我已经使用
在gitlab中创建了一个管道image:
name: hashicorp/terraform:light
entrypoint:
- '/usr/bin/env'
- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
variables:
PLAN: dbrest.tfplan
STATE: dbrest.tfstate
cache:
paths:
- .terraform
before_script:
- terraform --version
- terraform init
stages:
- validate
- build
- deploy
- destroy
validate:
stage: validate
script:
- terraform validate
plan:
stage: build
script:
- terraform plan -state=$STATE -out=$PLAN
artifacts:
name: plan
paths:
- $PLAN
- $STATE
apply:
stage: deploy
environment:
name: production
script:
- terraform apply -state=$STATE -input=false $PLAN
- terraform state show aws_instance.bastion
dependencies:
- plan
when: manual
only:
- master
destroy:
stage: destroy
environment:
name: production
script:
- terraform destroy -state=$STATE -auto-approve
dependencies:
- apply
when: manual
only:
- master
我还在“设置”下创建了一个变量。 ->'CI / CD'->'变量'-我的印象是,当我进入手动阶段deploy时,gitlab应该暂停并要求我输入该变量的值,但这不是发生-缺少什么?
答案 0 :(得分:2)
您已手动将管道与when: manual混合在一起。这是您想要的:
https://docs.gitlab.com/ee/ci/pipelines.html#manually-executing-pipelines
您可以将其与only一起用于某些变量。像这样:
...
apply:
stage: deploy
environment:
name: production
script:
- terraform apply -state=$STATE -input=false $PLAN
- terraform state show aws_instance.bastion
dependencies:
- plan
only:
refs:
- master
variables:
- $RELEASE == "yes"
destroy:
stage: destroy
environment:
name: production
script:
- terraform destroy -state=$STATE -auto-approve
dependencies:
- apply
only:
refs:
- master
variables:
- $RELEASE == "yes"
使用类似的方法,您将拥有永远无法正常运行的作业,但前提是您必须在master分支上手动启动新管道并将变量$RELEASE设置为yes。我尚未对此进行测试,因此如果无法解决,我深表歉意!