Skip to content

WIP: Remove jq requirement for Terraform Widget

Emily Ring requested to merge 219257-accept-entire-json into master

What does this MR do?

blocked by: #235879 (closed)

We currently have a Terraform Widget (See example: https://gitlab.com/emilyring/terraform-test/-/merge_requests/6) that allows users to upload a json artifact that will display changes related to their tfplan.

We currently require the report to look like

{ create: <num>, updated: <num>, delete: <num> }

We ask users to generate this json file by running a command similar to the one below

terraform show --json ${PLAN} | jq -r '([.resource_changes[]?.change.actions?]|flatten)|{"create":(map(select(.=="create"))|length),"update":(map(select(.=="update"))|length),"delete":(map(select(.=="delete"))|length)}' > ${JSON_PLAN_FILE}

This update will allow users to submit the entire tfplan.json file, instead of submitting the converted file. The new script would look something like

script:
    - terraform plan -out=${PLAN}
    - terraform show --json $PLAN > ${JSON_PLAN_FILE}
artifacts:
    name: Full JSON
    reports:
      terraform: ${JSON_PLAN_FILE}

This change is part of issue: #219257. We would like customers to submit the entire tfplan.json file so, in the future, we can display more information.

Screenshots

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Closes #219257

Edited by Emily Ring

Merge request reports