kind: pipeline
type: kubernetes
name: Terraform

steps:
- name: Terraform Init
  image: bv11-cr01.bessems.eu/library/packer-extended
  commands:
  - |
    terraform -chdir=terraform init \
      -upgrade \
      -input=false \
      -backend-config="conn_str=$${PG_CONNECTIONSTRING}"
  # - cat terraform/.terraform.lock.hcl
  environment:
    PG_CONNECTIONSTRING: postgres://terraform:terraform@tfstate.default.svc.cluster.local/terraform_backend?sslmode=disable
    TF_AUTOMATION: yes
    # TF_LOG: TRACE
- name: Terraform Plan
  image: bv11-cr01.bessems.eu/library/packer-extended
  commands:
  - |
    terraform -chdir=terraform plan \
      -var="hv_password=$${VSPHERE_PASSWORD}" -var="repo_username=$${REPO_USERNAME}" -var="repo_password=$${REPO_PASSWORD}" -var="adds_password=$${ADDS_PASSWORD}" -var="vault_token=$${VAULT_TOKEN}" \
      -var-file='vsphere.tfvars' -var-file='vm.tfvars' \
      -input=false \
      -out=terraform.plan
  environment:
    TF_AUTOMATION: yes
    VSPHERE_PASSWORD:
      from_secret: vsphere_password
    REPO_USERNAME:
      from_secret: repo_username
    REPO_PASSWORD:
      from_secret: repo_password
    ADDS_PASSWORD:
      from_secret: adds_password
    VAULT_TOKEN:
      from_secret: vault_token
    TF_LOG: TRACE
- name: Terraform Apply
  image: bv11-cr01.bessems.eu/library/packer-extended
  commands:
  - |
    terraform -chdir=terraform apply \
      -input=false \
      -auto-approve \
      terraform.plan
  environment:
    TF_AUTOMATION: yes
    TF_LOG: TRACE