feat(terraform_module): support plan and destroy workflows

Abel Luckrequested to merge
abelxluck/ansible-terraform:feat/terraform-planning-and-destroy into dev

This is a comprehensive overhaul of this role to support many more terraform workflows. This MR preserves backwards compatibility.

The primary feature of this MR is to support plan and destroy workflows in interactive and non-interactive situations.

You can now:

  • Generate just a plan file, without executing it
  • Bring in an external plan file (maybe generated with this role in a previous task) to apply
  • Generate apply plans and destroy plans
  • Execute destroys and applys non-interactively (like auto-approve)
  • Optionally, auto force-unlock a dynamodb state backend
  • You can run the role with ansible check-mode and it will show you the plan

Impl notes:

This MR introduces terraform_module_state which can be one of:

  • plan-apply - Generates an apply plan file, does not execute it. The plan file is available to other tasks via terraform_module_plan_file
  • plan-destroy- Like play-apply, but generates a destroy plan.
  • apply- Executes an apply
  • destroy- Executes a destroy

You can use terraform_module_interactive (bool, default true) to toggle the interactivity of any apply or destroy action.

You can specify terraform_module_plan_file_input (str path) to use a previously generated plan file.

Merge request reports