $PLAN | convert_report > $JSON_PLAN_FILE \ No newline at end of file diff --git a/scripts/terraform-validate.sh b/scripts/terraform-validate.sh new file mode 100644 index 0000000..005c504 --- /dev/null +++ b/scripts/terraform-validate.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +#%%MULTILINE_YAML_START +#Terraform validate +terraform validate diff --git a/templates/terraform.tpl.yml b/templates/terraform.tpl.yml new file mode 100644 index 0000000..be3f6de --- /dev/null +++ b/templates/terraform.tpl.yml @@ -0,0 +1,58 @@ +.terraform_fmt: + image: + name: registry.durp.info/hashicorp/terraform:light + #name: hashicorp/terraform:light + entrypoint: [""] + script: + - ./scripts/terraform-fmt.sh + +.terraform_validate: + image: + name: registry.durp.info/hashicorp/terraform:light + #name: hashicorp/terraform:light + entrypoint: [""] + variables: + GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_PROJECT_NAME} + script: + - ./scripts/terraform-init.sh + - ./scripts/terraform-validate.sh + +.terraform_plan: + image: + name: registry.durp.info/hashicorp/terraform:light + #name: hashicorp/terraform:light + entrypoint: [""] + variables: + PLAN: plan.tfplan + JSON_PLAN_FILE: tfplan.json + GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_PROJECT_NAME} + script: + - ./scripts/terraform-init.sh + - ./scripts/terraform-plan.sh + artifacts: + reports: + terraform: $WORKDIR/$JSON_PLAN_FILE + + +.terraform_apply: + image: + name: registry.durp.info/hashicorp/terraform:light + #name: hashicorp/terraform:light + entrypoint: [""] + variables: + GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_PROJECT_NAME} + script: + - ./scripts/terraform-init.sh + - ./scripts/terraform-apply.sh + +.terraform_destroy: + image: + name: registry.durp.info/hashicorp/terraform:light + #name: hashicorp/terraform:light + entrypoint: [""] + variables: + GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_PROJECT_NAME} + WORKDIR: $CI_PROJECT_DIR + script: + - ./scripts/terraform-init.sh + - ./scripts/terraform-destroy.sh \ No newline at end of file