Commit e2626a1a authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

chore: use workflow rules

parent 163c3069
Loading
Loading
Loading
Loading
+11 −44
Original line number Diff line number Diff line
@@ -13,6 +13,14 @@
# program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth 
# Floor, Boston, MA  02110-1301, USA.
# =========================================================================================
# default workflow rules
workflow:
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    - when: always

variables:
  # variabilized tracking image
  TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"
@@ -580,9 +588,6 @@ tf-tfsec:
      - $TF_PROJECT_DIR/reports/
  dependencies: []
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # on any branch: when $TFSEC_ENABLED is set
    # on production or integration branches: auto
    - if: '$TF_TFSEC_ENABLED == "true" && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)'
@@ -613,7 +618,7 @@ tf-tflint:
  dependencies: []      
  rules:
    # exclude merge requests
    - if: '$CI_MERGE_REQUEST_ID || $TF_TFLINT_DISABLED == "true"'
    - if: '$TF_TFLINT_DISABLED == "true"'
      when: never
    - if: $CI_COMMIT_REF_NAME  # useless but prevents GitLab from warning

@@ -640,9 +645,6 @@ tf-checkov:
      - $TF_PROJECT_DIR/reports/
  dependencies: []      
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # on any branch: when $TF_CHECKOV_ENABLED is set
    # on production or integration branches: auto
    - if: '$TF_CHECKOV_ENABLED == "true" && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)'
@@ -662,9 +664,6 @@ tf-infracost:
  script:
    - tf_infracost
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # on any branch: when $TF_INFRACOST_ENABLED is set
    # on production or integration branches: auto
    - if: '$TF_INFRACOST_ENABLED == "true" && ($CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF)'
@@ -689,9 +688,6 @@ tf-plan-review:
    action: prepare
  resource_group: tf-review/$CI_COMMIT_REF_NAME
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude tags
    - if: $CI_COMMIT_TAG
      when: never
@@ -718,9 +714,6 @@ tf-review:
    action: start
  resource_group: tf-review/$CI_COMMIT_REF_NAME
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude tags
    - if: $CI_COMMIT_TAG
      when: never
@@ -749,9 +742,6 @@ tf-destroy-review:
    action: stop
  resource_group: tf-review/$CI_COMMIT_REF_NAME
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude tags
    - if: $CI_COMMIT_TAG
      when: never
@@ -776,9 +766,6 @@ tf-plan-integration:
    action: prepare
  resource_group: tf-integration
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude non-integration branches
    - if: '$CI_COMMIT_REF_NAME !~ $INTEG_REF'
      when: never
@@ -802,9 +789,6 @@ tf-integration:
    action: start
  resource_group: tf-integration
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude non-integration branches
    - if: '$CI_COMMIT_REF_NAME !~ $INTEG_REF'
      when: never
@@ -830,9 +814,6 @@ tf-destroy-integration:
    action: stop
  resource_group: tf-integration
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # only on integration branch(es), with $TF_INTEG_ENABLED set
    - if: '$TF_INTEG_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
      when: manual
@@ -854,9 +835,6 @@ tf-plan-staging:
    action: prepare
  resource_group: tf-staging
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude non-production branches
    - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
      when: never
@@ -880,9 +858,6 @@ tf-staging:
    action: start
  resource_group: tf-staging
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude non-production branches
    - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
      when: never
@@ -908,9 +883,6 @@ tf-destroy-staging:
    action: stop
  resource_group: tf-staging
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # only on production branch(es), with $TF_STAGING_ENABLED set
    - if: '$TF_STAGING_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
      when: manual
@@ -932,9 +904,6 @@ tf-plan-production:
    action: prepare
  resource_group: tf-production
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude tags
    - if: $CI_COMMIT_TAG
      when: never
@@ -944,8 +913,9 @@ tf-plan-production:
    # exclude if $TF_PROD_PLAN_ENABLED not set
    - if: '$TF_PROD_PLAN_ENABLED != "true"'
      when: never
    # enabled on merge requests
    # enabled on merge requests (2 rules depending on the selected workflow)
    - if: $CI_OPEN_MERGE_REQUESTS
    - if: '$CI_MERGE_REQUEST_ID && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ $PROD_REF'
    # enabled on production branches
    - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'

@@ -964,9 +934,6 @@ tf-production:
    action: start
  resource_group: tf-production
  rules:
    # exclude merge requests
    - if: $CI_MERGE_REQUEST_ID
      when: never
    # exclude non-production branches
    - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
      when: never