Remove all unnecessary project files no longer required for maintenance

4230b972 · Timo Furrer · 1a577432 · 1a577432 · 4230b972 · 1a577432
Unverified Commit 4230b972 authored 1 year ago by Timo Furrer
--- a/.gitignore
+++ b/.gitignore
-node_modules/
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
 ---
 workflow:
  rules:
+    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images"'
+      when: never
    - if: $CI_MERGE_REQUEST_IID
    - if: $CI_COMMIT_TAG
    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true'
-include:
-  - local: .gitlab/terraform-test.gitlab-ci.yml
-  - project: "gitlab-org/quality/pipeline-common"
-    file:
-      - "/ci/danger-review.yml"
 variables:
  BASE_IMAGE: "alpine:3.18.4"
  TERRAFORM_IMAGE_NAME: "$CI_REGISTRY_IMAGE/branches/$CI_COMMIT_REF_SLUG-$TERRAFORM_VERSION:$CI_COMMIT_SHA"
  DOCKER_DIND_IMAGE: "docker:24.0.7-dind"
-  NODE_IMAGE: "node:lts-slim"
  PLATFORMS: linux/amd64,linux/arm64
  STABLE_IMAGE_NAME: "$CI_REGISTRY_IMAGE/stable:latest"
  STABLE_VERSION: "1.5"
-  TF_STATE_NAME: ci-$CI_JOB_ID
 .terraform-versions:
  parallel:
@@ -36,60 +30,25 @@ variables:
        TERRAFORM_VERSION: "1.1"
 stages:
-  - lint
+  - test
  - build
-  - test-integration
+  - deploy
-  - test-init
-  - test-fmt
-  - test-validate
-  - test-plan
-  - test-apply
-  - test-destroy
-  - test-misc
-  - prepare-release
-  - release
-  - upload-test-module
-danger-review:
-  stage: lint
 shell check:
-  stage: lint
+  stage: test
  image: koalaman/shellcheck-alpine:v0.9.0
  before_script:
    - shellcheck --version
  script:
-    - shellcheck src/**/*.sh scripts/*.sh
+    - shellcheck src/**/*.sh
-commit lint:
-  stage: lint
-  needs: []
-  image: "$NODE_IMAGE"
-  cache:
-    key:
-      files:
-        - package.json
-    paths:
-      - node_modules
-  before_script:
-    - apt-get update && apt-get install -y --no-install-recommends git-core ca-certificates
-    - npm install
-  script:
-    - npx commitlint --from $CI_MERGE_REQUEST_DIFF_BASE_SHA --to HEAD --help-url 'https://gitlab.com/gitlab-org/terraform-images/-/blob/master/CONTRIBUTING.md'
-  rules:
-    - if: "$CI_MERGE_REQUEST_EVENT_TYPE != 'merge_train' && $CI_MERGE_REQUEST_IID"
 dockerfile check:
-  stage: lint
+  stage: test
  image: hadolint/hadolint:latest-alpine
-  parallel:
-    matrix:
-      - FILE: Dockerfile.terraform
  before_script:
    - hadolint --version
  script:
-    - hadolint $FILE
+    - hadolint --ignore DL3059 --ignore DL3006 --ignore DL3018 Dockerfile
 build terraform:
  extends: .terraform-versions
@@ -118,27 +77,15 @@ build terraform:
      --platform "$PLATFORMS"
      --build-arg BASE_IMAGE=$BASE_IMAGE
      --build-arg TERRAFORM_BINARY_VERSION=$TERRAFORM_BINARY_VERSION
-      --file Dockerfile.terraform
+      --file Dockerfile
      --tag "$TERRAFORM_IMAGE_NAME"
      --provenance=false
      --push
      .
-upload:
-  stage: upload-test-module
-  script:
-    - cd tests/modules/random-pet
-    - tar -cvzf ${CI_PROJECT_NAME}-local-${TERRAFORM_MODULE_VERSION}.tgz -C ${CI_PROJECT_DIR} .
-    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ${CI_PROJECT_NAME}-local-${TERRAFORM_MODULE_VERSION}.tgz ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/random-pet/local/${TERRAFORM_MODULE_VERSION}/file'
-  variables:
-    TERRAFORM_MODULE_VERSION: 0.0.1
-  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
-      when: manual
 release-terraform:
  extends: .terraform-versions
-  stage: release
+  stage: deploy
  variables:
    RELEASE_IMAGE_NAME: "$CI_REGISTRY_IMAGE/releases/$TERRAFORM_VERSION"
  image:
@@ -154,38 +101,13 @@ release-terraform:
  rules:
    - if: $CI_COMMIT_TAG
-.semantic-release:
+release:
-  image: "$NODE_IMAGE"
+  stage: deploy
-  stage: prepare-release
+  needs: [release-terraform]
-  before_script:
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
-    - apt-get update && apt-get install -y --no-install-recommends git-core ca-certificates
-    - npm install -g semantic-release @semantic-release/gitlab
-  script:
-    - semantic-release $DRY_RUN_OPT -b $CI_COMMIT_REF_NAME
-tag_release-dryrun:
-  extends: .semantic-release
-  variables:
-    DRY_RUN_OPT: "-d"
-  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images" && $CI_MERGE_REQUEST_IID'
-tag_release:
-  extends: .semantic-release
  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    - if: $CI_COMMIT_TAG
+  script: echo "Creating release $CI_COMMIT_TAG"
-cleanup_tf_states:
+  release:
-  image: alpine:latest
+    tag_name: $CI_COMMIT_TAG
-  stage: test-destroy
+    description: "terraform-images release $CI_COMMIT_TAG"
-  variables:
-    REMOVE_STATES_UNTIL: 1 week ago
-    GITLAB_TOKEN: $GL_PURGE_STATE_TOKEN
-  before_script:
-    - apk add --update coreutils curl jq
-    - export FETCH_OLDER_THAN=$(date '+%Y-%m-%dT%H:%M:%SZ' -d "${REMOVE_STATES_UNTIL}")
-  script:
-    - echo "Going to remove Terraform States older than '$FETCH_OLDER_THAN'"
-    - ./scripts/fetch-states.sh | sed -n '1d;p' | ./scripts/remove-states.sh
-  rules:
-    - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "schedule"'
--- a/.gitlab/integration-test/Test-Terraform.gitlab-ci.yml
+++ b/.gitlab/integration-test/Test-Terraform.gitlab-ci.yml
-workflow:
-  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images"'
-include:
-  - template: Terraform.gitlab-ci.yml
-image: "$IMAGE"
-# The `terraform apply` should always happen for the integration tests.
-# This prevents stalled manual pipelines, but more importantly tests
-# the `apply` wrapper.
-deploy:
-  rules:
-    - when: always
-destroy:
-  extends: .terraform:destroy
-  rules:
-    - when: always
--- a/.gitlab/integration-test/Test-Terraform.latest.gitlab-ci.yml
+++ b/.gitlab/integration-test/Test-Terraform.latest.gitlab-ci.yml
-workflow:
-  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images"'
-include:
-  - template: Terraform.latest.gitlab-ci.yml
-default:
-  image: "$IMAGE"
-.run-always:
-  rules:
-    - when: always
-fmt:
-  rules: !reference [.run-always, rules]
-validate:
-  rules: !reference [.run-always, rules]
-build:
-  rules: !reference [.run-always, rules]
-# The `terraform apply` should always happen for the integration tests.
-# This prevents stalled manual pipelines, but more importantly tests
-# the `apply` wrapper.
-deploy:
-  rules: !reference [.run-always, rules]
-destroy:
-  extends: .terraform:destroy
-  rules: !reference [.run-always, rules]
--- a/.gitlab/terraform-test.gitlab-ci.yml
+++ b/.gitlab/terraform-test.gitlab-ci.yml
-.terraform-test-base:
-  image: "$TERRAFORM_IMAGE_NAME"
-  before_script:
-    - gitlab-terraform version
-    - jq --version
-  cache:
-    key: "$TERRAFORM_VERSION-$CI_COMMIT_REF_SLUG"
-    paths:
-      - tests/.terraform/
-.terraform-test:
-  extends:
-    - .terraform-test-base
-  before_script:
-    - !reference [.terraform-test-base, before_script]
-    - cd tests
-.test-tf-root:
-  extends:
-    - .terraform-test-base
-  variables:
-    TF_ROOT: tests
-terraform-test-init:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - gitlab-terraform init
-terraform-test-init-with-args:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - gitlab-terraform init -get=true -no-color
-terraform-test-init-with-flags:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - export TF_INIT_FLAGS="-get=true -no-color"
-    - gitlab-terraform init
-terraform-test-init-with-flags-and-args:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - export TF_INIT_FLAGS="-get=true"
-    - gitlab-terraform init -no-color
-terraform-test-init-tf-root:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - gitlab-terraform init
-terraform-test-init-tf-root-with-cd:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - cd tests
-    - export DEBUG_OUTPUT=true
-    - gitlab-terraform init
-terraform-test-init-tf-root-with-args:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - gitlab-terraform init -get=true -no-color
-terraform-test-init-tf-root-with-flags:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - export TF_INIT_FLAGS="-get=true -no-color"
-    - gitlab-terraform init
-terraform-test-init-tf-root-with-flags-and-args:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - export DEBUG_OUTPUT=true
-    - export TF_INIT_FLAGS="-get=true"
-    - gitlab-terraform init -no-color
-terraform-test-init-without-reconfigure:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - gitlab-terraform init
-    - |
-      cat <<EOF > $TF_ROOT/backend_override.tf
-      terraform {
-        backend "local" {}
-      }
-      EOF
-    - export TF_INIT_NO_RECONFIGURE=true
-    - FAILED=false
-    - gitlab-terraform init -no-color >/tmp/output.txt 2>&1 || FAILED=true
-    - cat /tmp/output.txt
-    - test $FAILED = true
-    - 'cat /tmp/output.txt | grep "Error: Backend configuration changed"'
-terraform-test-init-with-reconfigure:
-  extends:
-    - .test-tf-root
-    - .terraform-versions
-  stage: test-init
-  script:
-    - gitlab-terraform init
-    - |
-      cat <<EOF > $TF_ROOT/backend_override.tf
-      terraform {
-        backend "local" {}
-      }
-      EOF
-    - gitlab-terraform init
-terraform-test-init-with-prepared-registry-token:
-  extends:
-    - .terraform-test
-  stage: test-init
-  variables:
-    TERRAFORM_VERSION: $STABLE_VERSION
-  script:
-    - apk add --update $PKG
-    - |
-      cat <<'EOF' > test.sh
-      set -x
-      export TF_TOKEN_gitlab_com=mysecrettoken
-      . $(which gitlab-terraform)
-      terraform_authenticate_private_registry
-      test "$TF_TOKEN_gitlab_com" = "mysecrettoken"
-      EOF
-    - $SHELL test.sh
-  parallel:
-    matrix:
-      - SHELL: "bash"
-        PKG: "bash"
-      - SHELL: "zsh"
-        PKG: "zsh"
-      - SHELL: "ksh"
-        PKG: "loksh"
-terraform-test-init-without-prepared-registry-token:
-  extends:
-    - .terraform-test
-  stage: test-init
-  variables:
-    TERRAFORM_VERSION: $STABLE_VERSION
-  script:
-    - apk add --update $PKG
-    - |
-      cat <<'EOF' > test.sh
-      set -x
-      . $(which gitlab-terraform)
-      terraform_authenticate_private_registry
-      test -n "$TF_TOKEN_gitlab_com"
-      EOF
-    - $SHELL test.sh
-  parallel:
-    matrix:
-      - SHELL: "bash"
-        PKG: "bash"
-      - SHELL: "zsh"
-        PKG: "zsh"
-      - SHELL: "ksh"
-        PKG: "loksh"
-terraform-test-fmt:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-fmt
-  script:
-    - gitlab-terraform fmt
-terraform-test-validate:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-validate
-  script:
-    - gitlab-terraform validate
-terraform-test-plan:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-plan
-  variables:
-    TF_PLAN_CACHE: $TERRAFORM_VERSION-plan.cache
-  script:
-    - gitlab-terraform plan
-    - if [[ ! -f "$TERRAFORM_VERSION-plan.cache" ]]; then echo "expected to find a plan.cache file"; exit 1; fi
-    - gitlab-terraform plan-json
-    - if [[ ! -f "plan.json" ]]; then echo "expected to find a plan.json file"; exit 1; fi
-  artifacts:
-    paths:
-      - "tests/*-plan.cache"
-terraform-test-apply:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-apply
-  variables:
-    TF_PLAN_CACHE: $TERRAFORM_VERSION-plan.cache
-  script:
-    - gitlab-terraform apply
-terraform-test-destroy:
-  extends:
-    - .terraform-test
-    - .terraform-versions
-  stage: test-destroy
-  script:
-    - gitlab-terraform destroy
-terraform-test-source-script:
-  extends:
-    - .terraform-test
-  stage: test-misc
-  needs: [build terraform]
-  variables:
-    TERRAFORM_VERSION: $STABLE_VERSION
-  before_script:
-    - !reference [.terraform-test-base, before_script]
-    - apk add --update $PKG
-  script:
-    - |
-      cat <<'EOF' > test.sh
-      set -x
-      test -z "$TF_GITLAB_SOURCED"
-      . $(which gitlab-terraform)
-      test $TF_GITLAB_SOURCED
-      EOF
-    - |
-      mkdir /usr/local/sbin
-      cat <<'EOF' > /usr/local/sbin/terraform
-      #/!usr/bin/env sh -e
-      echo "Called Terraform, but shouldn't have!!"
-      false
-      EOF
-      chmod +x /usr/local/sbin/terraform
-    - $SHELL test.sh
-  parallel:
-    matrix:
-      - SHELL: "bash"
-        PKG: "bash"
-      - SHELL: "zsh"
-        PKG: "zsh"
-      - SHELL: "ksh"
-        PKG: "loksh"
-terraform-test-without-implicit-init:
-  extends:
-    - .terraform-test
-  stage: test-misc
-  needs: [build terraform]
-  cache:
-  variables:
-    TERRAFORM_VERSION: $STABLE_VERSION
-    STATE_NAME: $CI_JOB_NAME
-  script:
-    - export TF_IMPLICIT_INIT=false
-    - FAILED=false
-    - gitlab-terraform $CMD -no-color >/tmp/output.txt 2>&1 || FAILED=true
-    - cat /tmp/output.txt
-    - test $FAILED = true
-    - 'cat /tmp/output.txt | grep "$ERROR"'
-  parallel:
-    matrix:
-      - CMD: apply
-        ERROR: 'Error: Failed to load "plan.cache" as a plan'
-      - CMD: destroy
-        ERROR: 'Error: Backend initialization required, please run "terraform init"'
-      - CMD: plan
-        ERROR: 'Error: Backend initialization required, please run "terraform init"'
-      - CMD: validate
-        ERROR: 'Run "terraform init" to install all modules'
-terraform-test-no-wrapper:
-  extends:
-    - .terraform-test
-  stage: test-misc
-  needs: [build terraform]
-  cache:
-  variables:
-    TERRAFORM_VERSION: $STABLE_VERSION
-    STATE_NAME: $CI_JOB_NAME
-  script:
-    # NOTE: running `gitlab-terraform apply` wouldn't fail
-    #       because of the implicit `terraform init`.
-    - FAILED=false
-    - gitlab-terraform -- apply -no-color >/tmp/output.txt 2>&1 || FAILED=true
-    - cat /tmp/output.txt
-    - test $FAILED = true
-    - 'cat /tmp/output.txt | grep "Error: Backend initialization required, please run \"terraform init\""'
-terraform-integration-test-template:
-  stage: test-integration
-  variables:
-    IMAGE: $TERRAFORM_IMAGE_NAME
-    TERRAFORM_VERSION: $STABLE_VERSION
-    TF_STATE_NAME: ci-terraform-integration-test-template-$CI_PIPELINE_IID-$CI_NODE_INDEX
-    TF_ROOT: tests
-  trigger:
-    include: .gitlab/integration-test/Test-$TEMPLATE
-    strategy: depend
-  rules:
-    - if: '$CI_PROJECT_PATH == "gitlab-org/terraform-images"'
-    - if: '$CI_MERGE_REQUEST_EVENT_TYPE == "merge_train"'
-  parallel:
-    matrix:
-      - TEMPLATE: [Terraform.gitlab-ci.yml, Terraform.latest.gitlab-ci.yml]
--- a/.gitmodules
+++ b/.gitmodules
-[submodule "examples/gitlab-terraform-aws"]
-	path = examples/gitlab-terraform-aws
-	url = https://gitlab.com/gitlab-org/configure/examples/gitlab-terraform-aws
--- a/.hadolint.yaml
+++ b/.hadolint.yaml
-ignored:
-  - DL3059
-  - DL3006
-  - DL3018
--- a/.releaserc.yml
+++ b/.releaserc.yml
-verifyConditions:
-  - "@semantic-release/gitlab"
-prepare: false
-publish:
-  - "@semantic-release/gitlab"
-success: false
-fail: false
-npmPublish: false
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
-## Git Commit Guidelines
+# Contributing
-This project uses [Semantic Versioning](https://semver.org). We use commit
+This project won't receive any Terraform specific updates,
-messages to automatically determine the version bumps, so they should adhere to
+due to the HashiCorp Terraform license change to BSL.
-the conventions of [Conventional Commits (v1.0.0-beta.2)](https://www.conventionalcommits.org/en/v1.0.0-beta.2/).
-### TL;DR
+GitLab is no longer allowed to distribute Terraform.
- Commit messages starting with `fix: ` trigger a patch version bump
- Commit messages starting with `feat: ` trigger a minor version bump
- Commit messages having a footer with `BREAKING CHANGE: ` trigger a major version bump.
-## Automatic versioning
-Each push to `master` triggers a [`semantic-release`](https://semantic-release.gitbook.io/semantic-release/)
-CI job that determines and pushes a new version tag (if any) based on the
-last version tagged and the new commits pushed. Notice that this means that if a
-Merge Request contains, for example, several `feat: ` commits, only one minor
-version bump will occur on merge. If your Merge Request includes several commits
-you may prefer to ignore the prefix on each individual commit and instead add
-an empty commit sumarizing your changes like so:
-```
-git commit --allow-empty -m '[feat|fix]: <changelog summary message
-```
-### Stable tag
-This project updates a `stable:latest` tag in the container registry which
-tracks the latest build of the image specified in `STABLE_VERSION` in
-`.gitlab-ci.yml`. Simply update this to reflect what version series is
-considered stable by upstream and the `stable:latest` tag will be updated
-automatically.
--- a/Dangerfile
+++ b/Dangerfile
-require 'gitlab-dangerfiles'
-# see https://docs.gitlab.com/ee/development/dangerbot.html#enable-danger-on-a-project
-# see https://gitlab.com/gitlab-org/ruby/gems/gitlab-dangerfiles
-Gitlab::Dangerfiles.for_project(self) do |dangerfiles|
-  # Import all plugins from the gem
-  dangerfiles.import_plugins
-  # Import a defined set of danger rules
-  dangerfiles.import_dangerfiles(only: %w[simple_roulette type_label subtype_label changes_size z_retry_link])
-end
--- a/Dockerfile.terraform
+++ b/Dockerfile.terraform
--- a/README.md
+++ b/README.md
@@ -14,16 +14,47 @@
 > aforementioned new [OpenTofu CI/CD component](https://gitlab.com/components/opentofu).
-This repository provides a docker image which contains the `gitlab-terraform` shell script. This script is a thin wrapper around the `terraform` binary. Its main purpose is to serve the [Infrastructure as code with Terraform and GitLab
+This repository provides a docker image which contains the `gitlab-terraform` shell script. This script is a thin wrapper around the `terraform` binary. Its main purpose is to support [Infrastructure as code with Terraform and GitLab
-](https://docs.gitlab.com/ee/user/infrastructure/), by extracting some of the standard configuration a user would need to set up to use the Terraform backend on GitLab as well as the Terraform merge request widget.
+](https://docs.gitlab.com/ee/user/infrastructure/), by extracting some of the standard configuration a user would need to set up to use the Terraform backend on GitLab as well as the Terraform merge request integration.
+## Build and Host Image and Template yourself for up-to-date Terraform
+Due to the HashiCorp Terraform license change to BSL, GitLab is no longer legally allowed 
+to distribute Terraform as part of its products. 
+Therefore, this project and the associated Terraform CI/CD templates are deprecated and will
+not receive regular updates. The following guide explains how you can host and build 
+a container image containing an up-to-date Terraform version and the `gitlab-terraform` script and
+deploy it alongside the Terraform CI/CD templates in your own GitLab project.
+The following steps need to be performed:
+1. Mirror this project using a [Pull Mirror](https://docs.gitlab.com/ee/user/project/repository/mirror/pull.html).
+1. Change the `.terraform-versions` matrix in the `.gitlab-ci.yml` file to the Terraform versions you want to build
+1. Tag the project to trigger a release pipeline. Make sure it succeeds.
+1. Include the template in a project on your instance:
+```yaml
+include:
+  - project: "<path-to-your-mirror-project>"
+    file: "/templates/Terraform.gitlab-ci.yml"
+default:
+  image:
+    # The image name is required. The template doesn't set it.
+    name: $CI_REGISTRY_HOST/<path-to-your-mirror-project>/releases/<Terraform-version>:<project-version>"
+```
+***
+## How to use the provided CI templates
-# How to use it
+Once you built your own image and included the template to your target project, you can further configure the jobs with environment variables.
-## Required Environment Variables
+### Required Environment Variables
 The wrapper expects three environment variables to be set:
-### `TF_ADDRESS`
+#### `TF_ADDRESS` (default: `${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/default`)
 Should be the backend URL. For the GitLab backend it will be something like:
@@ -33,15 +64,15 @@ Should be the backend URL. For the GitLab backend it will be something like:
 - `PROJECT_ID` is the id of the project you're using as your infrastructure as code (you can use `$CI_PROJECT_ID` in [GitLab CI/CD](https://docs.gitlab.com/ee/ci/variables/index.html))
 - `STATE_NAME` can be arbitrarily defined to the Terraform state name that you create.
-### `TF_USERNAME`
+#### `TF_USERNAME` (default: `$GITLAB_USER_LOGIN`)
-Is your user login name, which must have maintainer access. If this is unset, it will default to the value of `GITLAB_USER_LOGIN` which is the username that triggered the build.
+Is your user login name, which must have maintainer access. 
-### `TF_PASSWORD`
+#### `TF_PASSWORD` (default: `$CI_JOB_TOKEN`)
 An access token created for the above maintainer with the `api` scope. If this is unset, it will default to the value of `CI_JOB_TOKEN` and override the `TF_USERNAME` to match.
-## Support for GitLab CI Environment Variables
+### Support for GitLab CI Environment Variables
 `gitlab-terraform` exposes the following GitLab CI Environment Variables as `TF_VAR` inputs
@@ -69,23 +100,6 @@ variable "CI_PROJECT_NAME" {
 }
 ```
-## Terraform lockfile handling
+### Terraform lockfile handling
 If you commit the `.terraform.lock.hcl` file to your repository we recommend setting `TF_INIT_FLAGS` to `-lockfile=readonly` to prevent changes to the lockfile.
-# How to contribute?
-Contributions are always welcome. Don't be shy!
-If there's no other issue already discussing what you want, simply open a new issue and the maintainers will gladly review it and respond as soon as possible. If there's an open issue with the "Accepting merge requests" label, simply open up a merge request proposal linking to that issue and we'll also review it as soon as possible.
-## Git Commit Guidelines
-This project uses [Semantic Versioning](https://semver.org). We use commit
-messages to automatically determine the version bumps, so they should adhere to
-the conventions of [Conventional Commits `(v1.0.0)`](https://www.conventionalcommits.org/en/v1.0.0/).
-# Release
-Currently we release three versions of this image to support the last three stable major versions of Terraform. 
-The image versioning is documented [here](https://docs.gitlab.com/ee/user/infrastructure/iac/gitlab_terraform_helpers.html#terraform-images).
--- a/commitlint.config.js
+++ b/commitlint.config.js
-module.exports = {extends: ['@commitlint/config-conventional']}
\ No newline at end of file
--- a/gitlab-terraform-aws @ 225ab9c1
+++ b/gitlab-terraform-aws @ 225ab9c1
-Subproject commit 225ab9c112602bfecd9c052cbabb84a4f3e9fab6
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
-{
-  "name": "terraform-images",
-  "version": "0.0.0",
-  "license": "MIT",
-  "devDependencies": {
-    "@commitlint/cli": "^17.8.0",
-    "@commitlint/config-conventional": "^17.8.0"
-  }
-}
--- a/scripts/fetch-states.sh
+++ b/scripts/fetch-states.sh
-#!/usr/bin/env sh
-#
-# Script to fetch all Terraform States of a project,
-# optionally filter states which are older than a given
-# date time.
-# 
-# The output is in CSV and contains a header line
-# containing the names of the columns.
-# You can easily store it as CSV using:
-# `fetch-states.sh > states.csv`
-# or stream it to another script, e.g. without the header line:
-# `fetch-states.sh | sed -n '1d;p' | ...`
-#
-# The script is optimized to run in a GitLab pipeline 
-# and therefore uses environment variables which are
-# defined there by default.
-# 
-# It requires an additional `GITLAB_TOKEN` variable, which
-# contains a valid GitLab token with permissions to read
-# Terraform states.
-# 
-GITLAB_GRAPHQL_API_URL=${CI_SERVER_URL}/api/graphql
-if [ -z "$FETCH_OLDER_THAN" ]; then
-    FETCH_OLDER_THAN=$(date "+%Y-%m-%dT%H:%M:%SZ")
-fi
-after="null"
-has_next_page=true
-echo "state,updatedAt"
-while $has_next_page; do
-    # shellcheck disable=SC2016
-    data=$(curl --silent --show-error --fail -H "Authorization: Bearer $GITLAB_TOKEN" -H "Content-Type: application/json" \
-        "$GITLAB_GRAPHQL_API_URL" \
-        -X POST \
-        --data '[{ "operationName": "getStates", "variables": { "projectPath": "gitlab-org/terraform-images", "first": 100, "after":'"$after"', "last": null, "before": null }, "query": "query getStates($projectPath: ID!, $first: Int, $last: Int, $before: String, $after: String) { project(fullPath: $projectPath) { id terraformStates(first: $first, last: $last, before: $before, after: $after) { count nodes { name updatedAt } pageInfo { hasNextPage endCursor } } } } " } ] '
-    )
-    echo "$data" | jq --arg date "$FETCH_OLDER_THAN" -r '.[0]["data"]["project"]["terraformStates"]["nodes"][] | select(.updatedAt < $date) | "\(.name),\(.updatedAt)"'
-    has_next_page=$(echo "$data" | jq -r '.[0]["data"]["project"]["terraformStates"]["pageInfo"]["hasNextPage"] == true')
-    after='"'$(echo "$data" | jq -r '.[0]["data"]["project"]["terraformStates"]["pageInfo"]["endCursor"]')'"'
-done
--- a/scripts/remove-states.sh
+++ b/scripts/remove-states.sh
-#!/usr/bin/env sh
-#
-# Script to remove the given Terraform States.
-# The states are read from stdin in the format:
-# `<state-name>,<last-updated-at>`
-# 
-# The script is optimized to run in a GitLab pipeline 
-# and therefore uses environment variables which are
-# defined there by default.
-# 
-# It requires an additional `GITLAB_TOKEN` variable, which
-# contains a valid GitLab token with permissions to delete
-# Terraform states.
-# 
-GITLAB_BASE_TF_ADDRESS="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state"
-cat - | while read -r line; do
-    echo "Processing $(echo "$line" | tr -d '\n')"
-    TF_ADDRESS="${GITLAB_BASE_TF_ADDRESS}/$(echo "$line" | cut -d, -f1)"
-    curl --header "Private-Token: $GITLAB_TOKEN" --request DELETE "$TF_ADDRESS"
-done
--- a/tests/backend.tf
+++ b/tests/backend.tf
-terraform {
-  backend "http" {}
-}
--- a/tests/main.tf
+++ b/tests/main.tf
-module "random_pet" {
-  source  = "gitlab.com/gitlab-org/random-pet/local"
-  version = "0.0.1"
-}
-resource "local_file" "foo" {
-  content  = "foo!"
-  filename = "${path.module}/foo.bar"
-}
-variable "CI_PROJECT_NAME" {
-  type    = string
-  default = "default"
-}
-output "project_name" {
-  value = var.CI_PROJECT_NAME
-}