diff --git a/docs/assets/screenshots/Stack_settings_importing_state_file.png b/docs/assets/screenshots/Stack_settings_importing_state_file.png new file mode 100644 index 000000000..2b2b053b2 Binary files /dev/null and b/docs/assets/screenshots/Stack_settings_importing_state_file.png differ diff --git a/docs/concepts/policy/approval-policy.md b/docs/concepts/policy/approval-policy.md index c12fd068a..efd85a2d2 100644 --- a/docs/concepts/policy/approval-policy.md +++ b/docs/concepts/policy/approval-policy.md @@ -2,7 +2,7 @@ The approval policy allows organizations to create sophisticated run review and approval flows that reflect their preferred workflow, security goals, and business objectives. Without an explicit approval policy, anyone with write access to a stack can create a [run](../run/README.md) (or a [task](../run/task.md)). An approval policy can make this way more granular and contextual. -Runs can be reviewed when they enter one of the two states - [queued](../run/README.md#queued) or [unconfirmed](../run/tracked.md#unconfirmed). When a [queued](../run/README.md#queued) run needs approval, it will not be scheduled before that approval is received, and if it is of a blocking type, it will block newer runs from scheduling, too. A [queued](../run/README.md#queued) run that's pending approval can be [canceled](../run/README.md#canceled) at any point. +Runs can be reviewed when they enter one of the three states - [queued](../run/README.md#queued), [unconfirmed](../run/tracked.md#unconfirmed), or [pending review](../run/proposed.md#unconfirmed). When a [queued](../run/README.md#queued) run needs approval, it will not be scheduled before that approval is received, and if it is of a blocking type, it will block newer runs from scheduling, too. A [queued](../run/README.md#queued) run that's pending approval can be [canceled](../run/README.md#canceled) at any point. Here's an example of a queued run waiting for a human review - note how the last approval policy evaluation returned an _Undecided_ decision. There's also a Review button next to the Cancel button: diff --git a/docs/concepts/run/proposed.md b/docs/concepts/run/proposed.md index 8e9a73dbd..ea48fea23 100644 --- a/docs/concepts/run/proposed.md +++ b/docs/concepts/run/proposed.md @@ -22,6 +22,12 @@ If any [plan policies](../policy/terraform-plan-policy.md) are attached to the c You can read more about plan policies [here](../policy/terraform-plan-policy.md). +## Pending Review + +If any [plan policy](../policy/terraform-plan-policy.md) results in a warning and there are [approval policies](../policy/approval-policy.md) attached, the run will enter a pending review state after planning, in which approval policies will be evaluated. The run will only finish once all approval policies approve. + +This is useful to e.g. block pull requests related to a proposed run when the changes made by the run should be reviewed by another team, like security. + ## Delta If the planning phase is successful (which includes policy evaluation), Spacelift analyses the diff and counts the resources and outputs that would be added, changed and deleted if the changes were to be applied. Here's one example of one such delta being reported: diff --git a/docs/integrations/source-control/github.md b/docs/integrations/source-control/github.md index ffdd548ae..8f5116954 100644 --- a/docs/integrations/source-control/github.md +++ b/docs/integrations/source-control/github.md @@ -325,6 +325,13 @@ If a GitHub repository is renamed, we update its name in all the [stacks](../../ You can use the [Setup Spacectl](https://github.com/marketplace/actions/setup-spacectl){: rel="nofollow"} GitHub Action to install our [spacectl](https://github.com/spacelift-io/spacectl){: rel="nofollow"} CLI tool to easily interact with Spacelift. +## Git checkout support + +By default Spacelift uses the GitHub API to download a tarball containing the source code for your stack or module. We are introducing experimental support for downloading the code using a standard Git checkout. If you would like to enable this for your stacks/modules, there are currently two options available: + +1. Add a label called `feature:enable_git_checkout` to each stack or module that you want to use Git checkout on. This allows you to test the new support without switching over all your stacks at once. +2. Contact our support team and ask us to enable the feature for all stacks/modules in your account. + ## Unlinking GitHub and Spacelift === "Uninstalling the Marketplace application" diff --git a/docs/vendors/terraform/state-management.md b/docs/vendors/terraform/state-management.md index 1b110fb92..08698e1ab 100644 --- a/docs/vendors/terraform/state-management.md +++ b/docs/vendors/terraform/state-management.md @@ -51,6 +51,28 @@ To do this, use the following steps: ![](<../../assets/screenshots/Screen Shot 2022-02-15 at 1.31.29 PM.png>) +## Importing existing state file into your Terraform Stacks + +When creating a stack, you can optionally import an existing Terraform state file so that Spacelift can manage it going forward. + +![](../../assets/screenshots/Stack_settings_importing_state_file.png) + +You can also import an existing Terraform state file when using Spacelift Terraform provider. + +```terraform title="stack.tf" +resource "spacelift_stack" "example-stack" { + name = "Example Stack in Spacelift" + + # Source code. + repository = "" + branch = "main" + + # State file information + import_state = "" + import_state_file = "" +} +``` + ## Exporting Spacelift-managed Terraform state file !!! info