This repository has been archived by the owner on Jul 10, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
.gitlab-ci.yml
111 lines (100 loc) · 2.74 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
image:
name: hashicorp/terraform:light
entrypoint:
- '/usr/bin/env'
- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
before_script:
- rm -rf .terraform
- terraform --version
- TF_LOG=TRACE
- export AWS_ACCESS_KEY_ID=${aws_access_key_id}
- export AWS_SECRET_ACCESS_KEY=${aws_secret_access_key}
# - mkdir -p ./creds
# - echo $SERVICEACCOUNT | base64 -d > ./creds/serviceaccount.json
# - cd terraform/modules/lambda-function
# - terraform init
- cd ${CI_PROJECT_DIR}/terraform/modules/s3-bucket
- terraform init
- cd ../vpc
- terraform init
# - cd ../../remote-state
# - terraform init
- cd ${CI_PROJECT_DIR}/terraform/landing-zone
- terraform init
# - cd ../hello-world
# - terraform init
stages:
- validate
- plan
- apply-lz
- apply-lambda
- destroy-lambda
- destroy-lz
validate:
stage: validate
script:
#define these in settings > CI / CD > Variables
#This is NOT best practice, make an IAM Role and define that as detailed here (assume role): https://www.terraform.io/docs/providers/aws/index.html
- terraform validate
plan-landingzone:
stage: plan
script:
- cd ${CI_PROJECT_DIR}/terraform/landing-zone
- terraform init
- terraform plan -var-file=../vars/poc.tfvars -out "landingzone-planfile"
dependencies:
- validate
artifacts:
paths:
- terraform/landing-zone/landingzone-planfile
expire_in: 1 week
plan-lambdafunctions:
stage: plan
script:
- cd ${CI_PROJECT_DIR}/terraform/uno-dos-tres
- terraform init
- terraform plan -var-file=../vars/poc.tfvars -out "lambdafunctions-planfile"
dependencies:
- validate
artifacts:
paths:
- terraform/uno-dos-tres/lambdafunctions-planfile
expire_in: 1 week
apply-landingzone:
stage: apply-lz
script:
- cd ${CI_PROJECT_DIR}/terraform/landing-zone
- terraform init
- terraform apply -input=false "landingzone-planfile"
dependencies:
- plan-landingzone
when: manual
apply-lambdafunctions:
stage: apply-lambda
script:
- cd ${CI_PROJECT_DIR}/terraform/uno-dos-tres
- terraform init
- terraform apply -input=false "lambdafunctions-planfile"
dependencies:
- plan-lambdafunctions
when: manual
destroy-lambdafunctions:
stage: destroy-lambda
script:
- cd ${CI_PROJECT_DIR}/terraform/uno-dos-tres
- terraform init
- terraform destroy -var-file=../vars/poc.tfvars -auto-approve
dependencies:
- plan-lambdafunctions
- apply-lambdafunctions
when: manual
destroy-landingzone:
stage: destroy-lz
script:
- cd ${CI_PROJECT_DIR}/terraform/landing-zone
- terraform init
- terraform destroy -var-file=../vars/poc.tfvars -auto-approve
dependencies:
- plan-landingzone
- apply-landingzone
when: manual