New workflow gitlab ci

.gitlab-ci.yml

@@ -0,0 +1,64 @@
+stages:
+  - check
+  - configure
+  - destroy
+
+variables:
+  CONTAINER_URL: "stackspot/runtime-job-destroy:latest"
+  LOCALEXEC_ENABLED: "false"
+
+check_runner:
+  stage: check
+  script:
+    - echo "🤖 OS runner is $(uname)"
+
+configure_aws_credentials:
+  stage: configure
+  script:
+    - if [ -n "$AWS_ROLE_ARN" ]; then
+        aws sts assume-role --role-arn $AWS_ROLE_ARN --role-session-name gitlab-ci-session > /tmp/creds.json;
+        export AWS_ACCESS_KEY_ID=$(cat /tmp/creds.json | jq -r '.Credentials.AccessKeyId');
+        export AWS_SECRET_ACCESS_KEY=$(cat /tmp/creds.json | jq -r '.Credentials.SecretAccessKey');
+        export AWS_SESSION_TOKEN=$(cat /tmp/creds.json | jq -r '.Credentials.SessionToken');
+      fi
+
+run_runtime_action_destroy:
+  stage: destroy
+  script:
+    - |
+      FLAGS=$(echo "-v $CI_PROJECT_DIR:/app-volume \
+      -e FEATURES_LEVEL_LOG=$FEATURES_LEVEL_LOG \
+      -e AUTHENTICATE_CLIENT_ID=$CLIENT_ID \
+      -e AUTHENTICATE_CLIENT_SECRET=$CLIENT_KEY \
+      -e AUTHENTICATE_CLIENT_REALMS=$CLIENT_REALM \
+      -e AUTHENTICATE_URL=https://idm.stackspot.com \
+      -e REPOSITORY_NAME=$REPOSITORY_NAME \
+      -e FEATURES_API_MANAGER=https://runtime-manager.v1.stackspot.com \
+      -e FEATURES_BASEPATH_TMP=/tmp/runtime/deploys \
+      -e FEATURES_BASEPATH_EBS=/opt/runtime \
+      -e FEATURES_TEMPLATES_FILEPATH=/app/ \
+      -e FEATURES_BASEPATH_TERRAFORM=/root/.asdf/shims/terraform \
+      -e AWS_REGION=$AWS_REGION \
+      -e FEATURES_RELEASE_LOCALEXEC=$LOCALEXEC_ENABLED")
+
+      if [ -z "$AWS_ROLE_ARN" ]; then
+        FLAGS=$(echo "$FLAGS -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID")
+        FLAGS=$(echo "$FLAGS -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY")
+        FLAGS=$(echo "$FLAGS -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN")
+      fi
+
+      if [ -n "$AWS_ROLE_ARN" ]; then
+        FLAGS=$(echo "$FLAGS -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID")
+        FLAGS=$(echo "$FLAGS -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY")
+        FLAGS=$(echo "$FLAGS -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN")
+      fi
+
+      if [ -n "$TF_LOG_PROVIDER" ]; then
+        FLAGS=$(echo "$FLAGS -e FEATURES_TERRAFORM_LOGPROVIDER=$TF_LOG_PROVIDER")
+      fi
+
+      docker run --rm \
+      $FLAGS \
+      -e FEATURES_TERRAFORM_MODULES='$FEATURES_TERRAFORM_MODULES' \
+      --entrypoint=/app/stackspot-runtime-job-destroy \
+      $CONTAINER_URL start --run-task-id="$RUN_TASK_ID"

README-gitlab.md

@@ -0,0 +1,32 @@
+# GitLab CI/CD Workflow for Runtime Action Destroy
+
+This GitLab CI/CD workflow runs the Runtime Action Destroy with the specified parameters.
+
+## Inputs
+
+The following environment variables must be configured in your GitLab CI/CD settings:
+
+- `FEATURES_LEVEL_LOG`: Log Level (required)
+- `CLIENT_ID`: CLIENT ID (required)
+- `CLIENT_KEY`: CLIENT KEY (required)
+- `CLIENT_REALM`: CLIENT REALM (required)
+- `REPOSITORY_NAME`: Git Repository Name (required)
+- `AWS_ACCESS_KEY_ID`: AWS ACCESS KEY ID from console (optional)
+- `AWS_SECRET_ACCESS_KEY`: AWS SECRET ACCESS KEY from console (optional)
+- `AWS_SESSION_TOKEN`: AWS SESSION TOKEN from console (optional)
+- `AWS_REGION`: AWS REGION (required)
+- `AWS_ROLE_ARN`: AWS ROLE ARN (optional)
+- `RUN_TASK_ID`: Runtime Run Task Id (required)
+- `CONTAINER_URL`: Destroy Container URL (optional, default: `stackspot/runtime-job-destroy:latest`)
+- `FEATURES_TERRAFORM_MODULES`: Terraform Modules (optional)
+- `PATH_TO_MOUNT`: Path to mount inside the docker (optional, default: `$CI_PROJECT_DIR`)
+- `LOCALEXEC_ENABLED`: If Runtimes will allow execution of the local-exec command within terraform (optional, default: `false`)
+- `TF_LOG_PROVIDER`: Level tf log provider - info, debug, warn or trace (optional)
+
+## Usage
+
+To use this workflow, add the above environment variables to your GitLab CI/CD settings and include the `.gitlab-ci.yml` file in your repository.
+
+```yaml
+include:
+  - local: '.gitlab-ci.yml'