feat: Add Terraform Module publisher

ad73a08a · Andrew Newdigate · 9f8454d3 · ad73a08a · ad73a08a
Unverified Commit ad73a08a authored 3 months ago by Andrew Newdigate
--- a/terraform-module-publish.md
+++ b/terraform-module-publish.md
+# [`terraform-module-publish`](./terraform-module-publish.yml)
+
+Publish a Terraform Module in the GitLab Terraform Module Registry
+
+```yaml
+include:
+  # Publish a Terraform Module in the Terraform Module registry
+  # see https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks/-/blob/main/terraform-module-publish.md
+  - project: 'gitlab-com/gl-infra/common-ci-tasks'
+    ref: v2.44.2  # renovate:managed
+    file: terraform-module-publish.md
+    inputs:
+      module_name:
+      module_system:
+```
+
+## Excluding files from the Terraform Module
+
+To exclude files from the tarball, configure a `.tfmoduleignore` file in the root of the project.
+
+This will reduce the size of the module,
+improving performance throughout the development and provisioning cycle.
+
+Dot files, including `.git`, will also be excluded by default.
--- a/terraform-module-publish.yml
+++ b/terraform-module-publish.yml
+spec:
+  inputs:
+    validate_stage:
+      description: "The stage to validate from"
+      default: validate
+    release_stage:
+      description: "The stage to release from"
+      default: release
+    module_dir:
+      description: "The directory to publish"
+      default: "."
+    module_name:
+      description: "The name of the module"
+      default: "${CI_PROJECT_NAME}"
+      regex: "^[a-z]([a-z0-9-]){1,63}$"
+    module_system:
+      description: |
+        The name of a remote system that the module is primarily written to target.
+        For multi-cloud abstractions,
+        there can be multiple modules with addresses that differ only in "system"
+        to reflect provider-specific implementations of the abstraction,
+        like registry.terraform.io/hashicorp/consul/aws vs. registry.terraform.io/hashicorp/consul/azurerm.
+        The system name commonly matches the type portion of the address of an official provider,
+        like aws or azurerm in the above examples,
+        but that is not required
+        and so you can use whichever system keywords make sense for the organization of your particular registry.
+      regex: "^[a-z]([a-z0-9-]){1,63}$"
+
+---
+
+publish-terraform-module:
+  image: curlimages/curl:latest
+  stage: release
+  variables:
+    TERRAFORM_MODULE_DIR: $[[ inputs.module_dir | expand_vars ]]
+    TERRAFORM_MODULE_NAME: $[[ module_name | expand_vars ]]
+    TERRAFORM_MODULE_SYSTEM: $[[ module_system | expand_vars ]]
+    TERRAFORM_MODULE_VERSION: "${CI_COMMIT_TAG}"
+  script:
+    - |
+      # Sanitize version, remove `^v`
+      TERRAFORM_MODULE_VERSION=${TERRAFORM_MODULE_VERSION#v}
+      TARBALL_FILE=${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz
+
+      if [[ -f .tfmoduleignore ]]; then
+        ignore_args="--exclude-from=.tfmoduleignore"
+      else
+        ignore_args=""
+      fi
+
+    # Create archive, exclude hidden files/folders
+    - |
+      tar -cvzf "${TARBALL_FILE}" \
+        -C "${TERRAFORM_MODULE_DIR}" \
+        --exclude='*/\.*'
+        ${ignore_args}
+        .
+
+    # Upload
+    - |
+      curl --fail-with-body \
+        --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
+        --upload-file "${TARBALL_FILE}" \
+        "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${TERRAFORM_MODULE_NAME}/${TERRAFORM_MODULE_SYSTEM}/${TERRAFORM_MODULE_VERSION}/file"'
+  rules:
+    - if: $CI_COMMIT_TAG