diff options
author | Alessio Caiazza <acaiazza@gitlab.com> | 2017-09-07 11:25:06 +0200 |
---|---|---|
committer | Alessio Caiazza <acaiazza@gitlab.com> | 2017-09-07 11:25:06 +0200 |
commit | 3dafd75e471110109dc6c36b6acf56603f8a11e4 (patch) | |
tree | 7617bcb3d0a6d7c8dd4c56f1885aa6281a59d723 /vendor | |
parent | 43f474901db9ca4192940af38519befb91c6f241 (diff) | |
download | gitlab-ce-3dafd75e471110109dc6c36b6acf56603f8a11e4.tar.gz |
Update templates for 10.0update-templates-for-10-0
Diffstat (limited to 'vendor')
-rw-r--r-- | vendor/Dockerfile/CONTRIBUTING.md | 47 | ||||
-rw-r--r-- | vendor/gitignore/Actionscript.gitignore | 5 | ||||
-rw-r--r-- | vendor/gitignore/Drupal.gitignore | 3 | ||||
l--------- | vendor/gitignore/Kotlin.gitignore | 1 | ||||
-rw-r--r-- | vendor/gitignore/Nanoc.gitignore | 2 | ||||
-rw-r--r-- | vendor/gitignore/Node.gitignore | 2 | ||||
-rw-r--r-- | vendor/gitignore/Qt.gitignore | 2 | ||||
-rw-r--r-- | vendor/gitignore/Swift.gitignore | 1 | ||||
-rw-r--r-- | vendor/gitignore/Terraform.gitignore | 1 | ||||
-rw-r--r-- | vendor/gitignore/VisualStudio.gitignore | 4 | ||||
-rw-r--r-- | vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml | 411 | ||||
-rw-r--r-- | vendor/gitlab-ci-yml/Bash.gitlab-ci.yml | 34 | ||||
-rw-r--r-- | vendor/gitlab-ci-yml/Packer.gitlab-ci.yml | 26 | ||||
-rw-r--r-- | vendor/gitlab-ci-yml/Terraform.gitlab-ci.yml | 55 |
14 files changed, 572 insertions, 22 deletions
diff --git a/vendor/Dockerfile/CONTRIBUTING.md b/vendor/Dockerfile/CONTRIBUTING.md index 91b92eafa1b..0878db6dd9e 100644 --- a/vendor/Dockerfile/CONTRIBUTING.md +++ b/vendor/Dockerfile/CONTRIBUTING.md @@ -3,3 +3,50 @@ https://gitlab.com/gitlab-org/Dockerfile. GitLab only mirrors the templates. Please submit your merge requests to https://gitlab.com/gitlab-org/Dockerfile. + +## Contributing + +Thank you for your interest in contributing to this GitLab project! We welcome +all contributions. By participating in this project, you agree to abide by the +[code of conduct](#code-of-conduct). + +## Contributor license agreement + +By submitting code as an individual you agree to the [individual contributor +license agreement][individual-agreement]. + +By submitting code as an entity you agree to the [corporate contributor license +agreement][corporate-agreement]. + +## Code of conduct + +As contributors and maintainers of this project, we pledge to respect all people +who contribute through reporting issues, posting feature requests, updating +documentation, submitting pull requests or patches, and other activities. + +We are committed to making participation in this project a harassment-free +experience for everyone, regardless of level of experience, gender, gender +identity and expression, sexual orientation, disability, personal appearance, +body size, race, ethnicity, age, or religion. + +Examples of unacceptable behavior by participants include the use of sexual +language or imagery, derogatory comments or personal attacks, trolling, public +or private harassment, insults, or other unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct. Project maintainers who do not follow the +Code of Conduct may be removed from the project team. + +This code of conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior can be +reported by emailing contact@gitlab.com. + +This Code of Conduct is adapted from the [Contributor Covenant][contributor-covenant], version 1.1.0, +available at [http://contributor-covenant.org/version/1/1/0/](http://contributor-covenant.org/version/1/1/0/). + +[contributor-covenant]: http://contributor-covenant.org +[individual-agreement]: https://docs.gitlab.com/ee/legal/individual_contributor_license_agreement.html +[corporate-agreement]: https://docs.gitlab.com/ee/legal/corporate_contributor_license_agreement.html diff --git a/vendor/gitignore/Actionscript.gitignore b/vendor/gitignore/Actionscript.gitignore index 11e612e9853..5d947ca8879 100644 --- a/vendor/gitignore/Actionscript.gitignore +++ b/vendor/gitignore/Actionscript.gitignore @@ -1,9 +1,8 @@ # Build and Release Folders -bin/ bin-debug/ bin-release/ -[Oo]bj/ # FlashDevelop obj -[Bb]in/ # FlashDevelop bin +[Oo]bj/ +[Bb]in/ # Other files and folders .settings/ diff --git a/vendor/gitignore/Drupal.gitignore b/vendor/gitignore/Drupal.gitignore index 0d2fe537f46..072b683190f 100644 --- a/vendor/gitignore/Drupal.gitignore +++ b/vendor/gitignore/Drupal.gitignore @@ -1,10 +1,12 @@ # Ignore configuration files that may contain sensitive information. sites/*/*settings*.php +sites/example.sites.php # Ignore paths that contain generated content. files/ sites/*/files sites/*/private +sites/*/translations # Ignore default text files robots.txt @@ -16,6 +18,7 @@ robots.txt /UPGRADE.txt /README.txt sites/README.txt +sites/all/libraries/README.txt sites/all/modules/README.txt sites/all/themes/README.txt diff --git a/vendor/gitignore/Kotlin.gitignore b/vendor/gitignore/Kotlin.gitignore new file mode 120000 index 00000000000..c48376eebcf --- /dev/null +++ b/vendor/gitignore/Kotlin.gitignore @@ -0,0 +1 @@ +Java.gitignore
\ No newline at end of file diff --git a/vendor/gitignore/Nanoc.gitignore b/vendor/gitignore/Nanoc.gitignore index 3f36ea2a878..6f35daaf478 100644 --- a/vendor/gitignore/Nanoc.gitignore +++ b/vendor/gitignore/Nanoc.gitignore @@ -4,7 +4,7 @@ output/ # Temporary file directory -tmp/ +tmp/nanoc/ # Crash Log crash.log diff --git a/vendor/gitignore/Node.gitignore b/vendor/gitignore/Node.gitignore index 00cbbdf53f6..97e28736892 100644 --- a/vendor/gitignore/Node.gitignore +++ b/vendor/gitignore/Node.gitignore @@ -29,7 +29,7 @@ bower_components # node-waf configuration .lock-wscript -# Compiled binary addons (http://nodejs.org/api/addons.html) +# Compiled binary addons (https://nodejs.org/api/addons.html) build/Release # Dependency directories diff --git a/vendor/gitignore/Qt.gitignore b/vendor/gitignore/Qt.gitignore index 5fa47c5a1f2..fe67fdf1ee6 100644 --- a/vendor/gitignore/Qt.gitignore +++ b/vendor/gitignore/Qt.gitignore @@ -26,6 +26,8 @@ moc_*.cpp moc_*.h qrc_*.cpp ui_*.h +*.qmlc +*.jsc Makefile* *build-* diff --git a/vendor/gitignore/Swift.gitignore b/vendor/gitignore/Swift.gitignore index d5340449396..161179bff3e 100644 --- a/vendor/gitignore/Swift.gitignore +++ b/vendor/gitignore/Swift.gitignore @@ -37,6 +37,7 @@ playground.xcworkspace # Add this line if you want to avoid checking in source code from Swift Package Manager dependencies. # Packages/ # Package.pins +# Package.resolved .build/ # CocoaPods diff --git a/vendor/gitignore/Terraform.gitignore b/vendor/gitignore/Terraform.gitignore index 41859c81f1c..f20453be963 100644 --- a/vendor/gitignore/Terraform.gitignore +++ b/vendor/gitignore/Terraform.gitignore @@ -1,5 +1,6 @@ # Compiled files *.tfstate +*.tfstate.*.backup *.tfstate.backup # Module directory diff --git a/vendor/gitignore/VisualStudio.gitignore b/vendor/gitignore/VisualStudio.gitignore index 89c66054885..f652b45c2ee 100644 --- a/vendor/gitignore/VisualStudio.gitignore +++ b/vendor/gitignore/VisualStudio.gitignore @@ -116,6 +116,10 @@ _TeamCity* # DotCover is a Code Coverage Tool *.dotCover +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + # Visual Studio code coverage results *.coverage *.coveragexml diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml new file mode 100644 index 00000000000..a07edd264c3 --- /dev/null +++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml @@ -0,0 +1,411 @@ +# Auto DevOps +# This CI/CD configuration provides a standard pipeline for +# * building a Docker image (using a buildpack if necessary), +# * storing the image in the container registry, +# * running tests from a buildpack, +# * running code quality analysis, +# * creating a review app for each topic branch, +# * and continuous deployment to production +# +# In order to deploy, you must have a Kubernetes cluster configured either +# via a project integration, or via group/project variables. +# AUTO_DEVOPS_DOMAIN must also be set as a variable at the group or project +# level, or manually added below. +# +# If you want to deploy to staging first, or enable canary deploys, +# uncomment the relevant jobs in the pipeline below. +# +# If Auto DevOps fails to detect the proper buildpack, or if you want to +# specify a custom buildpack, set a project variable `BUILDPACK_URL` to the +# repository URL of the buildpack. +# e.g. BUILDPACK_URL=https://github.com/heroku/heroku-buildpack-ruby.git#v142 +# If you need multiple buildpacks, add a file to your project called +# `.buildpacks` that contains the URLs, one on each line, in order. +# Note: Auto CI does not work with multiple buildpacks yet + +image: alpine:latest + +variables: + # AUTO_DEVOPS_DOMAIN is the application deployment domain and should be set as a variable at the group or project level. + # AUTO_DEVOPS_DOMAIN: domain.example.com + + POSTGRES_USER: user + POSTGRES_PASSWORD: testing-password + POSTGRES_ENABLED: "true" + POSTGRES_DB: $CI_ENVIRONMENT_SLUG + +stages: + - build + - test + - review + - staging + - canary + - production + - cleanup + +build: + stage: build + image: docker:git + services: + - docker:dind + variables: + DOCKER_DRIVER: overlay2 + script: + - setup_docker + - build + only: + - branches + +test: + services: + - postgres:latest + variables: + POSTGRES_DB: test + stage: test + image: gliderlabs/herokuish:latest + script: + - setup_test_db + - cp -R . /tmp/app + - /bin/herokuish buildpack test + only: + - branches + +codequality: + image: docker:latest + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:dind + script: + - setup_docker + - codeclimate + artifacts: + paths: [codeclimate.json] + +review: + stage: review + script: + - check_kube_domain + - install_dependencies + - download_chart + - ensure_namespace + - install_tiller + - create_secret + - deploy + environment: + name: review/$CI_COMMIT_REF_NAME + url: http://$CI_PROJECT_PATH_SLUG-$CI_ENVIRONMENT_SLUG.$AUTO_DEVOPS_DOMAIN + on_stop: stop_review + only: + refs: + - branches + kubernetes: active + except: + - master + +stop_review: + stage: cleanup + variables: + GIT_STRATEGY: none + script: + - install_dependencies + - delete + environment: + name: review/$CI_COMMIT_REF_NAME + action: stop + when: manual + allow_failure: true + only: + refs: + - branches + kubernetes: active + except: + - master + +# Keys that start with a dot (.) will not be processed by GitLab CI. +# Staging and canary jobs are disabled by default, to enable them +# remove the dot (.) before the job name. +# https://docs.gitlab.com/ee/ci/yaml/README.html#hidden-keys + +# Staging deploys are disabled by default since +# continuous deployment to production is enabled by default +# If you prefer to automatically deploy to staging and +# only manually promote to production, enable this job by removing the dot (.), +# and uncomment the `when: manual` line in the `production` job. + +.staging: + stage: staging + script: + - check_kube_domain + - install_dependencies + - download_chart + - ensure_namespace + - install_tiller + - create_secret + - deploy + environment: + name: staging + url: http://$CI_PROJECT_PATH_SLUG-staging.$AUTO_DEVOPS_DOMAIN + only: + refs: + - master + kubernetes: active + +# Canaries are disabled by default, but if you want them, +# and know what the downsides are, enable this job by removing the dot (.), +# and uncomment the `when: manual` line in the `production` job. + +.canary: + stage: canary + script: + - check_kube_domain + - install_dependencies + - download_chart + - ensure_namespace + - install_tiller + - create_secret + - deploy canary + environment: + name: production + url: http://$CI_PROJECT_PATH_SLUG.$AUTO_DEVOPS_DOMAIN + when: manual + only: + refs: + - master + kubernetes: active + +# This job continuously deploys to production on every push to `master`. +# To make this a manual process, either because you're enabling `staging` +# or `canary` deploys, or you simply want more control over when you deploy +# to production, uncomment the `when: manual` line in the `production` job. + +production: + stage: production + script: + - check_kube_domain + - install_dependencies + - download_chart + - ensure_namespace + - install_tiller + - create_secret + - deploy + - delete canary + environment: + name: production + url: http://$CI_PROJECT_PATH_SLUG.$AUTO_DEVOPS_DOMAIN +# when: manual + only: + refs: + - master + kubernetes: active + +# --------------------------------------------------------------------------- + +.auto_devops: &auto_devops | + # Auto DevOps variables and functions + [[ "$TRACE" ]] && set -x + auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${CI_ENVIRONMENT_SLUG}-postgres:5432/${POSTGRES_DB} + export DATABASE_URL=${DATABASE_URL-$auto_database_url} + export CI_APPLICATION_REPOSITORY=$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG + export CI_APPLICATION_TAG=$CI_COMMIT_SHA + export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} + export TILLER_NAMESPACE=$KUBE_NAMESPACE + + function codeclimate() { + cc_opts="--env CODECLIMATE_CODE="$PWD" \ + --volume "$PWD":/code \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume /tmp/cc:/tmp/cc" + + docker run ${cc_opts} codeclimate/codeclimate init + docker run ${cc_opts} codeclimate/codeclimate analyze -f json > codeclimate.json + } + + function deploy() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + + if [[ "$track" != "stable" ]]; then + name="$name-$track" + fi + + replicas="1" + service_enabled="false" + postgres_enabled="$POSTGRES_ENABLED" + # canary uses stable db + [[ "$track" == "canary" ]] && postgres_enabled="false" + + env_track=$( echo $track | tr -s '[:lower:]' '[:upper:]' ) + env_slug=$( echo ${CI_ENVIRONMENT_SLUG//-/_} | tr -s '[:lower:]' '[:upper:]' ) + + if [[ "$track" == "stable" ]]; then + # for stable track get number of replicas from `PRODUCTION_REPLICAS` + eval new_replicas=\$${env_slug}_REPLICAS + service_enabled="true" + else + # for all tracks get number of replicas from `CANARY_PRODUCTION_REPLICAS` + eval new_replicas=\$${env_track}_${env_slug}_REPLICAS + fi + if [[ -n "$new_replicas" ]]; then + replicas="$new_replicas" + fi + + helm upgrade --install \ + --wait \ + --set service.enabled="$service_enabled" \ + --set releaseOverride="$CI_ENVIRONMENT_SLUG" \ + --set image.repository="$CI_APPLICATION_REPOSITORY" \ + --set image.tag="$CI_APPLICATION_TAG" \ + --set image.pullPolicy=IfNotPresent \ + --set application.track="$track" \ + --set application.database_url="$DATABASE_URL" \ + --set service.url="$CI_ENVIRONMENT_URL" \ + --set replicaCount="$replicas" \ + --set postgresql.enabled="$postgres_enabled" \ + --set postgresql.nameOverride="postgres" \ + --set postgresql.postgresUser="$POSTGRES_USER" \ + --set postgresql.postgresPassword="$POSTGRES_PASSWORD" \ + --set postgresql.postgresDatabase="$POSTGRES_DB" \ + --namespace="$KUBE_NAMESPACE" \ + --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ + "$name" \ + chart/ + + if [[ "$track" == "stable" ]]; then + kubectl rollout status -n "$KUBE_NAMESPACE" -w "deployment/${CI_ENVIRONMENT_SLUG}-auto-deploy" + fi + } + + function install_dependencies() { + apk add -U openssl curl tar gzip bash ca-certificates git + wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://raw.githubusercontent.com/sgerrand/alpine-pkg-glibc/master/sgerrand.rsa.pub + wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk + apk add glibc-2.23-r3.apk + rm glibc-2.23-r3.apk + + curl https://kubernetes-helm.storage.googleapis.com/helm-v2.6.1-linux-amd64.tar.gz | tar zx + mv linux-amd64/helm /usr/bin/ + helm version --client + + curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x /usr/bin/kubectl + kubectl version --client + } + + function setup_docker() { + if ! docker info &>/dev/null; then + if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then + export DOCKER_HOST='tcp://localhost:2375' + fi + fi + } + + function setup_test_db() { + if [ -z ${KUBERNETES_PORT+x} ]; then + DB_HOST=postgres + else + DB_HOST=localhost + fi + export DATABASE_URL="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${DB_HOST}:5432/${POSTGRES_DB}" + } + + function download_chart() { + if [[ ! -d chart ]]; then + auto_chart=${AUTO_DEVOPS_CHART:-gitlab/auto-deploy-app} + auto_chart_name=$(basename $auto_chart) + auto_chart_name=${auto_chart_name%.tgz} + else + auto_chart="chart" + auto_chart_name="chart" + fi + + helm init --client-only + helm repo add gitlab https://charts.gitlab.io + if [[ ! -d "$auto_chart" ]]; then + helm fetch ${auto_chart} --untar + fi + if [ "$auto_chart_name" != "chart" ]; then + mv ${auto_chart_name} chart + fi + + helm dependency update chart/ + helm dependency build chart/ + } + + function ensure_namespace() { + kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" + } + + function check_kube_domain() { + if [ -z ${AUTO_DEVOPS_DOMAIN+x} ]; then + echo "In order to deploy, AUTO_DEVOPS_DOMAIN must be set as a variable at the group or project level, or manually added in .gitlab-cy.yml" + false + else + true + fi + } + + function build() { + if [[ -f Dockerfile ]]; then + echo "Building Dockerfile-based application..." + docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" . + else + echo "Building Heroku-based application using gliderlabs/herokuish docker image..." + docker run -i --name="$CI_CONTAINER_NAME" -v "$(pwd):/tmp/app:ro" gliderlabs/herokuish /bin/herokuish buildpack build + docker commit "$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + docker rm "$CI_CONTAINER_NAME" >/dev/null + echo "" + + echo "Configuring $CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG docker image..." + docker create --expose 5000 --env PORT=5000 --name="$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" /bin/herokuish procfile start web + docker commit "$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + docker rm "$CI_CONTAINER_NAME" >/dev/null + echo "" + fi + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY" + echo "" + fi + + echo "Pushing to GitLab Container Registry..." + docker push "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + echo "" + } + + function install_tiller() { + echo "Checking Tiller..." + helm init --upgrade + kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy" + if ! helm version --debug; then + echo "Failed to init Tiller." + return 1 + fi + echo "" + } + + function create_secret() { + kubectl create secret -n "$KUBE_NAMESPACE" \ + docker-registry gitlab-registry \ + --docker-server="$CI_REGISTRY" \ + --docker-username="$CI_REGISTRY_USER" \ + --docker-password="$CI_REGISTRY_PASSWORD" \ + --docker-email="$GITLAB_USER_EMAIL" \ + -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f - + } + + function delete() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + + if [[ "$track" != "stable" ]]; then + name="$name-$track" + fi + + helm delete "$name" || true + } + +before_script: + - *auto_devops diff --git a/vendor/gitlab-ci-yml/Bash.gitlab-ci.yml b/vendor/gitlab-ci-yml/Bash.gitlab-ci.yml index 27537689b80..2d218b2e164 100644 --- a/vendor/gitlab-ci-yml/Bash.gitlab-ci.yml +++ b/vendor/gitlab-ci-yml/Bash.gitlab-ci.yml @@ -4,32 +4,32 @@ image: busybox:latest before_script: - - echo "Before script section" - - echo "For example you might run an update here or install a build dependency" - - echo "Or perhaps you might print out some debugging details" + - echo "Before script section" + - echo "For example you might run an update here or install a build dependency" + - echo "Or perhaps you might print out some debugging details" after_script: - echo "After script section" - echo "For example you might do some cleanup here" build1: - stage: build - script: - - echo "Do your build here" + stage: build + script: + - echo "Do your build here" test1: - stage: test - script: - - echo "Do a test here" - - echo "For example run a test suite" + stage: test + script: + - echo "Do a test here" + - echo "For example run a test suite" test2: - stage: test - script: - - echo "Do another parallel test here" - - echo "For example run a lint test" + stage: test + script: + - echo "Do another parallel test here" + - echo "For example run a lint test" deploy1: - stage: deploy - script: - - echo "Do your deploy here"
\ No newline at end of file + stage: deploy + script: + - echo "Do your deploy here" diff --git a/vendor/gitlab-ci-yml/Packer.gitlab-ci.yml b/vendor/gitlab-ci-yml/Packer.gitlab-ci.yml new file mode 100644 index 00000000000..fa296057c72 --- /dev/null +++ b/vendor/gitlab-ci-yml/Packer.gitlab-ci.yml @@ -0,0 +1,26 @@ +image: + name: hashicorp/packer:1.0.4 + entrypoint: + - '/usr/bin/env' + - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' + +before_script: + - packer --version + +stages: + - validate + - deploy + +validate: + stage: validate + script: + - find . -maxdepth 1 -name '*.json' -print0 | xargs -t0n1 packer validate + +build: + stage: deploy + environment: production + script: + - find . -maxdepth 1 -name '*.json' -print0 | xargs -t0n1 packer build + when: manual + only: + - master diff --git a/vendor/gitlab-ci-yml/Terraform.gitlab-ci.yml b/vendor/gitlab-ci-yml/Terraform.gitlab-ci.yml new file mode 100644 index 00000000000..7160fce26a8 --- /dev/null +++ b/vendor/gitlab-ci-yml/Terraform.gitlab-ci.yml @@ -0,0 +1,55 @@ +# Official image for Hashicorp's Terraform. It uses light image which is Alpine +# based as it is much lighter. +# +# Entrypoint is also needed as image by default set `terraform` binary as an +# entrypoint. +image: + name: hashicorp/terraform:light + entrypoint: + - '/usr/bin/env' + - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' + +# Default output file for Terraform plan +variables: + PLAN: plan.tfplan + +cache: + paths: + - .terraform + +before_script: + - terraform --version + - terraform init + +stages: + - validate + - build + - deploy + +validate: + stage: validate + script: + - terraform validate + +plan: + stage: build + script: + - terraform plan -out=$PLAN + artifacts: + name: plan + paths: + - $PLAN + +# Separate apply job for manual launching Terraform as it can be destructive +# action. +apply: + stage: deploy + environment: + name: production + script: + - terraform apply -input=false $PLAN + dependencies: + - plan + when: manual + only: + - master |