Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example Terraform Gitlab CI/CD Pipeline
# NOTE: A REMOTE BACKEND IS NEEDED FOR TF CI/CD TO WORK
#This file is a template, and might need editing before it works on your project.
# Official image for Hashicorp's Terraform. It uses an image which is Alpine
# based as it is much lighter.
#
# Entrypoint is also needed as image by default set `terraform` binary as an
# entrypoint.
image:
name: hashicorp/terraform:light
entrypoint:
- '/usr/bin/env'
- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
# Default output file for Terraform plan
variables:
PLAN: plan.tfplan
before_script:
- mkdir credentials # Probably a better way to provide credentials, currently using Gitlab ci/cd variables
- echo "$TF_SVC_ACCOUNT" > credentials/open-mss-poc-terraform.json
- terraform --version
- terraform init -var -force-copy . ## Force copy is there to ensure your state is moved from local to remote.
stages:
- validate
- build
- deploy
- destroy
validate:
tags:
- consultancy
- shared
stage: validate
script:
- terraform validate
plan:
tags:
- consultancy
- shared
stage: build
script:
- terraform plan -out=$PLAN
artifacts:
name: plan
paths:
- $PLAN
apply:
tags:
- consultancy
- shared
stage: deploy
environment:
name: stage
script:
- terraform apply -input=false $PLAN
dependencies:
- plan
only: # ensure we only deploy from master
- master
destroy:
tags:
- consultancy
- shared
stage: destroy
environment:
name: stage
script:
- terraform destroy --auto-approve # tear everything down. (good for demo/poc envirionments)
dependencies:
- plan
when: manual # Create a button to use manually in the gitlab UI
only: # Only allow destroy if master
- master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment