To fit the use case, the Jenkins Pipeline will have three steps:
- Generate the plan file
- Query user input for plan approval
- Apply the plan file if approved
Assumption: you claim the pipeline is successful for plan, which implies to me that Action and tfm are environment variables (i.e. env.Action), because otherwise the String argument to the sh step method is invalid. Given that assumption:
(answer now modified upon request to demonstrate tfm as a pipeline parameter and no longer is in the env object)
parameters {
string(name: 'tfm', description: 'Terraform module to act upon.')
}
stages {
stage('TF Plan') {
steps {
// execute plan and capture plan output
sh(
label: 'Terraform Plan',
script: "terragrunt plan -out=plan.tfplan -no-color --terragrunt-source '/var/temp/tf_modules//${params.tfm}'"
)
}
}
stage('TF Apply') {
// only execute stage if apply is desired
when { expression { return env.Action == 'apply' } }
steps {
// query for user approval of plan
input(message: 'Click "proceed" to approve the above Terraform Plan')
// apply the plan if approved
sh(
label: 'Terraform Apply',
script: 'terraform apply -auto-approve -input=false -no-color plan.tfplan'
)
}
}
}
You may also want to add the equivalent of env.TF_IN_AUTOMATION = true to the environment directive. This can be helpful when executing Terraform in a pipeline.
If you also modify the pipeline agent to be e.g. the Terraform CLI image running as a container, then the plan output file will also need to be preserved between stages.
CLICK HERE to find out more related problems solutions.