feat: adds the runtime_overrides variable + tests

.terraform-docs.yml

@@ -0,0 +1,14 @@
+formatter: markdown table
+
+recursive:
+  enabled: false
+  path: modules
+  include-main: true
+
+output:
+  file: README.md
+  mode: inject
+  template: |-
+    <!-- BEGIN_TF_DOCS -->
+    {{ .Content }}
+    <!-- END_TF_DOCS -->

.trunk/trunk.yaml

@@ -2,7 +2,7 @@
 # To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
 version: 0.1
 cli:
-  version: 1.22.9
+  version: 1.22.8
 # Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
 plugins:
   sources:
@@ -39,6 +39,7 @@ lint:
         - CHANGELOG.md
 actions:
   enabled:
+    - terraform-docs
     - trunk-announce
     - trunk-check-pre-push
     - trunk-fmt-pre-commit

data.tf

@@ -1,2 +1,13 @@
 # Look up all spaces in order to map space names to space IDs
 data "spacelift_spaces" "all" {}
+
+# Validate the runtime overrides against the schema
+# Frustrating that we have to do this, but this successfully validates the typing
+# of the given runtime overrides since we need to use `any` for the variable type :(
+# See https://github.com/masterpointio/terraform-spacelift-automation/pull/44 for full details
+data "jsonschema_validator" "runtime_overrides" {
+  for_each = var.runtime_overrides
+
+  document = jsonencode(each.value)
+  schema   = "${path.module}/stack-config.schema.json"
+}

main.tf

@@ -148,7 +148,8 @@ locals {
         # `yaml` is intentionally used here as we require Stack and `tfvars` config files to be named equally
         "tfvars_file_name" = trimsuffix(file, ".yaml"),
       },
-      content
+      content,
+      try(jsondecode(data.jsonschema_validator.runtime_overrides[module].validated), {}),
     ) if file != var.common_config_file
     }
   ]...)
@@ -267,6 +268,8 @@ locals {
     ))
   }
 
+  ## Handle space lookups
+
   # Allow usage of space_name along with space_id.
   # A space_id is long and hard to look at in the stack.yaml file, so pass in the space_name and it will be resolved to the space_id, which will be consumed by the `spacelife_stack` resource.
   space_name_to_id = {
@@ -283,6 +286,18 @@ locals {
       "root"                                             # If no space_id or space_name is provided, default to the root space
     )
   }
+
+  ## Filter integration + drift detection stacks
+
+  aws_integration_stacks = {
+    for stack, config in local.stack_configs :
+    stack => config if try(config.aws_integration_enabled, var.aws_integration_enabled)
+  }
+
+  drift_detection_stacks = {
+    for stack, config in local.stack_configs :
+    stack => config if try(config.drift_detection_enabled, var.drift_detection_enabled)
+  }
 }
 
 check "spaces_enforce_mutual_exclusivity" {
@@ -376,21 +391,16 @@ resource "spacelift_stack_destructor" "default" {
 }
 
 resource "spacelift_aws_integration_attachment" "default" {
-  for_each = {
-    for stack, configs in local.stack_configs : stack => configs
-    if try(configs.aws_integration_enabled, var.aws_integration_enabled)
-  }
+  for_each = local.aws_integration_stacks
+
   integration_id = try(local.stack_configs[each.key].aws_integration_id, var.aws_integration_id)
   stack_id       = spacelift_stack.default[each.key].id
   read           = var.aws_integration_attachment_read
   write          = var.aws_integration_attachment_write
 }
 
 resource "spacelift_drift_detection" "default" {
-  for_each = {
-    for stack, configs in local.stack_configs : stack => configs
-    if try(configs.drift_detection_enabled, var.drift_detection_enabled)
-  }
+  for_each = local.drift_detection_stacks
 
   stack_id     = spacelift_stack.default[each.key].id
   ignore_state = try(local.stack_configs[each.key].drift_detection_ignore_state, var.drift_detection_ignore_state)

stack-config.schema.json

@@ -9,7 +9,7 @@
   "title": "Masterpoint Stack Config schema. Version 1.0. https://masterpoint.io",
   "description": "Schema for Masterpoint's spacelift-automation stack configuration files. This is used to override stack configurations for the https://github.com/masterpointio/terraform-spacelift-automation module.",
   "type": "object",
-  "required": ["kind", "stack_settings"],
+  "required": [],
   "properties": {
     "kind": {
       "type": "string",
@@ -174,6 +174,10 @@
           "type": "string",
           "description": "Spacelift space ID"
         },
+        "space_name": {
+          "type": "string",
+          "description": "Spacelift space name, this will be translated to a space_id. Mutually exclusive with space_id"
+        },
         "terraform_smart_sanitization": {
           "type": "boolean",
           "description": "Whether to enable smart sanitization"

tests/fixtures/multi-instance/root-module-a/stacks/default-example.yaml

@@ -1,12 +1,45 @@
 kind: StackConfigV1
 stack_settings:
   administrative: true
+  additional_project_globs: [glob/*]
+  after_apply: [echo 'after_apply']
+  after_destroy: [echo 'after_destroy']
+  after_init: [echo 'after_init']
+  after_perform: [echo 'after_perform']
+  after_plan: [echo 'after_plan']
+  autodeploy: false
+  autoretry: true
+  before_apply: [echo 'before_apply']
+  before_destroy: [echo 'before_destroy']
+  before_init: [echo 'before_init']
+  before_perform: [echo 'before_perform']
+  before_plan: [echo 'before_plan']
+  branch: prod
   description: This is a test of the emergency broadcast system
-  before_init:
-    - echo 'World'
+  enable_local_preview: true
+  enable_well_known_secret_masking: false
+  github_action_deploy: false
+  manage_state: true
+  protect_from_deletion: true
+  runner_image: masterpointio/spacelift-runner:latest
+  space_name: mp-automation # Tests space_name gets translated to space_id (the Terraform resource attribute that is accepted)
+  terraform_smart_sanitization: true
+  terraform_version: 1.9.0
+  worker_pool_id: "1234567890"
+
+  destructor_enabled: true
+
+  aws_integration_enabled: true
+  aws_integration_id: "1234567890"
+
+  drift_detection_enabled: true
+  drift_detection_ignore_state: true
+  drift_detection_reconcile: true
+  drift_detection_schedule: [0 0 * * *]
+  drift_detection_timezone: America/Denver
+
   labels:
     - default_example_label
-  space_name: mp-automation # Tests space_name gets translated to space_id (the Terraform resource attribute that is accepted)
 
 automation_settings:
   default_tf_workspace_enabled: true

tests/fixtures/multi-instance/root-module-a/stacks/test.yaml

@@ -1,5 +1,5 @@
 kind: StackConfigV1
 stack_settings:
+  space_id: direct-space-id-stack-yaml # Tests direct space_id precedence over global variable space_id
   labels:
     - test_label
-  space_id: direct-space-id-stack-yaml # Tests direct space_id precedence over global variable space_id