feat: add OpenTofu support

{

	"name": "tf-devcontainer",

	"image": "docker.io/ubuntu:latest",

	// Features to add to the dev container. More info: https://containers.dev/features.

    "features": {

        "ghcr.io/devcontainers/features/common-utils:2": {},		

		"ghcr.io/devcontainers/features/docker-in-docker:2": {},

		"ghcr.io/devcontainers-extra/features/npm-package:1": {

			"package": "gitlab-ci-local"

		}

    },

	// Use 'forwardPorts' to make a list of ports inside the container available locally.

	// "forwardPorts": [],

	// Use 'postCreateCommand' to run commands after the container is created.

	"postCreateCommand": "git config core.editor 'code --wait'",

	// Configure tool-specific properties.

	"customizations": {

		"vscode": {

			"extensions": [

				"mhutchie.git-graph"

			]

		}

	}

	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.

	// "remoteUser": "root"

}

*

!.gitignore

# GitLab CI template for Terraform

This project implements a GitLab CI/CD template to manage your infrastructure with [Terraform](https://www.terraform.io).

This project implements a GitLab CI/CD template to manage your infrastructure with [Terraform](https://www.terraform.io) or [OpenTofu](https://opentofu.org/).

## Usage

This chapter introduces key notions and principle to understand how this template works.

### Terraform or OpenTofu support

Depending on which binary is available in the image (`image`/`TF_IMAGE`), this template allows usage of both Terraform or OpenTofu.

Any OpenTofu image from [GitHub Registry](https://github.com/opentofu/opentofu/pkgs/container/opentofu/versions) is supported by the template.

You may also build and use your [own image](https://opentofu.org/docs/intro/install/docker/).

If you need to migrate from Terraform to OpenTofu, please follow the [OpenTofu Migration Guide](https://opentofu.org/docs/intro/migration/migration-guide/).

### Managed deployment environments

This template implements continuous deployment on your infrastructure using Terraform.

| `tftest-strategy` / `TF_TFTEST_STRATEGY` | terraform test strategy<br\>one of: `disabled`, `single` (will run tests only on the environment mapped to the pipeline branch) or `cascading` (will also run tests on downstream environments) | `disabled` |

| `tftest-opts` / `TF_TFTEST_OPTS` | tftest [options and args](https://developer.hashicorp.com/terraform/cli/commands/test) | "" |

In addition to a textual report in the console, this job produces the following reports, kept for one day and only available for download by users with the Developer role or higher:

In addition to a textual report in the console, this job produces the following reports, kept for one day and only available for download by users with the Developer role or higher when you are using terraform engine:

| Report         | Format                                                                       | Usage             |

| -------------- | ---------------------------------------------------------------------------- | ----------------- |

| `$TF_PROJECT_DIR/reports/${ENV_TYPE}-tftest.xunit.xml` | [xUnit](https://en.wikipedia.org/wiki/XUnit) test report(s) | [GitLab integration](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportsjunit) |

OpenTofu test doesn't provide yet JUnit report, for more information see this [OpenTofu issue](https://github.com/opentofu/opentofu/issues/2501).

#### Customizing Terraform Tests per Environment

By default, when `tftest-strategy` is set to `cascading`, Terraform tests will run for all enabled environments. However, you may want to disable tests for certain environments (e.g., production) to avoid resource costs or long execution times.

    fi

  }

  tf_is_at_least() {

    [ "${1}" = "$(terraform -version | awk -v min="${1}" '/^Terraform v/{ sub(/^v/, "", $2); print min; print $2 }' | sort -V | head -n1)" ]

    return $?

  function guess_tf_system() {

    if command -v tofu > /dev/null

    then

      log_info "--- OpenTofu found: use as infra engine"

      ln -s "$(command -v tofu)" /usr/local/bin/terraform

    elif command -v terraform > /dev/null

    then

      log_info "--- Terraform found: use as infra engine"

    else

      log_error "--- No infra tool detected, please use an image with Terraform or OpenTofu"

    fi

  }

  tf_pre_init() {

      # impl inspired by GitLab Terraform image script

      # see https://gitlab.com/gitlab-org/terraform-images/-/blob/master/src/bin/gitlab-terraform.sh

      if tf_is_at_least 0.13.2

      then

      log_info "configuring Terraform to use GitLab as http backend for tfstate  (set \\e[33;1m\$TF_GITLAB_BACKEND_DISABLED\\e[0m to prevent this)"

      else

        fail "terraform < 0.13.2 doesn't support environment variables to configure http backend"

      fi

      # GitLab Terraform state storage uses the http backend and this does not support workspaces.

      # With TBC the GitLab http backend configuration is scoped by environment.

    mkdir -p "$TF_PROJECT_DIR"/reports/

    # shellcheck disable=SC2046

    if command -v tofu > /dev/null

    then

      tofu test $(echo "$opts" | envsubst_cli)

    else

      terraform test -junit-xml="reports/${ENV_TYPE}-tftest.xunit.xml" $(echo "$opts" | envsubst_cli)

    fi

    # maybe execute post test script

    postscript="$TF_SCRIPTS_DIR/tf-post-test.sh"

  extends: .tf-base

  before_script:

    - !reference [ .tf-base, before_script ]

    - guess_tf_system

    - !reference [ .tf-commands, init ]

    - !reference [ .tf-commands, select_workspace ]