Skip to content

feat(ci): add automatic terraform tagging on charm release#438

Open
lucabello wants to merge 7 commits intomainfrom
feat/tf-tagging
Open

feat(ci): add automatic terraform tagging on charm release#438
lucabello wants to merge 7 commits intomainfrom
feat/tf-tagging

Conversation

@lucabello
Copy link
Copy Markdown
Contributor

@lucabello lucabello commented Apr 21, 2026
edited
Loading

Summary

Add automatic Terraform module tagging to the charm release pipeline. When a push to a track/* branch includes changes under the terraform/ directory, a new annotated git tag is created and pushed.

The tag for a Terraform module on track/major.minor is built as:

{prefix}{major}.{minor}.{computed_patch}{suffix}

where {computed_patch} is the number of commits that touched the terraform/ directory since the track/ branch diverged from main.

Changes

New workflow: terraform-release.yaml

A public reusable workflow that can be called from charm-release.yaml or directly by repositories that have a Terraform module but no charm. It:

  1. Detects whether the latest commit includes changes to terraform/ (relative to root-path).
  2. If changes are found, computes a semver tag: <prefix><track_version>.<patch><suffix>, where the patch number is the count of commits touching terraform/ since diverging from main.
  3. Creates and pushes an annotated git tag using the Noctua bot identity.

Inputs:

  • root-path (default ".") — path to the root directory containing the terraform/ folder.
  • terraform-tag-prefix (default "tf-") — prefix for the generated tag.
  • terraform-tag-suffix (default "") — suffix for the generated tag.

Updated workflow: charm-release.yaml

  • Exposes terraform-tag-prefix and terraform-tag-suffix inputs.
  • Adds a release-terraform job that runs after release-charm, only on track/* branches, passing through the root path and tag options.

@lucabello lucabello requested a review from a team as a code owner April 21, 2026 08:52
@lucabello lucabello requested a review from MichaelThamm April 21, 2026 08:57
lucabello and others added 6 commits April 23, 2026 13:27
@lucabello
refactor(ci): make terraform release workflow public
65165ef 
Rename _charm-terraform-release.yaml to terraform-release.yaml so it
can be called directly by repositories that have a Terraform module
but no charm module.

Rename the 'charm-path' input to 'root-path' to reflect that the
caller is not necessarily a charm repository.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lucabello
Merge branch 'main' into feat/tf-tagging
849c7b4
@lucabello
Merge branch 'feat/tf-tagging' of github.com:canonical/observability …
3753956 
…into feat/tf-tagging
@lucabello
refactor(ci): rename root-path input to terraform-path
d6fafcf 
The terraform-release workflow now accepts a direct path to the
terraform directory (defaulting to 'terraform') via the terraform-path
input, instead of a root directory that implicitly contains terraform/.

The charm-release caller passes '<charm-path>/terraform' accordingly.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lucabello
feat(ci): restrict terraform tagging to track/<major>.<minor> branches
2db59fb 
Add a branch-format validation step in terraform-release.yaml that
checks github.ref_name against ^track/[0-9]+\.[0-9]+$ before proceeding.
This ensures branches like track/2 or track/main don't trigger tagging,
while track/2.0 and track/1.3 are accepted.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lucabello
Merge branch 'main' into feat/tf-tagging
a867c38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MichaelThamm MichaelThamm MichaelThamm approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lucabello @MichaelThamm