├── .copywrite.hcl ├── .github └── workflows │ └── create-jira-issue.workflow.yml ├── .gitignore ├── .gitlab-ci.yml ├── Base.gitlab-ci.yml ├── CHANGELOG.md ├── CODEOWNERS ├── LICENSE ├── README.md └── docs ├── CONTRIBUTING.md └── RELEASES.md /.copywrite.hcl: -------------------------------------------------------------------------------- 1 | schema_version = 1 2 | 3 | project { 4 | license = "MPL-2.0" 5 | copyright_year = 2023 6 | 7 | # (OPTIONAL) A list of globs that should not have copyright/license headers. 8 | # Supports doublestar glob patterns for more flexibility in defining which 9 | # files or folders should be ignored 10 | header_ignore = [".gitlab-ci.yml"] 11 | } -------------------------------------------------------------------------------- /.github/workflows/create-jira-issue.workflow.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Jira Issue Sync 3 | 4 | on: 5 | issues: 6 | types: [opened, closed, deleted, reopened] 7 | issue_comment: 8 | types: [created] 9 | 10 | jobs: 11 | call-jira-sync: 12 | uses: hashicorp/tfc-workflows-tooling/.github/workflows/jira-issue-sync.workflow.yml@main 13 | secrets: inherit 14 | with: 15 | project: TF 16 | issue-extra-fields: | 17 | { "customfield_10091": ["TF-NEXUS"], "customfield_10008": "TF-7050" } 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | # This file is a template, and might need editing before it works on your project. 2 | # You can copy and paste this template into a new `.gitlab-ci.yml` file in your project. 3 | 4 | # The link to the remote base template. Note that the base template URL is versioned. Please check the base template for additional variables that need to be defined in GitLab. 5 | # Please subscribe to https://github.com/hashicorp/tfc-workflows-gitlab for updates. 6 | include: 7 | remote: https://raw.githubusercontent.com/hashicorp/tfc-workflows-gitlab/v1.3.3/Base.gitlab-ci.yml 8 | 9 | # Please refer: https://docs.gitlab.com/ee/ci/variables/ 10 | # In order to use this template, the following CI/CD variables need to be defined in GitLab. The base remote template relies on these variables 11 | # Please refer: https://docs.gitlab.com/ee/ci/variables/ 12 | # - TF_API_TOKEN: The token used to authenticate with HCP Terraform. 13 | # - TF_CLOUD_ORGANIZATION: The name of the organization in HCP Terraform. This variable is included in links that are shown in the output. The links might not work if this variable is masked. 14 | # - TF_WORKSPACE: The Workspace name that specifies where the run will be executed. This variable is included in links that are shown in the output. The links might not work if this variable is masked. 15 | # - GITLAB_API_TOKEN: The access token for the GitLab API. This needs to be set only if you intend to comment the terraform plan output on the merge request. 16 | # **NOTE**: We used the 'Developer' role for the access token. Any other role might work, or might not work and result in a 4XX status code. 17 | # Please refer: https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html 18 | # Additional optional variables: 19 | # - TF_CLOUD_HOSTNAME : Defaults to 'app.terraform.io'. The hostname of a Terraform Enterprise installation, if using Terraform Enterprise. 20 | # - TF_DIRECTORY: Defaults to the root of your project directory. Path to the terraform configuration files. This needs to be set if the terraform config files are not in the root of your project, otherwise there will be an error. 21 | # - TF_LOG: Defaults to 'OFF'. Logging level of the tfc CI tooling binary. We recommend to set this to INFO or DEBUG to troubleshoot any issues. DEBUG is more verbose. 22 | 23 | 24 | # You have the option to define your Terraform variables using the standard "TF_VAR_" prefix, either within this file or as CI/CD variables in the GitLab UI. 25 | # Please refer: https://developer.hashicorp.com/terraform/cli/config/environment-variables#tf_var_name 26 | # An example to do this inline, 27 | # variables: 28 | # TF_VAR_image_id: "\"ami-abc1\"" # NOTE: The escape characters are required to pass this safely downstream into terraform as a string 29 | # TF_VAR_user_map: '{"1":{"name":"jason bourne","size":2}}' 30 | # TF_VAR_availability_zone_names: '["us-east-1a","us-west-1c", "us-west-2b"]' 31 | 32 | # If you opt to define variables directly within the file, be aware that certain variables (e.g., TF_API_TOKEN, GITLAB_API_TOKEN, etc.) are sensitive and should be handled with caution. 33 | # Defining sensitive variables in this file is not recommended. 34 | variables: 35 | PROJECT_PIPELINE_NAME: "Default pipeline name" # A default is not required. 36 | 37 | # These workflows can be tailored to fit your needs. 38 | # Refer: https://docs.gitlab.com/ee/ci/yaml/workflow.html#workflow-rules-examples to customize rules as per your needs 39 | workflow: 40 | name: "$PROJECT_PIPELINE_NAME" 41 | rules: 42 | # If the current branch is the default branch. Workflows on the main branch perform non-speculative terraform apply. 43 | - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH 44 | when: always 45 | variables: 46 | PROJECT_PIPELINE_NAME: "$CI_DEFAULT_BRANCH pipeline" 47 | PLAN_ONLY: "false" 48 | SPECULATIVE: "false" 49 | SAVE_PLAN: "false" 50 | IS_DESTROY: "false" 51 | # Workflows on merge requests only do a plan run. 52 | # Alternatively, you could trigger a plan run on any push, if: $CI_PIPELINE_SOURCE == "push" 53 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 54 | when: always 55 | variables: 56 | PROJECT_PIPELINE_NAME: "Merge Request pipeline: $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" 57 | PLAN_ONLY: "true" 58 | SPECULATIVE: "true" 59 | SAVE_PLAN: "false" 60 | IS_DESTROY: "false" 61 | 62 | upload_configuration: 63 | stage: ".pre" 64 | extends: .tfc:upload_configuration 65 | 66 | create_run: 67 | stage: "build" 68 | extends: .tfc:create_run 69 | variables: 70 | MESSAGE: "LGTM" 71 | 72 | apply_run: 73 | stage: "deploy" 74 | extends: .tfc:apply_run 75 | variables: 76 | COMMENT: "LGTM" 77 | rules: 78 | - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH 79 | when: on_success 80 | 81 | ## Jobs that run when a merge request is created 82 | plan_output: 83 | stage: "deploy" 84 | extends: .tfc:plan_output 85 | rules: 86 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 87 | 88 | # Calls GitLab API to submit comments on a merge request. 89 | # Variable GITLAB_API_TOKEN needs to be defined to use this job. Please refer: https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html 90 | comment_on_merge_request: 91 | stage: ".post" 92 | image: alpine/curl 93 | variables: 94 | MR_COMMENT: | 95 | Run Status: "${run_status}" 96 | Plan: ${add} to add, ${change} to change, ${destroy} to destroy. 97 | [HCP Terraform Plan](${run_link}) 98 | script: 99 | - 'curl --fail-with-body --request POST --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/merge_requests/$CI_MERGE_REQUEST_IID/notes" --data-urlencode "body=$MR_COMMENT"' 100 | rules: 101 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 102 | 103 | # Similar to comment_on_merge_request job, however this will only run if a prior job has failed 104 | # Will surface a merge request comment, indicating a possible HCP Terraform Run failure 105 | on_failure_merge_request_comment: 106 | stage: ".post" 107 | image: alpine/curl 108 | variables: 109 | MR_COMMENT: | 110 | CI Failure 111 | Run Status: "${run_status}" 112 | Plan: ${add} to add, ${change} to change, ${destroy} to destroy. 113 | [HCP Terraform Plan](${run_link}) 114 | script: 115 | - 'curl --fail-with-body --request POST --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/merge_requests/$CI_MERGE_REQUEST_IID/notes" --data-urlencode "body=$MR_COMMENT"' 116 | rules: 117 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 118 | when: on_failure 119 | 120 | # HCP Terraform Run may not have errored, but could possibly have an undesirable status 121 | # Depending on threshold, can modify or remove for your use case 122 | check_run_status: 123 | stage: ".post" 124 | script: 125 | - if [ "$run_status" != "planned_and_finished" ]; then exit 1; fi; 126 | rules: 127 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 128 | -------------------------------------------------------------------------------- /Base.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | # Copyright (c) HashiCorp, Inc. 2 | # SPDX-License-Identifier: MPL-2.0 3 | 4 | # tfc/Base 5 | # 6 | # The purpose of this template is to provide flexibility to the user, so 7 | # they are able to only include the jobs that they find interesting. 8 | # 9 | # Therefore, this template is not supposed to run any jobs. The idea is to only 10 | # create hidden jobs. See: https://docs.gitlab.com/ee/ci/jobs/#hide-jobs 11 | # This template provides a foundation for creating CI/CD jobs specifically for the terraform-cloud platform. 12 | # This template can be included locally or remotely using include:remote. 13 | 14 | # Our approach to sharing information across jobs is opinionated. To ensure that all jobs have access to the necessary 15 | # information, we use dotenv artifacts to expose additional variables. 16 | # To maintain consistency, any variables created as a result of this approach are intentionally lowercase. 17 | 18 | # To contribute improvements to CI/CD templates, please follow the Development guide at: 19 | # https://docs.gitlab.com/ee/development/cicd/templates.html 20 | 21 | # See https://docs.gitlab.com/ee/ci/yaml/index.html for all available options 22 | 23 | # Please refer: https://docs.gitlab.com/ee/ci/variables/ 24 | # In order to use this template, the following CI/CD variables need to be defined in GitLab. The base remote template relies on these variables 25 | # Please refer: https://docs.gitlab.com/ee/ci/variables/ 26 | # - TF_API_TOKEN: The token used to authenticate with HCP Terraform. 27 | # - TF_CLOUD_ORGANIZATION: The name of the organization in HCP Terraform. This variable is included in links that are shown in the output. The links might not work if this variable is masked. 28 | # - TF_WORKSPACE: The Workspace name that specifies where the run will be executed. This variable is included in links that are shown in the output. The links might not work if this variable is masked. 29 | # - GITLAB_API_TOKEN: The access token for the GitLab API. This needs to be set only if you intend to comment the terraform plan output on the merge request. 30 | # **NOTE**: We used the 'Developer' role for the access token. Any other role might work, or might not work and result in a 4XX status code. 31 | # Please refer: https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html 32 | # Additional optional variables: 33 | # - TF_CLOUD_HOSTNAME : Defaults to 'app.terraform.io'. The hostname of a Terraform Enterprise installation, if using Terraform Enterprise. 34 | # - TF_DIRECTORY: Defaults to the root of your project directory. Path to the terraform configuration files. This needs to be set if the terraform config files are not in the root of your project, otherwise there will be an error. 35 | # - TF_LOG: Defaults to 'OFF'. Logging level of the tfc CI tooling binary. We recommend to set this to INFO or DEBUG to troubleshoot any issues. DEBUG is more verbose. 36 | 37 | # You have the option to define your Terraform variables using the standard "TF_VAR_" prefix, either within this file or as CI/CD variables in the GitLab UI. 38 | # Please refer: https://developer.hashicorp.com/terraform/cli/config/environment-variables#tf_var_name 39 | # An example to do this inline, 40 | # variables: 41 | # TF_VAR_image_id: "\"ami-abc1\"" # NOTE: The escape characters are required to pass this safely downstream into terraform as a string 42 | # TF_VAR_user_map: '{"1":{"name":"jason bourne","size":2}}' 43 | # TF_VAR_availability_zone_names: '["us-east-1a","us-west-1c", "us-west-2b"]' 44 | 45 | # If you opt to define variables directly within the file, be aware that certain variables (e.g., TF_API_TOKEN, GITLAB_API_TOKEN, etc.) are sensitive and should be handled with caution. 46 | # Defining sensitive variables in this file is not recommended. 47 | 48 | # The default image is the one that contains the binary for our tool: https://github.com/hashicorp/tfc-workflows-tooling 49 | default: 50 | image: hashicorp/tfci:v1.3.3 51 | 52 | variables: 53 | SPECULATIVE: "false" # Global default for all pipelines 54 | PLAN_ONLY: "false" # Global default for all pipelines 55 | 56 | # Create and upload a configuration version to terraform-cloud.variables: 57 | # exported dotenv variables that can be referenced in later jobs: 58 | # - status: one of "Success", "Error", "Timeout", "Noop". Noop means no operation. 59 | # - configuration_version_id 60 | .tfc:upload_configuration: 61 | script: 62 | - tfci -hostname=$TF_CLOUD_HOSTNAME -token=$TF_API_TOKEN -organization=$TF_CLOUD_ORGANIZATION upload -workspace=$TF_WORKSPACE -speculative=$SPECULATIVE -directory=$TF_DIRECTORY 63 | artifacts: 64 | reports: 65 | dotenv: .env 66 | 67 | # Create a HCP Terraform run 68 | # exported dotenv variables that can be referenced in later jobs: 69 | # - status: one of "Success", "Error", "Timeout", "Noop". Noop means no operation. 70 | # - run_id 71 | # - plan_id 72 | .tfc:create_run: 73 | variables: 74 | CONFIGURATION_VERSION_ID: $configuration_version_id 75 | MESSAGE: "Base template message. Override this" 76 | SAVE_PLAN: false 77 | IS_DESTROY: false 78 | script: 79 | - tfci -hostname=$TF_CLOUD_HOSTNAME -token=$TF_API_TOKEN -organization=$TF_CLOUD_ORGANIZATION run create -workspace=$TF_WORKSPACE -configuration_version=$CONFIGURATION_VERSION_ID -message="$MESSAGE" -plan-only=$PLAN_ONLY -save-plan=$SAVE_PLAN -is-destroy=$IS_DESTROY -target=$TARGET 80 | artifacts: 81 | reports: 82 | dotenv: .env 83 | 84 | # Apply a HCP Terraform run 85 | .tfc:apply_run: 86 | variables: 87 | RUN_ID: $run_id 88 | COMMENT: "Base template comment. Override this" 89 | script: 90 | - tfci -hostname=$TF_CLOUD_HOSTNAME -token=$TF_API_TOKEN -organization=$TF_CLOUD_ORGANIZATION run apply -run=$RUN_ID -comment="$COMMENT" 91 | artifacts: 92 | reports: 93 | dotenv: .env 94 | 95 | # Output Plan details 96 | # exported dotenv variables that can be referenced in later jobs: 97 | # - status: One of "Success", "Error", "Timeout", "Noop". Noop means no operation. 98 | # - add: Resources to add 99 | # - change: Resources to change 100 | # - destroy: Resources to destroy 101 | .tfc:plan_output: 102 | variables: 103 | PLAN_ID: $plan_id 104 | script: 105 | - tfci -hostname=$TF_CLOUD_HOSTNAME -token=$TF_API_TOKEN -organization=$TF_CLOUD_ORGANIZATION plan output -plan=$PLAN_ID 106 | artifacts: 107 | reports: 108 | dotenv: .env 109 | 110 | # Workspace output 111 | # Returns JSON array of the latest state-version output(s) for a given HCP Terraform workspace 112 | # The array is put in a file named Output.json that can then be consumed or processed in later stage 113 | # exported dotenv variables that can be referenced in later jobs: 114 | # - status: One of "Success", "Error", "Timeout", "Noop". Noop means no operation. 115 | .tfc:workspace_output: 116 | script: 117 | - tfci -hostname=$TF_CLOUD_HOSTNAME --token=$TF_API_TOKEN -organization=$TF_CLOUD_ORGANIZATION workspace output list -workspace=$TF_WORKSPACE > "output.json" 118 | artifacts: 119 | reports: 120 | dotenv: .env 121 | paths: 122 | - "output.json" 123 | 124 | # tfc:comment_on_merge_request is a hidden job that posts a comment to a Gitlab merge request for which the pipeline is being run. 125 | # GITLAB_API_TOKEN needs to be defined to use this job. Please refer: https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html 126 | .tfc:comment_on_merge_request: 127 | image: alpine/curl 128 | variables: 129 | MR_COMMENT: | 130 | Plan: ${add} to add, ${change} to change, ${destroy} to destroy. 131 | [HCP Terraform Plan](${run_link}) 132 | script: 133 | - 'curl --fail-with-body --request POST --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/merge_requests/$CI_MERGE_REQUEST_IID/notes" --data-urlencode "body=$MR_COMMENT"' 134 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # UNRELEASED 2 | 3 | # v1.3.3 4 | * Moves SPECULATIVE and PLAN_ONLY variable defaults to global for correct precedence by @richard-russell [#31](https://github.com/hashicorp/tfc-workflows-gitlab/pull/31) 5 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.3.3](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.3) version bump 6 | 7 | # v1.3.2 8 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.3.2](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.2) version bump 9 | 10 | # v1.3.1 11 | * Fixes message argument to correctly handle multi string values by @Rohlik [#26](https://github.com/hashicorp/tfc-workflows-gitlab/pull/26) 12 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.3.1](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.1) 13 | * Compiles for Linux regardless of current CPU architecture when using the provided Dockerfile by @ggambetti [hashicorp/tfc-workflows-tooling#113](https://github.com/hashicorp/tfc-workflows-tooling/pull/113) 14 | 15 | # v1.3.0 16 | * Adds support for `target` input for `create-run` action by @trutled3 [#97](https://github.com/hashicorp/tfc-workflows-tooling/pull/97) 17 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.3.0](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.3.0) 18 | 19 | # v1.2.0 20 | * Adds support for save_only, plan_only, and is_destroy options in the create run action by @aaabdelgany. [#17](https://github.com/hashicorp/tfc-workflows-gitlab/pull/17) 21 | 22 | # v1.1.1 23 | * Adds new `actions/workspace-output` action to fetch the latest state version output(s) for a given Terraform Cloud Workspace. 24 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.1.1](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.1.1) version bump. 25 | 26 | # v1.0.3 27 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.0.3](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.0.3) version bump 28 | * Updates `.gitlab-ci.yml` template two new jobs. Creation of a merge request comment on job failure and run status check by @mjyocca [#14](https://github.com/hashicorp/tfc-workflows-gitlab/pull/14) 29 | 30 | # v1.0.2 31 | * Bug fixes and enhancements from [tfc-workflows-tooling@v1.0.2](https://github.com/hashicorp/tfc-workflows-tooling/releases/tag/v1.0.2) version bump 32 | 33 | # v1.0.0 34 | 35 | First Release 36 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @hashicorp/tf-nexus 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2023 HashiCorp, Inc. 2 | 3 | Mozilla Public License Version 2.0 4 | ================================== 5 | 6 | 1. Definitions 7 | -------------- 8 | 9 | 1.1. "Contributor" 10 | means each individual or legal entity that creates, contributes to 11 | the creation of, or owns Covered Software. 12 | 13 | 1.2. "Contributor Version" 14 | means the combination of the Contributions of others (if any) used 15 | by a Contributor and that particular Contributor's Contribution. 16 | 17 | 1.3. "Contribution" 18 | means Covered Software of a particular Contributor. 19 | 20 | 1.4. "Covered Software" 21 | means Source Code Form to which the initial Contributor has attached 22 | the notice in Exhibit A, the Executable Form of such Source Code 23 | Form, and Modifications of such Source Code Form, in each case 24 | including portions thereof. 25 | 26 | 1.5. "Incompatible With Secondary Licenses" 27 | means 28 | 29 | (a) that the initial Contributor has attached the notice described 30 | in Exhibit B to the Covered Software; or 31 | 32 | (b) that the Covered Software was made available under the terms of 33 | version 1.1 or earlier of the License, but not also under the 34 | terms of a Secondary License. 35 | 36 | 1.6. "Executable Form" 37 | means any form of the work other than Source Code Form. 38 | 39 | 1.7. "Larger Work" 40 | means a work that combines Covered Software with other material, in 41 | a separate file or files, that is not Covered Software. 42 | 43 | 1.8. "License" 44 | means this document. 45 | 46 | 1.9. "Licensable" 47 | means having the right to grant, to the maximum extent possible, 48 | whether at the time of the initial grant or subsequently, any and 49 | all of the rights conveyed by this License. 50 | 51 | 1.10. "Modifications" 52 | means any of the following: 53 | 54 | (a) any file in Source Code Form that results from an addition to, 55 | deletion from, or modification of the contents of Covered 56 | Software; or 57 | 58 | (b) any new file in Source Code Form that contains any Covered 59 | Software. 60 | 61 | 1.11. "Patent Claims" of a Contributor 62 | means any patent claim(s), including without limitation, method, 63 | process, and apparatus claims, in any patent Licensable by such 64 | Contributor that would be infringed, but for the grant of the 65 | License, by the making, using, selling, offering for sale, having 66 | made, import, or transfer of either its Contributions or its 67 | Contributor Version. 68 | 69 | 1.12. "Secondary License" 70 | means either the GNU General Public License, Version 2.0, the GNU 71 | Lesser General Public License, Version 2.1, the GNU Affero General 72 | Public License, Version 3.0, or any later versions of those 73 | licenses. 74 | 75 | 1.13. "Source Code Form" 76 | means the form of the work preferred for making modifications. 77 | 78 | 1.14. "You" (or "Your") 79 | means an individual or a legal entity exercising rights under this 80 | License. For legal entities, "You" includes any entity that 81 | controls, is controlled by, or is under common control with You. For 82 | purposes of this definition, "control" means (a) the power, direct 83 | or indirect, to cause the direction or management of such entity, 84 | whether by contract or otherwise, or (b) ownership of more than 85 | fifty percent (50%) of the outstanding shares or beneficial 86 | ownership of such entity. 87 | 88 | 2. License Grants and Conditions 89 | -------------------------------- 90 | 91 | 2.1. Grants 92 | 93 | Each Contributor hereby grants You a world-wide, royalty-free, 94 | non-exclusive license: 95 | 96 | (a) under intellectual property rights (other than patent or trademark) 97 | Licensable by such Contributor to use, reproduce, make available, 98 | modify, display, perform, distribute, and otherwise exploit its 99 | Contributions, either on an unmodified basis, with Modifications, or 100 | as part of a Larger Work; and 101 | 102 | (b) under Patent Claims of such Contributor to make, use, sell, offer 103 | for sale, have made, import, and otherwise transfer either its 104 | Contributions or its Contributor Version. 105 | 106 | 2.2. Effective Date 107 | 108 | The licenses granted in Section 2.1 with respect to any Contribution 109 | become effective for each Contribution on the date the Contributor first 110 | distributes such Contribution. 111 | 112 | 2.3. Limitations on Grant Scope 113 | 114 | The licenses granted in this Section 2 are the only rights granted under 115 | this License. No additional rights or licenses will be implied from the 116 | distribution or licensing of Covered Software under this License. 117 | Notwithstanding Section 2.1(b) above, no patent license is granted by a 118 | Contributor: 119 | 120 | (a) for any code that a Contributor has removed from Covered Software; 121 | or 122 | 123 | (b) for infringements caused by: (i) Your and any other third party's 124 | modifications of Covered Software, or (ii) the combination of its 125 | Contributions with other software (except as part of its Contributor 126 | Version); or 127 | 128 | (c) under Patent Claims infringed by Covered Software in the absence of 129 | its Contributions. 130 | 131 | This License does not grant any rights in the trademarks, service marks, 132 | or logos of any Contributor (except as may be necessary to comply with 133 | the notice requirements in Section 3.4). 134 | 135 | 2.4. Subsequent Licenses 136 | 137 | No Contributor makes additional grants as a result of Your choice to 138 | distribute the Covered Software under a subsequent version of this 139 | License (see Section 10.2) or under the terms of a Secondary License (if 140 | permitted under the terms of Section 3.3). 141 | 142 | 2.5. Representation 143 | 144 | Each Contributor represents that the Contributor believes its 145 | Contributions are its original creation(s) or it has sufficient rights 146 | to grant the rights to its Contributions conveyed by this License. 147 | 148 | 2.6. Fair Use 149 | 150 | This License is not intended to limit any rights You have under 151 | applicable copyright doctrines of fair use, fair dealing, or other 152 | equivalents. 153 | 154 | 2.7. Conditions 155 | 156 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted 157 | in Section 2.1. 158 | 159 | 3. Responsibilities 160 | ------------------- 161 | 162 | 3.1. Distribution of Source Form 163 | 164 | All distribution of Covered Software in Source Code Form, including any 165 | Modifications that You create or to which You contribute, must be under 166 | the terms of this License. You must inform recipients that the Source 167 | Code Form of the Covered Software is governed by the terms of this 168 | License, and how they can obtain a copy of this License. You may not 169 | attempt to alter or restrict the recipients' rights in the Source Code 170 | Form. 171 | 172 | 3.2. Distribution of Executable Form 173 | 174 | If You distribute Covered Software in Executable Form then: 175 | 176 | (a) such Covered Software must also be made available in Source Code 177 | Form, as described in Section 3.1, and You must inform recipients of 178 | the Executable Form how they can obtain a copy of such Source Code 179 | Form by reasonable means in a timely manner, at a charge no more 180 | than the cost of distribution to the recipient; and 181 | 182 | (b) You may distribute such Executable Form under the terms of this 183 | License, or sublicense it under different terms, provided that the 184 | license for the Executable Form does not attempt to limit or alter 185 | the recipients' rights in the Source Code Form under this License. 186 | 187 | 3.3. Distribution of a Larger Work 188 | 189 | You may create and distribute a Larger Work under terms of Your choice, 190 | provided that You also comply with the requirements of this License for 191 | the Covered Software. If the Larger Work is a combination of Covered 192 | Software with a work governed by one or more Secondary Licenses, and the 193 | Covered Software is not Incompatible With Secondary Licenses, this 194 | License permits You to additionally distribute such Covered Software 195 | under the terms of such Secondary License(s), so that the recipient of 196 | the Larger Work may, at their option, further distribute the Covered 197 | Software under the terms of either this License or such Secondary 198 | License(s). 199 | 200 | 3.4. Notices 201 | 202 | You may not remove or alter the substance of any license notices 203 | (including copyright notices, patent notices, disclaimers of warranty, 204 | or limitations of liability) contained within the Source Code Form of 205 | the Covered Software, except that You may alter any license notices to 206 | the extent required to remedy known factual inaccuracies. 207 | 208 | 3.5. Application of Additional Terms 209 | 210 | You may choose to offer, and to charge a fee for, warranty, support, 211 | indemnity or liability obligations to one or more recipients of Covered 212 | Software. However, You may do so only on Your own behalf, and not on 213 | behalf of any Contributor. You must make it absolutely clear that any 214 | such warranty, support, indemnity, or liability obligation is offered by 215 | You alone, and You hereby agree to indemnify every Contributor for any 216 | liability incurred by such Contributor as a result of warranty, support, 217 | indemnity or liability terms You offer. You may include additional 218 | disclaimers of warranty and limitations of liability specific to any 219 | jurisdiction. 220 | 221 | 4. Inability to Comply Due to Statute or Regulation 222 | --------------------------------------------------- 223 | 224 | If it is impossible for You to comply with any of the terms of this 225 | License with respect to some or all of the Covered Software due to 226 | statute, judicial order, or regulation then You must: (a) comply with 227 | the terms of this License to the maximum extent possible; and (b) 228 | describe the limitations and the code they affect. Such description must 229 | be placed in a text file included with all distributions of the Covered 230 | Software under this License. Except to the extent prohibited by statute 231 | or regulation, such description must be sufficiently detailed for a 232 | recipient of ordinary skill to be able to understand it. 233 | 234 | 5. Termination 235 | -------------- 236 | 237 | 5.1. The rights granted under this License will terminate automatically 238 | if You fail to comply with any of its terms. However, if You become 239 | compliant, then the rights granted under this License from a particular 240 | Contributor are reinstated (a) provisionally, unless and until such 241 | Contributor explicitly and finally terminates Your grants, and (b) on an 242 | ongoing basis, if such Contributor fails to notify You of the 243 | non-compliance by some reasonable means prior to 60 days after You have 244 | come back into compliance. Moreover, Your grants from a particular 245 | Contributor are reinstated on an ongoing basis if such Contributor 246 | notifies You of the non-compliance by some reasonable means, this is the 247 | first time You have received notice of non-compliance with this License 248 | from such Contributor, and You become compliant prior to 30 days after 249 | Your receipt of the notice. 250 | 251 | 5.2. If You initiate litigation against any entity by asserting a patent 252 | infringement claim (excluding declaratory judgment actions, 253 | counter-claims, and cross-claims) alleging that a Contributor Version 254 | directly or indirectly infringes any patent, then the rights granted to 255 | You by any and all Contributors for the Covered Software under Section 256 | 2.1 of this License shall terminate. 257 | 258 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all 259 | end user license agreements (excluding distributors and resellers) which 260 | have been validly granted by You or Your distributors under this License 261 | prior to termination shall survive termination. 262 | 263 | ************************************************************************ 264 | * * 265 | * 6. Disclaimer of Warranty * 266 | * ------------------------- * 267 | * * 268 | * Covered Software is provided under this License on an "as is" * 269 | * basis, without warranty of any kind, either expressed, implied, or * 270 | * statutory, including, without limitation, warranties that the * 271 | * Covered Software is free of defects, merchantable, fit for a * 272 | * particular purpose or non-infringing. The entire risk as to the * 273 | * quality and performance of the Covered Software is with You. * 274 | * Should any Covered Software prove defective in any respect, You * 275 | * (not any Contributor) assume the cost of any necessary servicing, * 276 | * repair, or correction. This disclaimer of warranty constitutes an * 277 | * essential part of this License. No use of any Covered Software is * 278 | * authorized under this License except under this disclaimer. * 279 | * * 280 | ************************************************************************ 281 | 282 | ************************************************************************ 283 | * * 284 | * 7. Limitation of Liability * 285 | * -------------------------- * 286 | * * 287 | * Under no circumstances and under no legal theory, whether tort * 288 | * (including negligence), contract, or otherwise, shall any * 289 | * Contributor, or anyone who distributes Covered Software as * 290 | * permitted above, be liable to You for any direct, indirect, * 291 | * special, incidental, or consequential damages of any character * 292 | * including, without limitation, damages for lost profits, loss of * 293 | * goodwill, work stoppage, computer failure or malfunction, or any * 294 | * and all other commercial damages or losses, even if such party * 295 | * shall have been informed of the possibility of such damages. This * 296 | * limitation of liability shall not apply to liability for death or * 297 | * personal injury resulting from such party's negligence to the * 298 | * extent applicable law prohibits such limitation. Some * 299 | * jurisdictions do not allow the exclusion or limitation of * 300 | * incidental or consequential damages, so this exclusion and * 301 | * limitation may not apply to You. * 302 | * * 303 | ************************************************************************ 304 | 305 | 8. Litigation 306 | ------------- 307 | 308 | Any litigation relating to this License may be brought only in the 309 | courts of a jurisdiction where the defendant maintains its principal 310 | place of business and such litigation shall be governed by laws of that 311 | jurisdiction, without reference to its conflict-of-law provisions. 312 | Nothing in this Section shall prevent a party's ability to bring 313 | cross-claims or counter-claims. 314 | 315 | 9. Miscellaneous 316 | ---------------- 317 | 318 | This License represents the complete agreement concerning the subject 319 | matter hereof. If any provision of this License is held to be 320 | unenforceable, such provision shall be reformed only to the extent 321 | necessary to make it enforceable. Any law or regulation which provides 322 | that the language of a contract shall be construed against the drafter 323 | shall not be used to construe this License against a Contributor. 324 | 325 | 10. Versions of the License 326 | --------------------------- 327 | 328 | 10.1. New Versions 329 | 330 | Mozilla Foundation is the license steward. Except as provided in Section 331 | 10.3, no one other than the license steward has the right to modify or 332 | publish new versions of this License. Each version will be given a 333 | distinguishing version number. 334 | 335 | 10.2. Effect of New Versions 336 | 337 | You may distribute the Covered Software under the terms of the version 338 | of the License under which You originally received the Covered Software, 339 | or under the terms of any subsequent version published by the license 340 | steward. 341 | 342 | 10.3. Modified Versions 343 | 344 | If you create software not governed by this License, and you want to 345 | create a new license for such software, you may create and use a 346 | modified version of this License if you rename the license and remove 347 | any references to the name of the license steward (except to note that 348 | such modified license differs from this License). 349 | 350 | 10.4. Distributing Source Code Form that is Incompatible With Secondary 351 | Licenses 352 | 353 | If You choose to distribute Source Code Form that is Incompatible With 354 | Secondary Licenses under the terms of this version of the License, the 355 | notice described in Exhibit B of this License must be attached. 356 | 357 | Exhibit A - Source Code Form License Notice 358 | ------------------------------------------- 359 | 360 | This Source Code Form is subject to the terms of the Mozilla Public 361 | License, v. 2.0. If a copy of the MPL was not distributed with this 362 | file, You can obtain one at http://mozilla.org/MPL/2.0/. 363 | 364 | If it is not possible or desirable to put the notice in a particular 365 | file, then You may include the notice in a location (such as a LICENSE 366 | file in a relevant directory) where a recipient would be likely to look 367 | for such a notice. 368 | 369 | You may add additional accurate notices of copyright ownership. 370 | 371 | Exhibit B - "Incompatible With Secondary Licenses" Notice 372 | --------------------------------------------------------- 373 | 374 | This Source Code Form is "Incompatible With Secondary Licenses", as 375 | defined by the Mozilla Public License, v. 2.0. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # HCP Terraform Workflows for GitLab 2 | 3 | This repository provides 4 | a [base template](https://github.com/hashicorp/tfc-workflows-gitlab/blob/ce9a175f0a220556dd0fa297b71a3374b49e41aa/Base.gitlab-ci.yml) 5 | and a 6 | sample [.gitlab-ci.yml](https://github.com/hashicorp/tfc-workflows-gitlab/blob/ce9a175f0a220556dd0fa297b71a3374b49e41aa/.gitlab-ci.yml) 7 | file that demonstrate how to integrate your GitLab CI/CD 8 | pipelines with HCP Terraform. 9 | 10 | ## Related Projects 11 | 12 | - [tfc-workflows-tooling](https://github.com/hashicorp/tfc-workflows-tooling) 13 | - [tfc-workflows-github](https://github.com/hashicorp/tfc-workflows-github) 14 | 15 | ## About 16 | 17 | These templates utilize custom Docker containers that interact with HCP Terraform APIs instead of the traditional 18 | Terraform CLI. 19 | The core tooling consists of a containerized Go [application](https://github.com/hashicorp/tfc-workflows-tooling) 20 | designed to work with various CI/CD platforms, including 21 | GitHub Actions and GitLab Pipelines. 22 | 23 | ## Usage 24 | 25 | Our CI/CD template files are designed to be self-contained, with in-place comments providing additional details. Please refer to these comments for more information. 26 | 27 | -------------------------------------------------------------------------------- /docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to tfc-workflows-github 2 | 3 | If you wish to suggest changes to our recommended templates, please create an issue in GitHub. If you'd like, we welcome contributions. Fork this repository and submit a pull requst. 4 | -------------------------------------------------------------------------------- /docs/RELEASES.md: -------------------------------------------------------------------------------- 1 | ## Release Process 2 | 3 | Refer to [hashicorp/tfc-workflows-tooling](https://github.com/hashicorp/tfc-workflows-tooling/blob/main/docs/RELEASES.md#gitlab-pipelines-release-process-hashicorptfc-workflows-gitlab) for release documentation for this project. 4 | --------------------------------------------------------------------------------