Commit c6ca19cf authored by Thong Kuah's avatar Thong Kuah

Merge branch 'nagyv-gitlab-master-patch-61887' into 'master'

Renames the Base terraform template jobs for better scaling

See merge request gitlab-org/gitlab!67719
parents 0b214b40 133c2c15
...@@ -131,3 +131,32 @@ To workaround this issue, make sure to apply one of the following conditions: ...@@ -131,3 +131,32 @@ To workaround this issue, make sure to apply one of the following conditions:
1. The `terraform-user` creates all subgroup resources. 1. The `terraform-user` creates all subgroup resources.
1. Grant Maintainer or Owner role to the `terraform-user` user on `subgroup-B`. 1. Grant Maintainer or Owner role to the `terraform-user` user on `subgroup-B`.
1. The `terraform-user` inherited access to `subgroup-B` and `subgroup-B` contains at least one project. 1. The `terraform-user` inherited access to `subgroup-B` and `subgroup-B` contains at least one project.
### Invalid CI/CD syntax error when using the "latest" base template
On GitLab 14.2 and later, you might get a CI/CD syntax error when using the
`latest` Base Terraform template:
```yaml
include:
- template: Terraform/Base.latest.gitlab-ci.yml
my-Terraform-job:
extends: .init
```
The base template's [jobs were renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67719/)
with better Terraform-specific names. To resolve the syntax error, you can:
- Use the stable `Terraform/Base.gitlab-ci.yml` template, which has not changed.
- Update your pipeline configuration to use the new job names in
`https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Terraform/Base.latest.gitlab-ci.yml`.
For example:
```yaml
include:
- template: Terraform/Base.latest.gitlab-ci.yml
my-Terraform-job:
extends: .terraform:init # The updated name.
```
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
include: include:
- template: Terraform/Base.latest.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Terraform/Base.latest.gitlab-ci.yml - template: Terraform/Base.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Terraform/Base.latest.gitlab-ci.yml
stages: stages:
- init - init
......
...@@ -14,20 +14,22 @@ stages: ...@@ -14,20 +14,22 @@ stages:
- cleanup - cleanup
init: init:
extends: .init extends: .terraform:init
validate: validate:
extends: .validate extends: .terraform:validate
build: build:
extends: .build extends: .terraform:build
deploy: deploy:
extends: .deploy extends: .terraform:deploy
dependencies: dependencies:
- build - build
environment:
name: $TF_STATE_NAME
cleanup: cleanup:
extends: .destroy extends: .terraform:destroy
dependencies: dependencies:
- deploy - deploy
# Terraform/Base.latest
#
# The purpose of this template is to provide flexibility to the user so
# they are able to only include the jobs that they find interesting.
#
# Therefore, this template is not supposed to run any jobs. The idea is to only
# create hidden jobs. See: https://docs.gitlab.com/ee/ci/yaml/#hide-jobs
#
# There is a more opinionated template which we suggest the users to abide,
# which is the lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml
image:
name: registry.gitlab.com/gitlab-org/terraform-images/releases/terraform:1.0.3
variables:
TF_ROOT: ${CI_PROJECT_DIR} # The relative path to the root directory of the Terraform project
TF_STATE_NAME: ${TF_STATE_NAME:-default} # The name of the state file used by the GitLab Managed Terraform state backend
cache:
key: "${TF_ROOT}"
paths:
- ${TF_ROOT}/.terraform/
- ${TF_ROOT}/.terraform.lock.hcl
.init: &init
stage: init
script:
- cd ${TF_ROOT}
- gitlab-terraform init
.validate: &validate
stage: validate
script:
- cd ${TF_ROOT}
- gitlab-terraform validate
.build: &build
stage: build
script:
- cd ${TF_ROOT}
- gitlab-terraform plan
- gitlab-terraform plan-json
artifacts:
paths:
- ${TF_ROOT}/plan.cache
reports:
terraform: ${TF_ROOT}/plan.json
.deploy: &deploy
stage: deploy
script:
- cd ${TF_ROOT}
- gitlab-terraform apply
when: manual
only:
variables:
- $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
.destroy: &destroy
stage: cleanup
script:
- cd ${TF_ROOT}
- gitlab-terraform destroy
when: manual
...@@ -13,7 +13,8 @@ image: ...@@ -13,7 +13,8 @@ image:
name: registry.gitlab.com/gitlab-org/terraform-images/stable:latest name: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
variables: variables:
TF_ROOT: ${CI_PROJECT_DIR} TF_ROOT: ${CI_PROJECT_DIR} # The relative path to the root directory of the Terraform project
TF_STATE_NAME: ${TF_STATE_NAME:-default} # The name of the state file used by the GitLab Managed Terraform state backend
cache: cache:
key: "${TF_ROOT}" key: "${TF_ROOT}"
...@@ -21,43 +22,46 @@ cache: ...@@ -21,43 +22,46 @@ cache:
- ${TF_ROOT}/.terraform/ - ${TF_ROOT}/.terraform/
- ${TF_ROOT}/.terraform.lock.hcl - ${TF_ROOT}/.terraform.lock.hcl
.init: &init .terraform:init: &terraform_init
stage: init stage: init
script: script:
- cd ${TF_ROOT} - cd ${TF_ROOT}
- gitlab-terraform init - gitlab-terraform init
.validate: &validate .terraform:validate: &terraform_validate
stage: validate stage: validate
script: script:
- cd ${TF_ROOT} - cd ${TF_ROOT}
- gitlab-terraform validate - gitlab-terraform validate
.build: &build .terraform:build: &terraform_build
stage: build stage: build
script: script:
- cd ${TF_ROOT} - cd ${TF_ROOT}
- gitlab-terraform plan - gitlab-terraform plan
- gitlab-terraform plan-json - gitlab-terraform plan-json
resource_group: ${TF_STATE_NAME}
artifacts: artifacts:
paths: paths:
- ${TF_ROOT}/plan.cache - ${TF_ROOT}/plan.cache
reports: reports:
terraform: ${TF_ROOT}/plan.json terraform: ${TF_ROOT}/plan.json
.deploy: &deploy .terraform:deploy: &terraform_deploy
stage: deploy stage: deploy
script: script:
- cd ${TF_ROOT} - cd ${TF_ROOT}
- gitlab-terraform apply - gitlab-terraform apply
resource_group: ${TF_STATE_NAME}
when: manual when: manual
only: only:
variables: variables:
- $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
.destroy: &destroy .terraform:destroy: &terraform_destroy
stage: cleanup stage: cleanup
script: script:
- cd ${TF_ROOT} - cd ${TF_ROOT}
- gitlab-terraform destroy - gitlab-terraform destroy
resource_group: ${TF_STATE_NAME}
when: manual when: manual
...@@ -2,8 +2,8 @@ ...@@ -2,8 +2,8 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe 'Terraform/Base.latest.gitlab-ci.yml' do RSpec.describe 'Terraform/Base.gitlab-ci.yml' do
subject(:template) { Gitlab::Template::GitlabCiYmlTemplate.find('Terraform/Base.latest') } subject(:template) { Gitlab::Template::GitlabCiYmlTemplate.find('Terraform/Base') }
describe 'the created pipeline' do describe 'the created pipeline' do
let(:default_branch) { 'master' } let(:default_branch) { 'master' }
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Terraform/Base.latest.gitlab-ci.yml' do
subject(:template) { Gitlab::Template::GitlabCiYmlTemplate.find('Terraform/Base.latest') }
describe 'the created pipeline' do
let(:default_branch) { 'master' }
let(:pipeline_branch) { default_branch }
let(:project) { create(:project, :custom_repo, files: { 'README.md' => '' }) }
let(:user) { project.owner }
let(:service) { Ci::CreatePipelineService.new(project, user, ref: pipeline_branch ) }
let(:pipeline) { service.execute!(:push).payload }
let(:build_names) { pipeline.builds.pluck(:name) }
before do
stub_ci_pipeline_yaml_file(template.content)
allow(project).to receive(:default_branch).and_return(default_branch)
end
it 'does not create any jobs' do
expect(build_names).to be_empty
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Terraform.gitlab-ci.yml' do
before do
allow(Gitlab::Template::GitlabCiYmlTemplate).to receive(:excluded_patterns).and_return([])
end
subject(:template) { Gitlab::Template::GitlabCiYmlTemplate.find('Terraform') }
describe 'the created pipeline' do
let(:default_branch) { project.default_branch_or_main }
let(:pipeline_branch) { default_branch }
let(:project) { create(:project, :custom_repo, files: { 'README.md' => '' }) }
let(:user) { project.owner }
let(:service) { Ci::CreatePipelineService.new(project, user, ref: pipeline_branch ) }
let(:pipeline) { service.execute!(:push).payload }
let(:build_names) { pipeline.builds.pluck(:name) }
before do
stub_ci_pipeline_yaml_file(template.content)
allow(project).to receive(:default_branch).and_return(default_branch)
end
context 'on master branch' do
it 'creates init, validate and build jobs', :aggregate_failures do
expect(pipeline.errors).to be_empty
expect(build_names).to include('init', 'validate', 'build', 'deploy')
end
end
context 'outside the master branch' do
let(:pipeline_branch) { 'patch-1' }
before do
project.repository.create_branch(pipeline_branch, default_branch)
end
it 'does not creates a deploy and a test job', :aggregate_failures do
expect(pipeline.errors).to be_empty
expect(build_names).not_to include('deploy')
end
end
end
end
...@@ -25,7 +25,8 @@ RSpec.describe 'Terraform.latest.gitlab-ci.yml' do ...@@ -25,7 +25,8 @@ RSpec.describe 'Terraform.latest.gitlab-ci.yml' do
end end
context 'on master branch' do context 'on master branch' do
it 'creates init, validate and build jobs' do it 'creates init, validate and build jobs', :aggregate_failures do
expect(pipeline.errors).to be_empty
expect(build_names).to include('init', 'validate', 'build', 'deploy') expect(build_names).to include('init', 'validate', 'build', 'deploy')
end end
end end
...@@ -37,7 +38,8 @@ RSpec.describe 'Terraform.latest.gitlab-ci.yml' do ...@@ -37,7 +38,8 @@ RSpec.describe 'Terraform.latest.gitlab-ci.yml' do
project.repository.create_branch(pipeline_branch, default_branch) project.repository.create_branch(pipeline_branch, default_branch)
end end
it 'does not creates a deploy and a test job' do it 'does not creates a deploy and a test job', :aggregate_failures do
expect(pipeline.errors).to be_empty
expect(build_names).not_to include('deploy') expect(build_names).not_to include('deploy')
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment