.gitlab-ci.yml

default:
  image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest

variables:
  SSH_KEY_PATH: /tmp/sshkey
  ANSIBLE_ROOT: ${CI_PROJECT_DIR}/ansible
  ANSIBLE_HOST_FILE_PATH: ${CI_PROJECT_DIR}/ansible/hosts.yaml
  SCRIPTS_ROOT: ${CI_PROJECT_DIR}/scripts
  TF_ROOT: ${CI_PROJECT_DIR}/terraform
  TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${TF_STATE_NAME}
  TF_STATE_NAME: ${ENVIRONMENT}-update
  TF_CACHE_KEY: default

before_script:
  - ssh-keygen -b 2048 -t rsa -C "${ENVIRONMENT}-cma-update-tmp" -f ${SSH_KEY_PATH} -q -N ""
  - cd ${TF_ROOT}
  - export TF_VAR_SCW_ACCESS_KEY=${TF_VAR_SCW_ACCESS_KEY}
  - export TF_VAR_SCW_SECRET_KEY=${TF_VAR_SCW_SECRET_KEY}
  - export TF_VAR_SCW_PROJECT_ID=${TF_VAR_SCW_PROJECT_ID}
  - export TF_VAR_ENVIRONMENT=${ENVIRONMENT}
  - export TF_VAR_INSTANCE_COUNT=${TF_VAR_INSTANCE_COUNT}
  - export TF_VAR_SSH_PUBLIC_KEY=$(cat ${SSH_KEY_PATH}.pub)

stages:
  - prepare
  - build
  - plan
  - deploy
  - destroy

sshkey:
  stage: prepare
  script:
    - echo ${TF_VAR_SSH_PUBLIC_KEY}

ansible-hosts-file:
  stage: prepare
  script:
    - chmod +x ${SCRIPTS_ROOT}/build-ansible-hosts.sh
    - . ${SCRIPTS_ROOT}/build-ansible-hosts.sh

init:
  stage: prepare
  script:
    - gitlab-terraform init

validate:
  stage: prepare
  script:
    - gitlab-terraform validate

plan:
  stage: build
  script:
    - gitlab-terraform plan
    - gitlab-terraform plan-json
  artifacts:
    name: plan
    paths:
      - ${TF_ROOT}/plan.cache
    reports:
      terraform: ${TF_ROOT}/plan.json

apply:
  stage: deploy
  environment:
    name: ${ENVIRONMENT}
  script:
    - gitlab-terraform apply
  dependencies:
    - plan

ansible:
  stage: deploy
  script:
    - ansible-playbook -i ${ANSIBLE_ROOT}/tasks/update.yaml --private-key ${SSH_KEY_PATH}

destroy:
  stage: destroy
  environment:
    name: ${ENVIRONMENT}
  script:
    - gitlab-terraform destroy