From e186d0aae8ef84f0d0952c445cc029a309406738 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 13 Jan 2025 16:16:36 +0100 Subject: [PATCH 1/8] feat: Test terraform module --- README-fr.md | 17 +++++++++---- README.md | 8 ++++++ includes-if/tags/terraform.yml | 3 +++ src/terraform/main.tf | 10 ++++++++ src/terraform/outputs.tf | 4 +++ src/terraform/variables.tf | 11 ++++++++ templates/bases/variables.yml | 1 + templates/set_packages_version.yml | 1 + templates/terraform.yml | 40 ++++++++++++++++++++++++++++++ test/terraform/main.tf | 10 ++++++++ test/terraform/variables.tf | 11 ++++++++ 11 files changed, 111 insertions(+), 5 deletions(-) create mode 100644 includes-if/tags/terraform.yml create mode 100644 src/terraform/main.tf create mode 100644 src/terraform/outputs.tf create mode 100644 src/terraform/variables.tf create mode 100644 templates/terraform.yml create mode 100644 test/terraform/main.tf create mode 100644 test/terraform/variables.tf diff --git a/README-fr.md b/README-fr.md index 29841a6..092c893 100644 --- a/README-fr.md +++ b/README-fr.md @@ -68,6 +68,7 @@ Chaque fonctionnalité testée peut être activée avec une variable `MGCI_TEST_ | `MGCI_TEST_REGISTRY_GENERIC` | Lancement du test du registre de paquets génériques | `false` | | `MGCI_TEST_REGISTRY_CONTAINER` | Lancement du test du registre des conteneurs | `false` | | `MGCI_TEST_RUNNERS_TAGS` | Lancement du test des tags de runner | `false` | +| `MGCI_TEST_TERRAFORM_MODULE` | Lancement du test de module Terraform | `false` | | `MGCI_RUNNERS_TAGS` | Liste des Tags de runners à tester, format | `` | | `MGCI_API_TOKEN` | Token d'accès `Owner` au dépôt pour tester l'API | `` | | `MATTERMOST_URL` | URL de l'instance Mattermost à tester | `` | @@ -187,15 +188,15 @@ MGCI_TEST_CACHE_JOB_TAGS=cache - [x] Registre : NPM - [x] Proxy de dépendances - [x] Releases -- [X] Runners : tags attendus -- [X] Runners : enregistrement et suppression d'un runner +- [x] Runners : tags attendus +- [x] Runners : enregistrement et suppression d'un runner - [x] Health check (uniquement disponible pour une instance auto-hébergée) -- [X] Mattermost : Health check -- [X] Environnement : création et destruction +- [x] Mattermost : Health check +- [x] Environnement : création et destruction +- [x] Terraform module ### 🏗️ À venir -- [ ] [Terraform module](https://gitlab.com/froggit/tools/mgci/-/issues/16) - [ ] [Terraform state](https://gitlab.com/froggit/tools/mgci/-/issues/13) ## Test de l'API @@ -278,6 +279,12 @@ Si vous activez ce test, il faut également créer la variable `MATTERMOST_URL`, - **Nom des jobs** : `runners:register` - **Description** : le job `runners:register` teste la fonctionnalité d'enregistrement et de suppression d'un runner. Il va enregistrer un runner pour le projet avec le tag `test-runner` puis le supprimer tout de suite après. +## Test du module Terraform + +- **Nom du fichier** : `templates/terraform.yml` +- **Nom des jobs** : `terraform:module:upload` et `terraform:module:test` +-- **Description** : le job `terraform:module:upload` va téléverser notre module Terraform de test situé dans `src/terraform` vers le registre de modules Terraform de Gitlab. Dans un second temps, le job `terraform:module:test` va tester ce module. + ## Contribuer Ce projet étant sous la licence [GPL3](https://www.gnu.org/licenses/gpl.html), il est possible d'y contribuer pour y apporter des améliorations, des nouvelles fonctionnalités. diff --git a/README.md b/README.md index 5c443a0..5052b32 100644 --- a/README.md +++ b/README.md @@ -68,6 +68,7 @@ Each tested feature can be activated with a `MGCI_TEST_` variable that | `MGCI_TEST_REGISTRY_GENERIC` | Run the generic packages registry test | `false` | | `MGCI_TEST_REGISTRY_CONTAINER` | Run the container registry test | `false` | | `MGCI_TEST_RUNNERS_TAGS` | Run the runner tags test | `false` | +| `MGCI_TEST_TERRAFORM_MODULE` | Run the Terraform module test | `false` | | `MGCI_RUNNERS_TAGS` | List of runner tags to test, format | `` | | `MGCI_API_TOKEN` | `Owner` access token to the repository for API testing | `` | | `MATTERMOST_URL` | URL of the Mattermost instance to test | `` | @@ -191,6 +192,7 @@ MGCI_TEST_CACHE_JOB_TAGS=cache - [x] Health check (only available for self-hosted Gitlab) - [x] Mattermost: Health check - [x] Environment: creation and deletion +- [x] Terraform module ### 🏗️ Upcoming @@ -279,6 +281,12 @@ If you enable this test, you also need to create the `MATTERMOST_URL` variable, - **Job names**: `runners:register` - **Description**: the `runners:register` job tests the functionality of registering and deleting a runner. It will register a runner for the project with the `test-runner` tag and then delete it immediately after. +## Test du module Terraform + +- **File name** : `templates/terraform.yml` +- **Job names** : `terraform:module:upload` et `terraform:module:test` +-- **Description** : the`terraform:module:upload` job uploads our Terraform test module located in `src/terraform` to the Gitlab Terraform module registry. Then, the `terraform:module:test` job tests that module. + ## Contributing This project is licensed under [GPL3](https://www.gnu.org/licenses/gpl.html), and contributions are welcome to bring improvements, new features, etc. diff --git a/includes-if/tags/terraform.yml b/includes-if/tags/terraform.yml new file mode 100644 index 0000000..6454f66 --- /dev/null +++ b/includes-if/tags/terraform.yml @@ -0,0 +1,3 @@ +--- +.terraform: + tags: [$MGCI_TEST_TERRAFORM_MODULE_MODULE_JOB_TAGS] diff --git a/src/terraform/main.tf b/src/terraform/main.tf new file mode 100644 index 0000000..623c588 --- /dev/null +++ b/src/terraform/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.10.5" +} + +resource "local_file" "file" { + content = var.text + filename = "${var.filename}.txt" + file_permission = "0644" + directory_permission = "0755" +} diff --git a/src/terraform/outputs.tf b/src/terraform/outputs.tf new file mode 100644 index 0000000..1d46eea --- /dev/null +++ b/src/terraform/outputs.tf @@ -0,0 +1,4 @@ +output "bytes" { + value = length(local_file.file.content) + description = "I don't know what is it" +} diff --git a/src/terraform/variables.tf b/src/terraform/variables.tf new file mode 100644 index 0000000..84eb40e --- /dev/null +++ b/src/terraform/variables.tf @@ -0,0 +1,11 @@ +variable "filename" { + description = "The filename of the file to be created." + type = string + default = null +} + +variable "text" { + description = "The text contents of the file to be created." + type = string + default = null +} diff --git a/templates/bases/variables.yml b/templates/bases/variables.yml index c645e6c..aeba0d9 100644 --- a/templates/bases/variables.yml +++ b/templates/bases/variables.yml @@ -33,3 +33,4 @@ variables: MGCI_TEST_REGISTRY_NPM: "false" MGCI_TEST_REGISTRY_GENERIC: "false" MGCI_TEST_REGISTRY_CONTAINER: "false" + MGCI_TEST_TERRAFORM_MODULE: "false" diff --git a/templates/set_packages_version.yml b/templates/set_packages_version.yml index 4de293e..d74a895 100644 --- a/templates/set_packages_version.yml +++ b/templates/set_packages_version.yml @@ -13,3 +13,4 @@ packages:version: - if: $MGCI_TEST_RELEASE == "true" - if: $MGCI_TEST_REGISTRY_NPM == "true" - if: $MGCI_TEST_REGISTRY_GENERIC == "true" + - if: $MGCI_TEST_TERRAFORM_MODULE == "true" diff --git a/templates/terraform.yml b/templates/terraform.yml new file mode 100644 index 0000000..54c382e --- /dev/null +++ b/templates/terraform.yml @@ -0,0 +1,40 @@ +--- + +terraform:module:upload: + stage: build + image: curlimages/curl:latest + variables: + TERRAFORM_MODULE_DIR: ${CI_PROJECT_DIR}/src/terraform + TERRAFORM_MODULE_NAME: terraform-module-test + TERRAFORM_MODULE_SYSTEM: local + TERRAFORM_MODULE_VERSION: 0.1.0 + script: + - tar -cvzf ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz -C ${TERRAFORM_MODULE_DIR} --exclude=./.git . + - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${TERRAFORM_MODULE_NAME}/${TERRAFORM_MODULE_SYSTEM}/${TERRAFORM_MODULE_VERSION}/file' + rules: + - if: $MGCI_TEST_TERRAFORM_MODULE == "true" && ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_PROJECT_PATH == 'froggit/tools/mgci') + +terraform:module:test: + stage: test + image: + name: hashicorp/terraform:latest + entrypoint: [""] + before_script: + - cd ${CI_PROJECT_DIR}/test/terraform + - sed -i "s/gitlab\.com/${CI_SERVER_HOST}/g" main.tf + variables: + FILENAME: test + TEXT: "Hello world" + script: + - terraform init + - terraform validate + - terraform fmt --check + - terraform apply -auto-approve -var="filename=${FILENAME}" -var="text=${TEXT}" + - cat ${FILENAME}.txt | grep "${TEXT}" + rules: + - if: $MGCI_TEST_TERRAFORM_MODULE == "true" && ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_PROJECT_PATH == 'froggit/tools/mgci') + +include: + - local: 'includes-if/tags/terraform.yml' + rules: + - if: $MGCI_TEST_TERRAFORM_MODULE_JOB_TAGS diff --git a/test/terraform/main.tf b/test/terraform/main.tf new file mode 100644 index 0000000..3a2ed88 --- /dev/null +++ b/test/terraform/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.10.5" +} + +module "terraform_module_test" { + source = "gitlab.com/froggit/terraform_module_test/local" + version = "0.1.0" + filename = var.filename + text = var.text +} diff --git a/test/terraform/variables.tf b/test/terraform/variables.tf new file mode 100644 index 0000000..84eb40e --- /dev/null +++ b/test/terraform/variables.tf @@ -0,0 +1,11 @@ +variable "filename" { + description = "The filename of the file to be created." + type = string + default = null +} + +variable "text" { + description = "The text contents of the file to be created." + type = string + default = null +} -- GitLab From 2baa825330457b55f7ca741cc8964e8bbc268c56 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Tue, 18 Feb 2025 11:49:05 +0100 Subject: [PATCH 2/8] refactor: disabled REPOSITORY_CHECKOV and TERRAFORM_TERRASCAN lints to prevent wrong error to appear in megalinter --- .mega-linter.yml | 2 ++ src/terraform/main.tf | 2 +- src/terraform/outputs.tf | 4 ++-- test/terraform/main.tf | 10 +++++----- 4 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index 202985d..4702c00 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -21,6 +21,8 @@ DISABLE: DISABLE_LINTERS: - JSON_V8R - YAML_PRETTIER + - REPOSITORY_CHECKOV + - TERRAFORM_TERRASCAN FLAVOR_SUGGESTIONS: false diff --git a/src/terraform/main.tf b/src/terraform/main.tf index 623c588..0514e4f 100644 --- a/src/terraform/main.tf +++ b/src/terraform/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.10.5" + required_version = "= 1.10.5" } resource "local_file" "file" { diff --git a/src/terraform/outputs.tf b/src/terraform/outputs.tf index 1d46eea..b9a847c 100644 --- a/src/terraform/outputs.tf +++ b/src/terraform/outputs.tf @@ -1,4 +1,4 @@ output "bytes" { - value = length(local_file.file.content) - description = "I don't know what is it" + value = length(local_file.file.content) + description = "Lorem ipsum" } diff --git a/test/terraform/main.tf b/test/terraform/main.tf index 3a2ed88..f5b2d38 100644 --- a/test/terraform/main.tf +++ b/test/terraform/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.10.5" + required_version = "= 1.10.5" } -module "terraform_module_test" { - source = "gitlab.com/froggit/terraform_module_test/local" - version = "0.1.0" +module "terraform-module-test" { + source = "gitlab.com/froggit/terraform-module-test/local" + version = "0.1.0" filename = var.filename - text = var.text + text = var.text } -- GitLab From 5e0c4d5cb0eb105ac0eb6907cde1e9cadb66101b Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 3 Mar 2025 14:45:58 +0100 Subject: [PATCH 3/8] feat: add terraform state test in terraform:module:test: gitlab-ci job --- templates/terraform.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/terraform.yml b/templates/terraform.yml index 54c382e..29d53c4 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -25,12 +25,15 @@ terraform:module:test: variables: FILENAME: test TEXT: "Hello world" + TF_STATE_NAME: "terraform-state-test" script: - - terraform init + - terraform init -backend-config="address=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" - terraform validate - terraform fmt --check - terraform apply -auto-approve -var="filename=${FILENAME}" -var="text=${TEXT}" - cat ${FILENAME}.txt | grep "${TEXT}" + - terraform state list + - 'curl --header "PRIVATE-TOKEN: ${MGCI_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" | jq "."' rules: - if: $MGCI_TEST_TERRAFORM_MODULE == "true" && ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_PROJECT_PATH == 'froggit/tools/mgci') -- GitLab From 2fd2ca4dea538b20f0de06393a1f07dca7f609f1 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 3 Mar 2025 15:04:01 +0100 Subject: [PATCH 4/8] fix: update terraform image version to 1.10.5 in CI configuration --- templates/terraform.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/terraform.yml b/templates/terraform.yml index 29d53c4..ca4f811 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -17,7 +17,7 @@ terraform:module:upload: terraform:module:test: stage: test image: - name: hashicorp/terraform:latest + name: hashicorp/terraform:1.10.5 entrypoint: [""] before_script: - cd ${CI_PROJECT_DIR}/test/terraform -- GitLab From 0926734fdc3a6e9af9e79b22c04321c28a722b73 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 3 Mar 2025 15:26:56 +0100 Subject: [PATCH 5/8] feat: add jq installation in CI and create backend.tf for terraform --- templates/terraform.yml | 1 + test/terraform/backend.tf | 4 ++++ 2 files changed, 5 insertions(+) create mode 100644 test/terraform/backend.tf diff --git a/templates/terraform.yml b/templates/terraform.yml index ca4f811..d52c4d6 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -20,6 +20,7 @@ terraform:module:test: name: hashicorp/terraform:1.10.5 entrypoint: [""] before_script: + - apk add --no-cache jq - cd ${CI_PROJECT_DIR}/test/terraform - sed -i "s/gitlab\.com/${CI_SERVER_HOST}/g" main.tf variables: diff --git a/test/terraform/backend.tf b/test/terraform/backend.tf new file mode 100644 index 0000000..4ca44e9 --- /dev/null +++ b/test/terraform/backend.tf @@ -0,0 +1,4 @@ +terraform { + backend "http" { + } +} -- GitLab From 64298c35e0a26567a3fe702102434b1dfa1226ae Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 3 Mar 2025 16:28:23 +0100 Subject: [PATCH 6/8] feat: add remote state configuration variables for GitLab CI in terraform module --- templates/terraform.yml | 5 ++++- test/terraform/backend.tf | 5 +++++ test/terraform/variables.tf | 15 +++++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/templates/terraform.yml b/templates/terraform.yml index d52c4d6..56c5d71 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -26,9 +26,12 @@ terraform:module:test: variables: FILENAME: test TEXT: "Hello world" + REMOTE_STATE_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME} + USERNAME: "gitlab-ci-token" + ACCESS_TOKEN: ${CI_JOB_TOKEN} TF_STATE_NAME: "terraform-state-test" script: - - terraform init -backend-config="address=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" + - terraform init -backend-config="address=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" -var="address=${REMOTE_STATE_ADDRESS}" -var="username=${USERNAME}" -var="access_token=${ACCESS_TOKEN}" - terraform validate - terraform fmt --check - terraform apply -auto-approve -var="filename=${FILENAME}" -var="text=${TEXT}" diff --git a/test/terraform/backend.tf b/test/terraform/backend.tf index 4ca44e9..8c8f3b1 100644 --- a/test/terraform/backend.tf +++ b/test/terraform/backend.tf @@ -1,4 +1,9 @@ terraform { backend "http" { + + config = { + address = var.remote_state_address + username = var.username + password = var.access_token } } diff --git a/test/terraform/variables.tf b/test/terraform/variables.tf index 84eb40e..a1c2899 100644 --- a/test/terraform/variables.tf +++ b/test/terraform/variables.tf @@ -9,3 +9,18 @@ variable "text" { type = string default = null } + +variable "remote_state_address" { + type = string + description = "Gitlab remote state file address" +} + +variable "username" { + type = string + description = "Gitlab username to query remote state" +} + +variable "access_token" { + type = string + description = "GitLab access token to query remote state" +} -- GitLab From 6ca88d1768526c763119100d521db59fc5924dc6 Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 3 Mar 2025 17:03:43 +0100 Subject: [PATCH 7/8] feat: refactor terraform CI configuration to use new backend settings and remove obsolete variables --- templates/terraform.yml | 17 ++++++++++++----- test/terraform/backend.tf | 9 --------- test/terraform/variables.tf | 15 --------------- 3 files changed, 12 insertions(+), 29 deletions(-) delete mode 100644 test/terraform/backend.tf diff --git a/templates/terraform.yml b/templates/terraform.yml index 56c5d71..ea81d64 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -26,12 +26,19 @@ terraform:module:test: variables: FILENAME: test TEXT: "Hello world" - REMOTE_STATE_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME} - USERNAME: "gitlab-ci-token" - ACCESS_TOKEN: ${CI_JOB_TOKEN} - TF_STATE_NAME: "terraform-state-test" + TF_ADDRESS: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" + TF_USERNAME: "gitlab-ci-token" + TF_PASSWORD: "${MGCI_API_TOKEN}" script: - - terraform init -backend-config="address=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" -var="address=${REMOTE_STATE_ADDRESS}" -var="username=${USERNAME}" -var="access_token=${ACCESS_TOKEN}" + - terraform init \ + -backend-config="address=${TF_ADDRESS}" \ + -backend-config="lock_address=${TF_ADDRESS}/lock" \ + -backend-config="unlock_address=${TF_ADDRESS}/lock" \ + -backend-config="username=${TF_USERNAME}" \ + -backend-config="password=${TF_PASSWORD}" \ + -backend-config="lock_method=POST" \ + -backend-config="unlock_method=DELETE" \ + -backend-config="retry_wait_min=5" - terraform validate - terraform fmt --check - terraform apply -auto-approve -var="filename=${FILENAME}" -var="text=${TEXT}" diff --git a/test/terraform/backend.tf b/test/terraform/backend.tf deleted file mode 100644 index 8c8f3b1..0000000 --- a/test/terraform/backend.tf +++ /dev/null @@ -1,9 +0,0 @@ -terraform { - backend "http" { - - config = { - address = var.remote_state_address - username = var.username - password = var.access_token - } -} diff --git a/test/terraform/variables.tf b/test/terraform/variables.tf index a1c2899..84eb40e 100644 --- a/test/terraform/variables.tf +++ b/test/terraform/variables.tf @@ -9,18 +9,3 @@ variable "text" { type = string default = null } - -variable "remote_state_address" { - type = string - description = "Gitlab remote state file address" -} - -variable "username" { - type = string - description = "Gitlab username to query remote state" -} - -variable "access_token" { - type = string - description = "GitLab access token to query remote state" -} -- GitLab From 8000c498054b1b5037393d8709221500c0ecca7b Mon Sep 17 00:00:00 2001 From: Arthur BOUDREAULT Date: Mon, 17 Mar 2025 16:24:21 +0100 Subject: [PATCH 8/8] feat: enhance terraform CI job with state lock and unlock tests --- templates/terraform.yml | 44 +++++++++++++++++++++++++++------------ test/terraform/backend.tf | 4 ++++ 2 files changed, 35 insertions(+), 13 deletions(-) create mode 100644 test/terraform/backend.tf diff --git a/templates/terraform.yml b/templates/terraform.yml index ea81d64..b25e408 100644 --- a/templates/terraform.yml +++ b/templates/terraform.yml @@ -20,31 +20,49 @@ terraform:module:test: name: hashicorp/terraform:1.10.5 entrypoint: [""] before_script: - - apk add --no-cache jq + - apk add --no-cache jq curl - cd ${CI_PROJECT_DIR}/test/terraform - sed -i "s/gitlab\.com/${CI_SERVER_HOST}/g" main.tf + - cat main.tf variables: FILENAME: test TEXT: "Hello world" TF_ADDRESS: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" TF_USERNAME: "gitlab-ci-token" - TF_PASSWORD: "${MGCI_API_TOKEN}" + TF_PASSWORD: "${CI_JOB_TOKEN}" script: - - terraform init \ - -backend-config="address=${TF_ADDRESS}" \ - -backend-config="lock_address=${TF_ADDRESS}/lock" \ - -backend-config="unlock_address=${TF_ADDRESS}/lock" \ - -backend-config="username=${TF_USERNAME}" \ - -backend-config="password=${TF_PASSWORD}" \ - -backend-config="lock_method=POST" \ - -backend-config="unlock_method=DELETE" \ - -backend-config="retry_wait_min=5" + - terraform init -backend-config="address=${TF_ADDRESS}" -backend-config="lock_address=${TF_ADDRESS}/lock" -backend-config="unlock_address=${TF_ADDRESS}/lock" -backend-config="username=${TF_USERNAME}" -backend-config="password=${TF_PASSWORD}" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5" - terraform validate - terraform fmt --check - - terraform apply -auto-approve -var="filename=${FILENAME}" -var="text=${TEXT}" + + - echo "Test du Terraform state lock" + - | + curl --request POST \ + --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \ + --header "Content-Type: application/json" \ + --data '{"ID": "test-lock", "Operation": "OperationTypeApply"}' \ + "${TF_ADDRESS}/lock" + - echo "✅ Verrouillage d'état testé" + - >- + terraform apply -auto-approve + -var="filename=${FILENAME}" + -var="text=${TEXT}" + -backend-config="username=${TF_USERNAME}" + -backend-config="password=${TF_PASSWORD}" - cat ${FILENAME}.txt | grep "${TEXT}" - terraform state list - - 'curl --header "PRIVATE-TOKEN: ${MGCI_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" | jq "."' + - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}" | jq "."' + + - echo "Test du Terraform state unlock" + - | + curl --request DELETE \ + --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \ + --header "Content-Type: application/json" \ + --data '{"ID": "test-lock"}' \ + "${TF_ADDRESS}/lock" + - echo "✅ Déverrouillage d'état testé" + + - terraform destroy -auto-approve rules: - if: $MGCI_TEST_TERRAFORM_MODULE == "true" && ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_PROJECT_PATH == 'froggit/tools/mgci') diff --git a/test/terraform/backend.tf b/test/terraform/backend.tf new file mode 100644 index 0000000..4ca44e9 --- /dev/null +++ b/test/terraform/backend.tf @@ -0,0 +1,4 @@ +terraform { + backend "http" { + } +} -- GitLab