Skip to content


Our Terraform pipeline will react to git push by running a pipeline that executes a plan and then waits for us to manually intervene:

graph LR
    a[Commit] --> b
    b[Pipeline] --> c
    c[State] --> d
    d[Validation] --> e
    e[Plan] --> f
    e --> g
    f[Apply] ---> h
    g[Destroy] --> h
    h[AWS API]
    h --> c

As we'll see when we review the .gitlab-ci.yml file there is a check to determine if we want to destroy the infrastructure.

Both the apply and destroy stages are manual "gates", meaning they require manual, human interaction before proceeding. It's important these stages remain manual until you're very confident the changes being made and pushed are well tested and can be rolled back with ease. Without such assurances, it's best to keep these stages manual.


Let's now look at the .gitlab-ci.yml source file, which is used to configure the entire pipeline. After we've created this file we'll move on to running the pipeline for the first time.