iGEL/enforce_workspace.tf

## enforce_workspace.tf
# Source: https://gist.github.com/iGEL/3cecd4bf5518a627cb2aaf9802c37f14

# Fails if the user is currently not on the configured branch in git.
# Output doesn't matter, only that it succeeds (exit status 0).

# Current terraform version: v0.11.2

data "external" "enforce_workspace" {
  program = ["./git-branch"]
  query = {
    workspace = "${terraform.workspace}"
  }
}

## git-branch
#!/usr/bin/env ruby

# Source: https://gist.github.com/iGEL/3cecd4bf5518a627cb2aaf9802c37f14

require "json"

MAP = {
  "staging" => "master",
  "demo" => "production",
  "default" => "production"
}

workspace = JSON.parse(STDIN.gets)["workspace"]
branch = `git rev-parse --abbrev-ref HEAD`.strip

unless MAP.key?(workspace)
  STDERR.puts "No branch configured for terraform workspace '#{workspace}'!"
  exit 1
end

unless MAP[workspace] == branch
  STDERR.puts "terraform workspace '#{workspace}' must be deployed from git branch '#{MAP[workspace]}', not '#{branch}'!"
  exit 1
end

puts '{"status": "success"}'
	# Source: https://gist.github.com/iGEL/3cecd4bf5518a627cb2aaf9802c37f14

	# Fails if the user is currently not on the configured branch in git.
	# Output doesn't matter, only that it succeeds (exit status 0).

	# Current terraform version: v0.11.2

	data "external" "enforce_workspace" {
	program = ["./git-branch"]
	query = {
	workspace = "${terraform.workspace}"
	}
	}
	#!/usr/bin/env ruby

	# Source: https://gist.github.com/iGEL/3cecd4bf5518a627cb2aaf9802c37f14

	require "json"

	MAP = {
	"staging" => "master",
	"demo" => "production",
	"default" => "production"
	}

	workspace = JSON.parse(STDIN.gets)["workspace"]
	branch = `git rev-parse --abbrev-ref HEAD`.strip

	unless MAP.key?(workspace)
	STDERR.puts "No branch configured for terraform workspace '#{workspace}'!"
	exit 1
	end

	unless MAP[workspace] == branch
	STDERR.puts "terraform workspace '#{workspace}' must be deployed from git branch '#{MAP[workspace]}', not '#{branch}'!"
	exit 1
	end

	puts '{"status": "success"}'