Maniphest T393686

tofu-provisioning: factorize gitlab pipeline logic
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• aborrero
	May 8 2025, 11:14 AM

Tags

Referenced Files

None

Subscribers

Description

Because T391467: gitlab ci: validate secrets settings in pipeline for tofu integration is now resolved, we can anticipate more projects adopting opentofu via gitlab CI/CD.

I would be good to factorize the gitlab pipeline logic so it can be reused.

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		• Chuckonwumelu	T390056 toolforge: introduce additional IaC automation
		Resolved		• aborrero	T393686 tofu-provisioning: factorize gitlab pipeline logic

Event Timeline

• aborrero created this task.May 8 2025, 11:14 AM

• aborrero changed the task status from Open to In Progress.

• aborrero triaged this task as Medium priority.

• aborrero moved this task from Backlog to Doing on the User-aborrero board.

+1. Please also migrate the tofu container image to somewhere where it doesn't need to be rebuilt for every single pipeline run.

working on this: https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/51
example: https://gitlab.wikimedia.org/repos/cloud/cloud-vps/networktests-tofu-provisioning/-/merge_requests/23

pushed container image: docker-registry.tools.wmflabs.org/tofu-provisioning:20250512
from Dockerfile: https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/51/diffs#diff-content-30f6bcfa843d53972da803792987d04b448b42d9

Mentioned in SAL (#wikimedia-cloud) [2025-05-12T13:04:04Z] <arturo> add container image to docker registry docker-registry.tools.wmflabs.org/tofu-provisioning:20250512 (T393686)

aborrero opened https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/25

gitlab-ci: replace local logic with included one

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/51

gitlab-ci: introduce tofu-provisioning code

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cloud-vps/networktests-tofu-provisioning/-/merge_requests/23

gitlab-ci: replace local logic with included one

aborrero merged https://gitlab.wikimedia.org/repos/cloud/toolforge/tofu-provisioning/-/merge_requests/25

gitlab-ci: replace local logic with included one

aborrero opened https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/57

tofu-provisioning: report opentofu plan changes as job warning

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/57

tofu-provisioning: report opentofu plan changes as job warning

Lens0021 unsubscribed.May 13 2025, 9:40 AM

aborrero opened https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/58

tofu-provisioning: fix cached tofu plan

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/58

tofu-provisioning: fix cached tofu plan

aborrero opened https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/59

tofu-provisioning: don't cache opentofu plan across jobs

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/59

tofu-provisioning: don't cache opentofu plan across jobs

aborrero opened https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/60

tofu-provisioning: drop providers.tf file logic

aborrero merged https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci/-/merge_requests/60

tofu-provisioning: drop providers.tf file logic

This is mostly completed. There are 2 repos using this setup:

And I will be proposing to introduce to at least another one:

https://gitlab.wikimedia.org/repos/cloud/metricsinfra/tofu-provisioning/-/merge_requests/2