From cac07e055a2b039ce5943704c99bdb4798a63fb4 Mon Sep 17 00:00:00 2001 From: Timo Furrer <tfurrer@gitlab.com> Date: Mon, 11 Nov 2024 14:00:54 +0100 Subject: [PATCH] Remove `auto_apply` and `auto_destroy` inputs This change sets removes support `auto_apply` and `auto_destroy` inputs across the templates. With the introduction of the `rules` inputs, an auto apply or auto destroy behavior can easily implemented using it directly. We can't easily keep the `auto_apply` and `auto_destroy` inputs because having input references in input default values is not yet supported. See https://gitlab.com/gitlab-org/gitlab/-/issues/438722. I've left the input definitions commented out for now with the possibility to easily bring it back if the issue is resolved. Closes https://gitlab.com/components/opentofu/-/issues/80 Changelog: removed --- .gitlab/README.md.template | 2 +- README.md | 2 +- templates/apply.yml | 4 --- templates/destroy.yml | 4 --- templates/full-pipeline.yml | 27 ++++++++++--------- templates/job-templates.yml | 10 ------- templates/validate-plan-apply.yml | 13 ++++----- templates/validate-plan-destroy.yml | 14 +++++----- tests/integration-tests/Destroy.gitlab-ci.yml | 1 - 9 files changed, 32 insertions(+), 45 deletions(-) diff --git a/.gitlab/README.md.template b/.gitlab/README.md.template index 0233559..5665ef3 100644 --- a/.gitlab/README.md.template +++ b/.gitlab/README.md.template @@ -477,7 +477,7 @@ When migrating from the GitLab Terraform CI/CD templates you can use the followi - Although the `TF_ROOT` variable is still used and maybe overwritten after the import on individual jobs. - Migrate the `TF_STATE_NAME` variable to the `state_name` input. - Although the `TF_STATE_NAME` variable is still used and maybe overwritten after the import on individual jobs. -- Migrate the `TF_AUTO_DEPLOY` variable to the `auto_apply` input. +- Migrate the `TF_AUTO_DEPLOY` variable to custom `rules` inputs. - Used other variables -> Use the same variables with this component. The same rules apply for the `latest` templates. diff --git a/README.md b/README.md index 9cde0a1..8eee905 100644 --- a/README.md +++ b/README.md @@ -491,7 +491,7 @@ When migrating from the GitLab Terraform CI/CD templates you can use the followi - Although the `TF_ROOT` variable is still used and maybe overwritten after the import on individual jobs. - Migrate the `TF_STATE_NAME` variable to the `state_name` input. - Although the `TF_STATE_NAME` variable is still used and maybe overwritten after the import on individual jobs. -- Migrate the `TF_AUTO_DEPLOY` variable to the `auto_apply` input. +- Migrate the `TF_AUTO_DEPLOY` variable to custom `rules` inputs. - Used other variables -> Use the same variables with this component. The same rules apply for the `latest` templates. diff --git a/templates/apply.yml b/templates/apply.yml index 479c943..1b04557 100644 --- a/templates/apply.yml +++ b/templates/apply.yml @@ -75,10 +75,6 @@ spec: plan_name: default: 'plan' description: 'The name of the plan file to use. Will be used for TF_PLAN_CACHE and TF_PLAN_JSON.' - auto_apply: - default: false - type: boolean - description: 'Whether the apply job is manual or automatically run.' var_file: default: '' type: string diff --git a/templates/destroy.yml b/templates/destroy.yml index ed99546..b91315c 100644 --- a/templates/destroy.yml +++ b/templates/destroy.yml @@ -75,10 +75,6 @@ spec: plan_name: default: 'destroy-plan' description: 'The name of the plan file to use. Will be used for TF_PLAN_CACHE and TF_PLAN_JSON.' - auto_destroy: - default: false - type: boolean - description: 'Whether the destroy job is manual or automatically run.' var_file: default: '' type: string diff --git a/templates/full-pipeline.yml b/templates/full-pipeline.yml index fb3ad85..9a37e7a 100644 --- a/templates/full-pipeline.yml +++ b/templates/full-pipeline.yml @@ -83,14 +83,20 @@ spec: plan_name: default: 'plan' description: 'The name of the plan cache and plan json file.' - auto_apply: - default: false - type: boolean - description: 'Whether the apply job is manual or automatically run.' - auto_destroy: - default: false - type: boolean - description: 'Whether the destroy job is manual or automatically run.' + # FIXME: at the moment we cannot support this input + # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722 + # If you want to auto apply, please refer to the `rules` input. + #auto_apply: + # default: false + # type: boolean + # description: 'Whether the apply job is manual or automatically run.' + # FIXME: at the moment we cannot support this input + # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722 + # If you want to auto destroy, please refer to the `rules` input. + #auto_destroy: + # default: false + # type: boolean + # description: 'Whether the destroy job is manual or automatically run.' plan_artifacts_access: default: 'none' description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.' @@ -132,14 +138,13 @@ spec: description: 'Defines the `rules` of the `plan` job.' apply_rules: default: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_apply ]]" == "true"' - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH when: manual type: array description: 'Defines the `rules` of the `apply` job.' destroy_rules: default: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_destroy ]]" == "true"' + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - when: manual type: array description: 'Defines the `rules` of the `destroy` job.' @@ -232,7 +237,6 @@ include: root_dir: $[[ inputs.root_dir ]] state_name: $[[ inputs.state_name ]] plan_name: $[[ inputs.plan_name ]] - auto_apply: $[[ inputs.auto_apply ]] var_file: $[[ inputs.var_file ]] rules: $[[ inputs.apply_rules ]] - local: '/templates/destroy.yml' @@ -247,7 +251,6 @@ include: image_digest: $[[ inputs.image_digest ]] root_dir: $[[ inputs.root_dir ]] state_name: $[[ inputs.state_name ]] - auto_destroy: $[[ inputs.auto_destroy ]] var_file: $[[ inputs.var_file ]] rules: $[[ inputs.destroy_rules ]] - local: '/templates/delete-state.yml' diff --git a/templates/job-templates.yml b/templates/job-templates.yml index e433a00..7bcc677 100644 --- a/templates/job-templates.yml +++ b/templates/job-templates.yml @@ -83,14 +83,6 @@ spec: plan_name: default: 'plan' description: 'The name of the plan cache and plan json file.' - auto_apply: - default: false - type: boolean - description: 'Whether the apply job is manual or automatically run.' - auto_destroy: - default: false - type: boolean - description: 'Whether the destroy job is manual or automatically run.' var_file: default: '' type: string @@ -179,7 +171,6 @@ include: root_dir: $[[ inputs.root_dir ]] state_name: $[[ inputs.state_name ]] plan_name: $[[ inputs.plan_name ]] - auto_apply: $[[ inputs.auto_apply ]] var_file: $[[ inputs.var_file ]] - local: '/templates/destroy.yml' inputs: @@ -194,7 +185,6 @@ include: root_dir: $[[ inputs.root_dir ]] state_name: $[[ inputs.state_name ]] plan_name: $[[ inputs.plan_name ]] - auto_destroy: $[[ inputs.auto_destroy ]] var_file: $[[ inputs.var_file ]] - local: '/templates/delete-state.yml' inputs: diff --git a/templates/validate-plan-apply.yml b/templates/validate-plan-apply.yml index 6894293..7c56c23 100644 --- a/templates/validate-plan-apply.yml +++ b/templates/validate-plan-apply.yml @@ -77,10 +77,13 @@ spec: plan_name: default: 'plan' description: 'The name of the plan cache and plan json file.' - auto_apply: - default: false - type: boolean - description: 'Whether the apply job is manual or automatically run.' + # FIXME: at the moment we cannot support this input + # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722 + # If you want to auto apply, please refer to the `rules` input. + #auto_apply: + # default: false + # type: boolean + # description: 'Whether the apply job is manual or automatically run.' plan_artifacts_access: default: 'none' description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.' @@ -114,7 +117,6 @@ spec: description: 'Defines the `rules` of the `plan` job.' apply_rules: default: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_apply ]]" == "true"' - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH when: manual type: array @@ -186,7 +188,6 @@ include: root_dir: $[[ inputs.root_dir ]] state_name: $[[ inputs.state_name ]] plan_name: $[[ inputs.plan_name ]] - auto_apply: $[[ inputs.auto_apply ]] var_file: $[[ inputs.var_file ]] rules: $[[ inputs.apply_rules ]] cache_policy: pull diff --git a/templates/validate-plan-destroy.yml b/templates/validate-plan-destroy.yml index 00f39af..8168b75 100644 --- a/templates/validate-plan-destroy.yml +++ b/templates/validate-plan-destroy.yml @@ -80,10 +80,13 @@ spec: plan_artifacts_access: default: 'none' description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.' - auto_destroy: - default: false - type: boolean - description: 'Whether the destroy job is manual or automatically run.' + # FIXME: at the moment we cannot support this input + # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722 + # If you want to auto destroy, please refer to the `rules` input. + #auto_destroy: + # default: false + # type: boolean + # description: 'Whether the destroy job is manual or automatically run.' var_file: default: '' type: string @@ -114,7 +117,7 @@ spec: description: 'Defines the `rules` of the `plan` job.' destroy_rules: default: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_destroy ]]" == "true"' + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - when: manual type: array description: 'Defines the `rules` of the `destroy` job.' @@ -193,7 +196,6 @@ include: state_name: $[[ inputs.state_name ]] no_plan: false plan_name: $[[ inputs.plan_name ]] - auto_destroy: $[[ inputs.auto_destroy ]] var_file: $[[ inputs.var_file ]] rules: $[[ inputs.destroy_rules ]] cache_policy: pull diff --git a/tests/integration-tests/Destroy.gitlab-ci.yml b/tests/integration-tests/Destroy.gitlab-ci.yml index 874168e..b6e5605 100644 --- a/tests/integration-tests/Destroy.gitlab-ci.yml +++ b/tests/integration-tests/Destroy.gitlab-ci.yml @@ -9,7 +9,6 @@ include: root_dir: $TEST_TF_ROOT state_name: $TEST_TF_STATE_NAME no_plan: true - auto_apply: true # Required to run everything immediately, instead of manually. rules: [{when: always}] -- GitLab