manheim · jleopold28 · Jul 24, 2020 · Jul 16, 2020 · Jul 16, 2020 · Jul 16, 2020
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Unreleased
 
+* [Issue #88](https://github.com/manheim/terraform-pipeline/issues/88) Add an optional TerraformDestroyStage
+* [Issue #24](https://github.com/manheim/terraform-pipeline/issues/24) ConfirmApplyPlugin - allow customization
+
 # v5.8
 
 * Docs

diff --git a/README.md b/README.md
@@ -117,6 +117,7 @@ The example above gives you a bare-bones pipeline, and there may be Jenkinsfile
 * [TargetPlugin](./docs/TargetPlugin.md): set `-target` parameter for terraform plan and apply.
 * [TerraformDirectoryPlugin](./docs/TerraformDirectoryPlugin.md): Change the default directory containing your terraform code.
 * [TerraformLandscapePlugin](./docs/TerraformLandscapePlugin.md): Enable terraform-landscape plan output.
+* [DestroyPlugin](./docs/DestroyPlugin.md): Use this to change the pipeline functionality to `terraform destroy`. (Requires manual confirmation)
 
 ## Write your own Plugin
 

diff --git a/docs/DestroyPlugin.md b/docs/DestroyPlugin.md
@@ -0,0 +1,73 @@
+## [DestroyPlugin](../src/DestroyPlugin.groovy)
+
+Enable this plugin to use `terraform destroy` to destroy your environment(s).
+
+When this plugin is enabled, the pipeline will follow these steps:  
+1. Run a `terraform plan -destroy` to display which resources will get destroyed.
+2. Ask for human confirmation to proceed with the destroy.
+3. Run the `terraform destroy` command.
+
+
+```
+// Jenkinsfile
+@Library(['[email protected]']) _
+
+Jenkinsfile.init(this, env)
+
+// This enables the destroy functionality
+DestroyPlugin.init()
+
+def validate = new TerraformValidateStage()
+
+def destroyQa = new TerraformEnvironmentStage('qa')
+def destroyUat = new TerraformEnvironmentStage('uat')
+def destroyProd = new TerraformEnvironmentStage('prod')
+
+validate.then(destroyQa)
+        .then(destroyUat)
+        .then(destroyProd)
+        .build()
+```
+
+When using this plugin, your pipeline will look something like this:
+
+![DestroyPluginPipeline](../images/destroy-pipeline.png)
+
+---------
+
+## How to destroy environments after deployment
+
+If you wish to run a traditional deployment and then run `terraform destroy`, you can enable the DestroyPlugin after the deployment.
+
+
+```
+def validate = new TerraformValidateStage()
+
+def deployQa = new TerraformEnvironmentStage('qa')
+def deployUat = new TerraformEnvironmentStage('uat')
+def deployProd = new TerraformEnvironmentStage('prod')
+
+// First we deploy our environments
+validate.then(deployQa)
+        .then(deployUat)
+        .then(deployProd)
+        .build()
+
+
+// Now enable the destroy functionality
+DestroyPlugin.init()
+
+def destroyQa = new TerraformEnvironmentStage('qa')
+def destroyUat = new TerraformEnvironmentStage('uat')
+def destroyProd = new TerraformEnvironmentStage('prod')
+
+// Destroy the environments
+validate.then(destroyQa)
+        .then(destroyUat)
+        .then(destroyProd)
+        .build()
+```
+
+With this approach, the entire pipeline will look like so:
+
+![DeployAndDestroyPipeline](../images/deploy-and-destroy.png)
diff --git a/images/deploy-and-destroy.png b/images/deploy-and-destroy.png
diff --git a/images/destroy-pipeline.png b/images/destroy-pipeline.png
diff --git a/src/ConditionalApplyPlugin.groovy b/src/ConditionalApplyPlugin.groovy
@@ -1,5 +1,6 @@
 import static TerraformEnvironmentStage.CONFIRM
 import static TerraformEnvironmentStage.APPLY
+import static TerraformEnvironmentStage.DESTROY
 
 public class ConditionalApplyPlugin implements TerraformEnvironmentStagePlugin {
 
@@ -13,6 +14,7 @@ public class ConditionalApplyPlugin implements TerraformEnvironmentStagePlugin {
     public void apply(TerraformEnvironmentStage stage) {
         stage.decorateAround(CONFIRM, onlyOnExpectedBranch())
         stage.decorateAround(APPLY, onlyOnExpectedBranch())
+        stage.decorateAround(DESTROY, onlyOnExpectedBranch())
     }
 
     public Closure onlyOnExpectedBranch() {

diff --git a/src/ConfirmApplyPlugin.groovy b/src/ConfirmApplyPlugin.groovy
@@ -3,6 +3,9 @@ import static TerraformEnvironmentStage.CONFIRM
 class ConfirmApplyPlugin implements TerraformEnvironmentStagePlugin {
 
     public static enabled = true
+    public static String confirmMessage = 'Are you absolutely sure the plan above is correct, and should be IMMEDIATELY DEPLOYED via "terraform apply"?'
+    public static String okMessage = 'Run terraform apply now'
+    public static String submitter = 'approver'
 
     ConfirmApplyPlugin() {
     }
@@ -24,9 +27,9 @@ class ConfirmApplyPlugin implements TerraformEnvironmentStagePlugin {
             try {
                 timeout(time: 15, unit: 'MINUTES') {
                     input(
-                        message: 'Are you absolutely sure the plan above is correct, and should be IMMEDIATELY DEPLOYED via "terraform apply"?',
-                        ok: 'Run terraform APPLY now',
-                        submitterParameter: 'approver'
+                        message: confirmMessage,
+                        ok: okMessage,
+                        submitterParameter: submitter
                     )
                 }
             } catch (ex) {
@@ -36,6 +39,18 @@ class ConfirmApplyPlugin implements TerraformEnvironmentStagePlugin {
         }
     }
 
+    public static void withConfirmMessage(String newMessage) {
+        this.confirmMessage = newMessage
+    }
+
+    public static void withOkMessage(String newMessage) {
+        this.okMessage = newMessage
+    }
+
+    public static void withSubmitterParameter(String newParam) {
+        this.submitterParameter = newParam
+    }
+
     public static disable() {
         this.enabled = false
         return this

diff --git a/src/DefaultStrategy.groovy b/src/DefaultStrategy.groovy
@@ -0,0 +1,53 @@
+import static TerraformEnvironmentStage.ALL
+import static TerraformEnvironmentStage.PLAN
+import static TerraformEnvironmentStage.CONFIRM
+import static TerraformEnvironmentStage.APPLY
+
+class DefaultStrategy {
+
+    private TerraformInitCommand initCommand
+    private TerraformPlanCommand planCommand
+    private TerraformApplyCommand applyCommand
+    private Jenkinsfile jenkinsfile
+
+    public Closure createPipelineClosure(String environment, StageDecorations decorations) {
+        initCommand = TerraformInitCommand.instanceFor(environment)
+        planCommand = TerraformPlanCommand.instanceFor(environment)
+        applyCommand = TerraformApplyCommand.instanceFor(environment)
+
+        jenkinsfile = Jenkinsfile.instance
+
+        return { ->
+            node(jenkinsfile.getNodeName()) {
+                deleteDir()
+                checkout(scm)
+
+                decorations.apply(ALL) {
+                    stage("${PLAN}-${environment}") {
+                        decorations.apply(PLAN) {
+                            sh initCommand.toString()
+                            sh planCommand.toString()
+                        }
+                    }
+
+                    decorations.apply("Around-${CONFIRM}") {
+                        stage("${CONFIRM}-${environment}") {
+                            decorations.apply(CONFIRM) {
+                                echo "Approved"
+                            }
+                        }
+                    }
+
+                    decorations.apply("Around-${APPLY}") {
+                        stage("${APPLY}-${environment}") {
+                            decorations.apply(APPLY) {
+                                sh initCommand.toString()
+                                sh applyCommand.toString()
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+}
diff --git a/src/DestroyPlugin.groovy b/src/DestroyPlugin.groovy
@@ -0,0 +1,17 @@
+class DestroyPlugin implements TerraformEnvironmentStagePlugin {
+
+    public static void init() {
+        DestroyPlugin plugin = new DestroyPlugin()
+
+        ConfirmApplyPlugin.withConfirmMessage('WARNING! Are you absolutely sure the plan above is correct? Your environment will be IMMEDIATELY DESTROYED via "terraform destroy"')
+        ConfirmApplyPlugin.withOkMessage("Run terraform DESTROY now")
+
+        TerraformEnvironmentStage.addPlugin(plugin)
+    }
+
+    @Override
+    public void apply(TerraformEnvironmentStage stage) {
+        stage.withStrategy(new DestroyStrategy())
+    }
+
+}
diff --git a/src/DestroyStrategy.groovy b/src/DestroyStrategy.groovy
@@ -0,0 +1,53 @@
+import static TerraformEnvironmentStage.ALL
+import static TerraformEnvironmentStage.PLAN
+import static TerraformEnvironmentStage.CONFIRM
+import static TerraformEnvironmentStage.DESTROY
+
+class DestroyStrategy {
+
+    private TerraformInitCommand initCommand
+    private TerraformPlanCommand planCommand
+    private TerraformApplyCommand destroyCommand
+    private Jenkinsfile jenkinsfile
+
+    public Closure createPipelineClosure(String environment, StageDecorations decorations) {
+        initCommand = TerraformInitCommand.instanceFor(environment)
+        planCommand = TerraformPlanCommand.instanceFor(environment)
+        planCommand = planCommand.withArgument("-destroy")
+        destroyCommand = TerraformApplyCommand.instanceFor(environment)
+        destroyCommand = destroyCommand.withCommand("destroy")
+        jenkinsfile = Jenkinsfile.instance
+
+        return { ->
+            node(jenkinsfile.getNodeName()) {
+                deleteDir()
+                checkout(scm)
+
+                decorations.apply(ALL) {
+                    stage("${PLAN}-${DESTROY}-${environment}") {
+                        decorations.apply(PLAN) {
+                            sh initCommand.toString()
+                            sh planCommand.toString()
+                        }
+                    }
+
+                    decorations.apply("Around-${CONFIRM}") {
+                        stage("${CONFIRM}-${DESTROY}-${environment}") {
+                            decorations.apply(CONFIRM) {
+                                echo "Approved"
+                            }
+                        }
+                    }
+
+                    decorations.apply("Around-${DESTROY}") {
+                        stage("${DESTROY}-${environment}") {
+                            decorations.apply(DESTROY) {
+                                sh destroyCommand.toString()
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+}
diff --git a/src/TerraformApplyCommand.groovy b/src/TerraformApplyCommand.groovy
@@ -14,6 +14,11 @@ class TerraformApplyCommand {
         this.environment = environment
     }
 
+    public TerraformApplyCommand withCommand(String newCommand) {
+        this.command = newCommand
+        return this
+    }
+
     public TerraformApplyCommand withInput(boolean input) {
         this.input = input
         return this

diff --git a/src/TerraformEnvironmentStage.groovy b/src/TerraformEnvironmentStage.groovy
@@ -2,10 +2,8 @@ class TerraformEnvironmentStage implements Stage {
     private Jenkinsfile jenkinsfile
     private String environment
     private StageDecorations decorations
-    private TerraformInitCommand initCommand
-    private TerraformPlanCommand planCommand
-    private TerraformApplyCommand applyCommand
     private localPlugins
+    private static strategy = new DefaultStrategy()
 
     private static final DEFAULT_PLUGINS = [ new ConditionalApplyPlugin(), new ConfirmApplyPlugin(), new DefaultEnvironmentPlugin() ]
     private static globalPlugins = DEFAULT_PLUGINS.clone()
@@ -14,6 +12,7 @@ class TerraformEnvironmentStage implements Stage {
     public static final String PLAN = 'plan'
     public static final String CONFIRM = 'confirm'
     public static final String APPLY = 'apply'
+    public static final String DESTROY = 'destroy'
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
     def parameterStorePath = pathForEnvironment(environment) 
     stage.decorate(PLAN, addEnvVariables(parameterStorePath)) 
     stage.decorate(APPLY, addEnvVariables(parameterStorePath)) 
 } 
 public void apply(TerraformEnvironmentStage stage) { 
     stage.decorate(PLAN, addColor()) 
     stage.decorate(APPLY, addColor()) 
 } 
 @Override 
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
     def parameterStorePath = pathForEnvironment(environment) 
     def options = [ 
         path: parameterStorePath, 
         credentialsId: "${environment.toUpperCase()}_PARAMETER_STORE_ACCESS" 
     ] 
     stage.decorate(PLAN, addParameterStoreBuildWrapper(options)) 
     stage.decorate(APPLY, addParameterStoreBuildWrapper(options)) 
 } 
 @Override 
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
     stage.decorate(TerraformEnvironmentStage.APPLY, addCrq(environment)) 
 } 
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
     def parameterStorePath = pathForEnvironment(environment) 
  
     stage.decorate(PLAN, addEnvVariables(parameterStorePath)) 
     stage.decorate(APPLY, addEnvVariables(parameterStorePath)) 
 } 
 public void apply(TerraformEnvironmentStage stage) { 
     stage.decorate(PLAN, addColor()) 
     stage.decorate(APPLY, addColor()) 
 } 
 @Override 
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
     def parameterStorePath = pathForEnvironment(environment) 
  
     def options = [ 
         path: parameterStorePath, 
         credentialsId: "${environment.toUpperCase()}_PARAMETER_STORE_ACCESS" 
     ] 
  
     stage.decorate(PLAN, addParameterStoreBuildWrapper(options)) 
     stage.decorate(APPLY, addParameterStoreBuildWrapper(options)) 
 } 
 @Override 
 public void apply(TerraformEnvironmentStage stage) { 
     def environment = stage.getEnvironment() 
  
     stage.decorate(TerraformEnvironmentStage.APPLY, addCrq(environment)) 
 } 
 
     TerraformEnvironmentStage(String environment) {
         this.environment = environment
@@ -46,46 +45,13 @@ class TerraformEnvironmentStage implements Stage {
         Jenkinsfile.build(pipelineConfiguration())
     }
 
-    private Closure pipelineConfiguration() {
-        initCommand = TerraformInitCommand.instanceFor(environment)
-        planCommand = TerraformPlanCommand.instanceFor(environment)
-        applyCommand = TerraformApplyCommand.instanceFor(environment)
+    public void withStrategy(newStrategy) {
+        this.strategy = newStrategy
+    }
 
+    private Closure pipelineConfiguration() {
         applyPlugins()
-
-        def String environment = this.environment
-        return { ->
-            node(jenkinsfile.getNodeName()) {
-                deleteDir()
-                checkout(scm)
-
-                decorations.apply(ALL) {
-                    stage("${PLAN}-${environment}") {
-                        decorations.apply(PLAN) {
-                            sh initCommand.toString()
-                            sh planCommand.toString()
-                        }
-                    }
-
-                    decorations.apply("Around-${CONFIRM}") {
-                        stage("${CONFIRM}-${environment}") {
-                            decorations.apply(CONFIRM) {
-                                echo "Approved"
-                            }
-                        }
-                    }
-
-                    decorations.apply("Around-${APPLY}") {
-                        stage("${APPLY}-${environment}") {
-                            decorations.apply(APPLY) {
-                                sh initCommand.toString()
-                                sh applyCommand.toString()
-                            }
-                        }
-                    }
-                }
-            }
-        }
+        return strategy.createPipelineClosure(environment, decorations)
     }
 
     public void decorate(Closure decoration) {