Commit 66cf5557 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat: add implicit Backend configuration

parent b349475c
Loading
Loading
Loading
Loading
+18 −2
Original line number Diff line number Diff line
@@ -97,9 +97,15 @@ This template enables [Terraform integration in Merge Requests](https://docs.git

As a result if you enabled your `production` environment, every merge request will compute and display infrastructure changes compared to `master` branch.

### GitLab managed Terraform State
### Terraform Backend management

By default, this template enables [GitLab managed Terraform State](https://docs.gitlab.com/ee/user/infrastructure/terraform_state.html) (set `$TF_GITLAB_BACKEND_DISABLED` to disable).
By default, this template enables [GitLab managed Terraform State](https://docs.gitlab.com/ee/user/infrastructure/terraform_state.html). 
As mentionned in GitLab's documentation, that requires that your Terraform scripts declare the 
Terraform [HTTP backend](https://www.terraform.io/docs/language/settings/backends/http.html), the templates
does the rest to configure it automatically.

This default behavior can be disabled by setting `$TF_GITLAB_BACKEND_DISABLED` to `false`.
In that case, you'll have to declare and configure your backend and tfstate by yourself (see [Implicit Backend configuration support](#implicit-backend-configuration-support) below).

#### _Error acquiring the state lock_ workaround

@@ -151,6 +157,16 @@ terraform init \
    -backend-config=retry_wait_min="${TF_HTTP_RETRY_WAIT_MIN}"
```

#### Implicit Backend configuration support

If you disabled the GitLab-managed Terraform state (by setting `$TF_GITLAB_BACKEND_DISABLED` to `false`),
the template supports an implicit [backend configuration](https://www.terraform.io/language/settings/backends/configuration#file) mechanism:

1. Looks for a `$env.tfbackend` file (ex: `staging.tfbackend` for staging environment),
2. Fallbacks to `default.tfbackend` file.

If one of those files are found, it is automatically used by the template in the `terraform init` command (using the `-backend-config` CLI option).

### Environments configuration

As seen above, the Terraform template may support up to 4 environments (`review`, `integration`, `staging` and `production`).
+18 −9
Original line number Diff line number Diff line
@@ -312,6 +312,16 @@ stages:
    # dump terraform version
    terraform --version

    # maybe execute pre init script
    prescript="$TF_SCRIPTS_DIR/tf-pre-init.sh"
    if [[ -f "$prescript" ]]; then
      log_info "--- \\e[32mpre-init\\e[0m hook (\\e[33;1m${prescript}\\e[0m) found: execute"
      chmod +x "$prescript"
      "$prescript"
    else
      log_info "--- \\e[32mpre-init\\e[0m hook (\\e[33;1m${prescript}\\e[0m) not found: skip"
    fi

    if [[ "$TF_GITLAB_BACKEND_DISABLED" != "true" ]]
    then
      # impl inspired by GitLab Terraform image script
@@ -350,16 +360,15 @@ stages:
      tf_backend_opts="$tf_backend_opts -backend-config=lock_method=${TF_HTTP_LOCK_METHOD}"
      tf_backend_opts="$tf_backend_opts -backend-config=unlock_method=${TF_HTTP_UNLOCK_METHOD}"
      tf_backend_opts="$tf_backend_opts -backend-config=retry_wait_min=${TF_HTTP_RETRY_WAIT_MIN}"
    fi

    # maybe execute pre init script
    prescript="$TF_SCRIPTS_DIR/tf-pre-init.sh"
    if [[ -f "$prescript" ]]; then
      log_info "--- \\e[32mpre-init\\e[0m hook (\\e[33;1m${prescript}\\e[0m) found: execute"
      chmod +x "$prescript"
      "$prescript"
    else
      log_info "--- \\e[32mpre-init\\e[0m hook (\\e[33;1m${prescript}\\e[0m) not found: skip"
      backend_cfg=$(ls -1 "${environment_type}.tfbackend" 2>/dev/null || ls -1 "default.tfbackend" 2>/dev/null || echo "")
      if [[ -f "$backend_cfg" ]]
      then
        log_info "--- backend config file (\\e[33;1m${backend_cfg}\\e[0m) found: use"
        tf_backend_opts="-backend-config=${backend_cfg}"
      else
        log_info "--- no backend config file found: ignore"
      fi
    fi

    # shellcheck disable=SC2154,SC2086,SC2046