From cac07e055a2b039ce5943704c99bdb4798a63fb4 Mon Sep 17 00:00:00 2001
From: Timo Furrer <tfurrer@gitlab.com>
Date: Mon, 11 Nov 2024 14:00:54 +0100
Subject: [PATCH] Remove `auto_apply` and `auto_destroy` inputs

This change sets removes support `auto_apply` and `auto_destroy` inputs
across the templates.
With the introduction of the `rules` inputs, an auto apply or auto
destroy behavior can easily implemented using it directly.

We can't easily keep the `auto_apply` and `auto_destroy` inputs because
having input references in input default values is not yet supported.
See https://gitlab.com/gitlab-org/gitlab/-/issues/438722.

I've left the input definitions commented out for now with the
possibility to easily bring it back if the issue is resolved.

Closes https://gitlab.com/components/opentofu/-/issues/80

Changelog: removed
---
 .gitlab/README.md.template                    |  2 +-
 README.md                                     |  2 +-
 templates/apply.yml                           |  4 ---
 templates/destroy.yml                         |  4 ---
 templates/full-pipeline.yml                   | 27 ++++++++++---------
 templates/job-templates.yml                   | 10 -------
 templates/validate-plan-apply.yml             | 13 ++++-----
 templates/validate-plan-destroy.yml           | 14 +++++-----
 tests/integration-tests/Destroy.gitlab-ci.yml |  1 -
 9 files changed, 32 insertions(+), 45 deletions(-)

diff --git a/.gitlab/README.md.template b/.gitlab/README.md.template
index 0233559..5665ef3 100644
--- a/.gitlab/README.md.template
+++ b/.gitlab/README.md.template
@@ -477,7 +477,7 @@ When migrating from the GitLab Terraform CI/CD templates you can use the followi
     - Although the `TF_ROOT` variable is still used and maybe overwritten after the import on individual jobs.
 - Migrate the `TF_STATE_NAME` variable to the `state_name` input.
     - Although the `TF_STATE_NAME` variable is still used and maybe overwritten after the import on individual jobs.
-- Migrate the `TF_AUTO_DEPLOY` variable to the `auto_apply` input.
+- Migrate the `TF_AUTO_DEPLOY` variable to custom `rules` inputs.
 - Used other variables -> Use the same variables with this component.
 
 The same rules apply for the `latest` templates.
diff --git a/README.md b/README.md
index 9cde0a1..8eee905 100644
--- a/README.md
+++ b/README.md
@@ -491,7 +491,7 @@ When migrating from the GitLab Terraform CI/CD templates you can use the followi
     - Although the `TF_ROOT` variable is still used and maybe overwritten after the import on individual jobs.
 - Migrate the `TF_STATE_NAME` variable to the `state_name` input.
     - Although the `TF_STATE_NAME` variable is still used and maybe overwritten after the import on individual jobs.
-- Migrate the `TF_AUTO_DEPLOY` variable to the `auto_apply` input.
+- Migrate the `TF_AUTO_DEPLOY` variable to custom `rules` inputs.
 - Used other variables -> Use the same variables with this component.
 
 The same rules apply for the `latest` templates.
diff --git a/templates/apply.yml b/templates/apply.yml
index 479c943..1b04557 100644
--- a/templates/apply.yml
+++ b/templates/apply.yml
@@ -75,10 +75,6 @@ spec:
     plan_name:
       default: 'plan'
       description: 'The name of the plan file to use. Will be used for TF_PLAN_CACHE and TF_PLAN_JSON.'
-    auto_apply:
-      default: false
-      type: boolean
-      description: 'Whether the apply job is manual or automatically run.'
     var_file:
       default: ''
       type: string
diff --git a/templates/destroy.yml b/templates/destroy.yml
index ed99546..b91315c 100644
--- a/templates/destroy.yml
+++ b/templates/destroy.yml
@@ -75,10 +75,6 @@ spec:
     plan_name:
       default: 'destroy-plan'
       description: 'The name of the plan file to use. Will be used for TF_PLAN_CACHE and TF_PLAN_JSON.'
-    auto_destroy:
-      default: false
-      type: boolean
-      description: 'Whether the destroy job is manual or automatically run.'
     var_file:
       default: ''
       type: string
diff --git a/templates/full-pipeline.yml b/templates/full-pipeline.yml
index fb3ad85..9a37e7a 100644
--- a/templates/full-pipeline.yml
+++ b/templates/full-pipeline.yml
@@ -83,14 +83,20 @@ spec:
     plan_name:
       default: 'plan'
       description: 'The name of the plan cache and plan json file.'
-    auto_apply:
-      default: false
-      type: boolean
-      description: 'Whether the apply job is manual or automatically run.'
-    auto_destroy:
-      default: false
-      type: boolean
-      description: 'Whether the destroy job is manual or automatically run.'
+    # FIXME: at the moment we cannot support this input
+    # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722
+    # If you want to auto apply, please refer to the `rules` input.
+    #auto_apply:
+    #  default: false
+    #  type: boolean
+    #  description: 'Whether the apply job is manual or automatically run.'
+    # FIXME: at the moment we cannot support this input
+    # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722
+    # If you want to auto destroy, please refer to the `rules` input.
+    #auto_destroy:
+    #  default: false
+    #  type: boolean
+    #  description: 'Whether the destroy job is manual or automatically run.'
     plan_artifacts_access:
       default: 'none'
       description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.'
@@ -132,14 +138,13 @@ spec:
       description: 'Defines the `rules` of the `plan` job.'
     apply_rules:
       default:
-        - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_apply ]]" == "true"'
         - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
           when: manual
       type: array
       description: 'Defines the `rules` of the `apply` job.'
     destroy_rules:
       default:
-        - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_destroy ]]" == "true"'
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
         - when: manual
       type: array
       description: 'Defines the `rules` of the `destroy` job.'
@@ -232,7 +237,6 @@ include:
       root_dir: $[[ inputs.root_dir ]]
       state_name: $[[ inputs.state_name ]]
       plan_name: $[[ inputs.plan_name ]]
-      auto_apply: $[[ inputs.auto_apply ]]
       var_file: $[[ inputs.var_file ]]
       rules: $[[ inputs.apply_rules ]]
   - local: '/templates/destroy.yml'
@@ -247,7 +251,6 @@ include:
       image_digest: $[[ inputs.image_digest ]]
       root_dir: $[[ inputs.root_dir ]]
       state_name: $[[ inputs.state_name ]]
-      auto_destroy: $[[ inputs.auto_destroy ]]
       var_file: $[[ inputs.var_file ]]
       rules: $[[ inputs.destroy_rules ]]
   - local: '/templates/delete-state.yml'
diff --git a/templates/job-templates.yml b/templates/job-templates.yml
index e433a00..7bcc677 100644
--- a/templates/job-templates.yml
+++ b/templates/job-templates.yml
@@ -83,14 +83,6 @@ spec:
     plan_name:
       default: 'plan'
       description: 'The name of the plan cache and plan json file.'
-    auto_apply:
-      default: false
-      type: boolean
-      description: 'Whether the apply job is manual or automatically run.'
-    auto_destroy:
-      default: false
-      type: boolean
-      description: 'Whether the destroy job is manual or automatically run.'
     var_file:
       default: ''
       type: string
@@ -179,7 +171,6 @@ include:
       root_dir: $[[ inputs.root_dir ]]
       state_name: $[[ inputs.state_name ]]
       plan_name: $[[ inputs.plan_name ]]
-      auto_apply: $[[ inputs.auto_apply ]]
       var_file: $[[ inputs.var_file ]]
   - local: '/templates/destroy.yml'
     inputs:
@@ -194,7 +185,6 @@ include:
       root_dir: $[[ inputs.root_dir ]]
       state_name: $[[ inputs.state_name ]]
       plan_name: $[[ inputs.plan_name ]]
-      auto_destroy: $[[ inputs.auto_destroy ]]
       var_file: $[[ inputs.var_file ]]
   - local: '/templates/delete-state.yml'
     inputs:
diff --git a/templates/validate-plan-apply.yml b/templates/validate-plan-apply.yml
index 6894293..7c56c23 100644
--- a/templates/validate-plan-apply.yml
+++ b/templates/validate-plan-apply.yml
@@ -77,10 +77,13 @@ spec:
     plan_name:
       default: 'plan'
       description: 'The name of the plan cache and plan json file.'
-    auto_apply:
-      default: false
-      type: boolean
-      description: 'Whether the apply job is manual or automatically run.'
+    # FIXME: at the moment we cannot support this input
+    # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722
+    # If you want to auto apply, please refer to the `rules` input.
+    #auto_apply:
+    #  default: false
+    #  type: boolean
+    #  description: 'Whether the apply job is manual or automatically run.'
     plan_artifacts_access:
       default: 'none'
       description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.'
@@ -114,7 +117,6 @@ spec:
       description: 'Defines the `rules` of the `plan` job.'
     apply_rules:
       default:
-        - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_apply ]]" == "true"'
         - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
           when: manual
       type: array
@@ -186,7 +188,6 @@ include:
       root_dir: $[[ inputs.root_dir ]]
       state_name: $[[ inputs.state_name ]]
       plan_name: $[[ inputs.plan_name ]]
-      auto_apply: $[[ inputs.auto_apply ]]
       var_file: $[[ inputs.var_file ]]
       rules: $[[ inputs.apply_rules ]]
       cache_policy: pull
diff --git a/templates/validate-plan-destroy.yml b/templates/validate-plan-destroy.yml
index 00f39af..8168b75 100644
--- a/templates/validate-plan-destroy.yml
+++ b/templates/validate-plan-destroy.yml
@@ -80,10 +80,13 @@ spec:
     plan_artifacts_access:
       default: 'none'
       description: 'Access level for the plan artifact. See https://docs.gitlab.com/ee/ci/yaml/#artifactsaccess for possible values.'
-    auto_destroy:
-      default: false
-      type: boolean
-      description: 'Whether the destroy job is manual or automatically run.'
+    # FIXME: at the moment we cannot support this input
+    # because we cannot nest inputs: https://gitlab.com/gitlab-org/gitlab/-/issues/438722
+    # If you want to auto destroy, please refer to the `rules` input.
+    #auto_destroy:
+    #  default: false
+    #  type: boolean
+    #  description: 'Whether the destroy job is manual or automatically run.'
     var_file:
       default: ''
       type: string
@@ -114,7 +117,7 @@ spec:
       description: 'Defines the `rules` of the `plan` job.'
     destroy_rules:
       default:
-        - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && "$[[ inputs.auto_destroy ]]" == "true"'
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
         - when: manual
       type: array
       description: 'Defines the `rules` of the `destroy` job.'
@@ -193,7 +196,6 @@ include:
       state_name: $[[ inputs.state_name ]]
       no_plan: false
       plan_name: $[[ inputs.plan_name ]]
-      auto_destroy: $[[ inputs.auto_destroy ]]
       var_file: $[[ inputs.var_file ]]
       rules: $[[ inputs.destroy_rules ]]
       cache_policy: pull
diff --git a/tests/integration-tests/Destroy.gitlab-ci.yml b/tests/integration-tests/Destroy.gitlab-ci.yml
index 874168e..b6e5605 100644
--- a/tests/integration-tests/Destroy.gitlab-ci.yml
+++ b/tests/integration-tests/Destroy.gitlab-ci.yml
@@ -9,7 +9,6 @@ include:
       root_dir: $TEST_TF_ROOT
       state_name: $TEST_TF_STATE_NAME
       no_plan: true
-      auto_apply: true
       # Required to run everything immediately, instead of manually.
       rules: [{when: always}]
 
-- 
GitLab