TERRAFORM - Utworzenie repozytorium w gitlab¶
Jak utworzyć repozytorium pl.rachuna-net/containers/python przy użyciu Terraform na potrzeby projektu cicd?
Czemu chcesz tworzyć grupę za pomocą terraform?
Zarządzanie infrastrukturą jako kodem (IaC) pozwala na automatyzację i standaryzację, wersjonowanie i powtarzalność konfiguracji, co ułatwia utrzymanie i rozwój projektów.
Definiowanie grupy w Terraform¶
- Tworzymy plik definiujący grupę w repozytorium:
- 🔗 Lokalizacja: GitLab: pl.rachuna-net/containers/python
📄 Plik: pl.rachuna-net/containers/python
module "python" {
source = "git@gitlab.com:pl.rachuna-net/infrastructure/terraform/modules/gitlab-project.git?ref=main"
name = "python"
description = "Python for Docker containers"
visibility = "public"
tags = ["docker", "python"]
icon_type = "python"
parent_group = local.parent_name
project_type = local.project_type
# sonarqube
# sonarqube_cloud_project_id = 67040782
# is_enabled_sonarqube = true
}
Tip
Id projektu w SonarQube ustalamy po utworzenie projektu w nim
Zrobiona przez nas zmiana commit
Weryfikacja Terraform Plan¶
Po zapisaniu konfiguracji uruchamiamy terraform plan, aby sprawdzić, jakie zmiany zostaną wprowadzone:
(...)
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.pl_rachuna-net.module.containers.module.python.gitlab_branch_protection.protected_branches["main"] will be created
+ resource "gitlab_branch_protection" "protected_branches" {
+ allow_force_push = false
+ branch = "main"
+ branch_protection_id = (known after apply)
+ code_owner_approval_required = false
+ id = (known after apply)
+ merge_access_level = "maintainer"
+ project = (known after apply)
+ push_access_level = "no one"
+ unprotect_access_level = "maintainer"
}
# module.pl_rachuna-net.module.containers.module.python.gitlab_project.project will be created
+ resource "gitlab_project" "project" {
+ allow_merge_on_skipped_pipeline = (known after apply)
+ allow_pipeline_trigger_approve_deployment = (known after apply)
+ analytics_access_level = (known after apply)
+ auto_cancel_pending_pipelines = (known after apply)
+ auto_devops_deploy_strategy = (known after apply)
+ auto_devops_enabled = (known after apply)
+ autoclose_referenced_issues = true
+ avatar = ".terraform/modules/pl_rachuna-net.containers.python/images/python.png"
+ avatar_hash = "9fbf29ea7217984950ccd69b96a8af0039404b4d0a1a515a9013beabab857f8f"
+ avatar_url = (known after apply)
+ build_git_strategy = "clone"
+ build_timeout = (known after apply)
+ builds_access_level = (known after apply)
+ ci_config_path = ".gitlab-ci.yml@pl.rachuna-net/cicd/gitlab-ci"
+ ci_default_git_depth = (known after apply)
+ ci_forward_deployment_enabled = (known after apply)
+ ci_pipeline_variables_minimum_override_role = (known after apply)
+ ci_restrict_pipeline_cancellation_role = (known after apply)
+ ci_separated_caches = (known after apply)
+ container_registry_access_level = (known after apply)
+ container_registry_enabled = (known after apply)
+ default_branch = (known after apply)
+ description = "Python for Docker containers"
+ emails_enabled = (known after apply)
+ empty_repo = (known after apply)
+ environments_access_level = (known after apply)
+ feature_flags_access_level = (known after apply)
+ forking_access_level = (known after apply)
+ group_runners_enabled = (known after apply)
+ http_url_to_repo = (known after apply)
+ id = (known after apply)
+ infrastructure_access_level = (known after apply)
+ initialize_with_readme = true
+ issues_access_level = (known after apply)
+ issues_enabled = (known after apply)
+ keep_latest_artifact = (known after apply)
+ lfs_enabled = (known after apply)
+ merge_method = (known after apply)
+ merge_pipelines_enabled = (known after apply)
+ merge_requests_access_level = (known after apply)
+ merge_requests_enabled = (known after apply)
+ merge_trains_enabled = (known after apply)
+ mirror_overwrites_diverged_branches = (known after apply)
+ mirror_trigger_builds = (known after apply)
+ model_experiments_access_level = (known after apply)
+ model_registry_access_level = (known after apply)
+ monitor_access_level = (known after apply)
+ name = "python"
+ namespace_id = 103954714
+ only_allow_merge_if_all_discussions_are_resolved = (known after apply)
+ only_allow_merge_if_pipeline_succeeds = (known after apply)
+ only_mirror_protected_branches = (known after apply)
+ packages_enabled = (known after apply)
+ pages_access_level = (known after apply)
+ path_with_namespace = (known after apply)
+ pipelines_enabled = (known after apply)
+ pre_receive_secret_detection_enabled = (known after apply)
+ prevent_merge_without_jira_issue = (known after apply)
+ printing_merge_request_link_enabled = (known after apply)
+ public_builds = (known after apply)
+ public_jobs = (known after apply)
+ releases_access_level = (known after apply)
+ remove_source_branch_after_merge = (known after apply)
+ repository_access_level = (known after apply)
+ repository_storage = (known after apply)
+ request_access_enabled = (known after apply)
+ requirements_access_level = (known after apply)
+ restrict_user_defined_variables = (known after apply)
+ runners_token = (sensitive value)
+ security_and_compliance_access_level = (known after apply)
+ shared_runners_enabled = (known after apply)
+ snippets_access_level = (known after apply)
+ snippets_enabled = (known after apply)
+ squash_option = (known after apply)
+ ssh_url_to_repo = (known after apply)
+ tags = [
+ "docker",
+ "python",
]
+ topics = (known after apply)
+ visibility_level = "public"
+ web_url = (known after apply)
+ wiki_access_level = (known after apply)
+ wiki_enabled = (known after apply)
+ container_expiration_policy (known after apply)
+ push_rules (known after apply)
}
# module.pl_rachuna-net.module.containers.module.python.gitlab_project_variable.ci_variable_is_enabled_sonarqube will be created
+ resource "gitlab_project_variable" "ci_variable_is_enabled_sonarqube" {
+ description = "SonarQube Cloud Project ID"
+ environment_scope = "*"
+ id = (known after apply)
+ key = "IS_ENABLED_SONARQUBE"
+ masked = false
+ project = (known after apply)
+ protected = false
+ raw = (known after apply)
+ value = "false"
+ variable_type = (known after apply)
}
# module.pl_rachuna-net.module.containers.module.python.gitlab_project_variable.ci_variable_project_type will be created
+ resource "gitlab_project_variable" "ci_variable_project_type" {
+ description = "Project Type"
+ environment_scope = "*"
+ id = (known after apply)
+ key = "PROJECT_TYPE"
+ masked = false
+ project = (known after apply)
+ protected = false
+ raw = (known after apply)
+ value = "container"
+ variable_type = (known after apply)
}
# module.pl_rachuna-net.module.containers.module.python.gitlab_tag_protection.protected_tags["v*"] will be created
+ resource "gitlab_tag_protection" "protected_tags" {
+ create_access_level = "maintainer"
+ id = (known after apply)
+ project = (known after apply)
+ tag = "v*"
}
Plan: 5 to add, 0 to change, 0 to destroy.
Z logu wynika, że Terraform utworzy nowy project pl.rachuna-net/containers/python. Należy zatwierdzić zmianę i wdrożyć ją do main poprzez Merge Request (MR).
🚀 Gotowe! Repozytorium zostało utworzone przy użyciu Terraform. 🎉
