Update Terraform.gitlab-ci.yml to use Base.latest

ec67ad9e · Nicholas Klick · 5dc89c8d · ec67ad9e · ec67ad9e · ec67ad9e
Commit ec67ad9e authored Jun 15, 2021 by Nicholas Klick
4 changed files
--- a/doc/user/infrastructure/index.md
+++ b/doc/user/infrastructure/index.md
@@ -20,7 +20,7 @@ for GitLab versions 13.5 and later:
 ```yaml
 include:
-  - template: Terraform.latest.gitlab-ci.yml
+  - template: Terraform.gitlab-ci.yml
 variables:
  # If not using GitLab's HTTP backend, remove this line and specify TF_HTTP_* variables
@@ -30,15 +30,14 @@ variables:
  # TF_ROOT: terraform/production
 ```
-This template uses `.latest.`, instead of stable, and may include breaking changes.
+This template includes some opinionated decisions, which you can override:
-This template also includes some opinionated decisions, which you can override:
 - Including the latest [GitLab Terraform Image](https://gitlab.com/gitlab-org/terraform-images).
 - Using the [GitLab managed Terraform State](#gitlab-managed-terraform-state) as
  the Terraform state storage backend.
- Creating [four pipeline stages](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml):
+- Creating [four pipeline stages](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml):
  `init`, `validate`, `build`, and `deploy`. These stages
-  [run the Terraform commands](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform/Base.latest.gitlab-ci.yml)
+  [run the Terraform commands](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform/Base.gitlab-ci.yml)
  `init`, `validate`, `plan`, `plan-json`, and `apply`. The `apply` command only runs on `master`.
 This video from January 2021 walks you through all the GitLab Terraform integration features:

--- a/ee/spec/lib/ee/gitlab/ci/templates/templates_spec.rb
+++ b/ee/spec/lib/ee/gitlab/ci/templates/templates_spec.rb
@@ -29,7 +29,7 @@ RSpec.describe "CI YML Templates" do
    ]
    where(:template_name) do
-      all_templates - non_autodevops_templates
+      all_templates - non_autodevops_templates - ["Terraform.gitlab-ci.yml"]
    end
    with_them do

--- a/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
-# Official image for Hashicorp's Terraform. It uses light image which is Alpine
+include:
-# based as it is much lighter.
+  - template: Terraform/Base.latest.gitlab-ci.yml  # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Terraform/Base.latest.gitlab-ci.yml
-#
-# Entrypoint is also needed as image by default set `terraform` binary as an
-# entrypoint.
-image:
-  name: registry.gitlab.com/gitlab-org/gitlab-build-images:terraform
-  entrypoint:
-    - '/usr/bin/env'
-    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
-# Default output file for Terraform plan
-variables:
-  PLAN: plan.tfplan
-  JSON_PLAN_FILE: tfplan.json
-cache:
-  paths:
-    - .terraform
-    - .terraform.lock.hcl
-before_script:
-  - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
-  - terraform --version
-  - terraform init
 stages:
+  - init
  - validate
  - build
-  - test
  - deploy
+init:
+  extends: .init
 validate:
-  stage: validate
+  extends: .validate
-  script:
-    - terraform validate
-plan:
+build:
-  stage: build
+  extends: .build
-  script:
-    - terraform plan -out=$PLAN
-    - "terraform show --json $PLAN | convert_report > $JSON_PLAN_FILE"
-  artifacts:
-    paths:
-      - $PLAN
-    reports:
-      terraform: $JSON_PLAN_FILE
-# Separate apply job for manual launching Terraform as it can be destructive
+deploy:
-# action.
+  extends: .deploy
-apply:
-  stage: deploy
-  environment:
-    name: production
-  script:
-    - terraform apply -input=false $PLAN
  dependencies:
-    - plan
+    - build
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-      when: manual
--- a/spec/lib/gitlab/ci/templates/templates_spec.rb
+++ b/spec/lib/gitlab/ci/templates/templates_spec.rb
@@ -7,9 +7,10 @@ RSpec.describe 'CI YML Templates' do
  let(:all_templates) { Gitlab::Template::GitlabCiYmlTemplate.all.map(&:full_name) }
  let(:excluded_templates) do
-    all_templates.select do |name|
+    excluded = all_templates.select do |name|
      Gitlab::Template::GitlabCiYmlTemplate.excluded_patterns.any? { |pattern| pattern.match?(name) }
    end
+    excluded + ["Terraform.gitlab-ci.yml"]
  end
  before do