Tworzenie repozytorium w GitLab za pomocą Terraform¶
Wprowadzenie¶
Niniejsza sekcja dokumentacji opisuje proces tworzenia grupy repozytoriów w GitLab przy użyciu Terraform. Prezentowane podejście umożliwia automatyczne zarządzanie strukturą repozytoriów, co wspiera podejście Infrastructure as Code (IaC).
Korzyści wynikające z użycia Terraform
Terraform pozwala na:
- Automatyzację tworzenia i zarządzania grupami repozytoriów,
- Wersjonowanie konfiguracji, co ułatwia kontrolę zmian,
- Powtarzalność konfiguracji, eliminując błędy manualne.
Definiowanie grupy w Terraform¶
Aby utworzyć grupę repozytoriów w GitLab, należy dodać odpowiednią definicję do pliku konfiguracyjnego Terraform.
Repozytorium GitLab zawierające definicję:
🔗 GitLab: pl.rachuna-net/infrastructure/terraform/gitlab
Przykładowy plik konfiguracyjny Terraform¶
📄 Ścieżka pliku: pl.rachuna-net/infrastructure/grp_packer.tf
module "packer" {
source = "git@gitlab.com:pl.rachuna-net/infrastructure/terraform/modules/gitlab-project.git?ref=v1.1.1"
name = "packer"
description = "packer for Docker containers"
visibility = "public"
tags = ["docker", "packer"]
icon_type = "packer"
parent_group = local.parent_name
project_type = local.project_type
sonarqube_cloud_project_id = 67151674
is_enabled_sonarqube = true
}
Weryfikacja planu Terraform¶
Po zapisaniu konfiguracji należy uruchomić polecenie terraform plan, które zwróci listę planowanych zmian:
l(...)
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.pl_rachuna-net.module.containers.module.packer.gitlab_branch_protection.protected_branches["main"] will be created
+ resource "gitlab_branch_protection" "protected_branches" {
+ allow_force_push = false
+ branch = "main"
+ branch_protection_id = (known after apply)
+ code_owner_approval_required = false
+ id = (known after apply)
+ merge_access_level = "maintainer"
+ project = (known after apply)
+ push_access_level = "no one"
+ unprotect_access_level = "maintainer"
}
# module.pl_rachuna-net.module.containers.module.packer.gitlab_project.project will be created
+ resource "gitlab_project" "project" {
+ allow_merge_on_skipped_pipeline = (known after apply)
+ allow_pipeline_trigger_approve_deployment = (known after apply)
+ analytics_access_level = (known after apply)
+ auto_cancel_pending_pipelines = (known after apply)
+ auto_devops_deploy_strategy = (known after apply)
+ auto_devops_enabled = (known after apply)
+ autoclose_referenced_issues = true
+ avatar = ".terraform/modules/pl_rachuna-net.containers.packer/images/packer.png"
+ avatar_hash = "7b6d29da98428d8917da19d0033ad7281cc956ade0b05867726f3df6dc8bcab7"
+ avatar_url = (known after apply)
+ build_git_strategy = "clone"
+ build_timeout = (known after apply)
+ builds_access_level = (known after apply)
+ ci_config_path = ".gitlab-ci.yml@pl.rachuna-net/cicd/gitlab-ci"
+ ci_default_git_depth = (known after apply)
+ ci_forward_deployment_enabled = (known after apply)
+ ci_pipeline_variables_minimum_override_role = (known after apply)
+ ci_restrict_pipeline_cancellation_role = (known after apply)
+ ci_separated_caches = (known after apply)
+ container_registry_access_level = (known after apply)
+ container_registry_enabled = (known after apply)
+ default_branch = (known after apply)
+ description = "packer for Docker containers"
+ emails_enabled = (known after apply)
+ empty_repo = (known after apply)
+ environments_access_level = (known after apply)
+ feature_flags_access_level = (known after apply)
+ forking_access_level = (known after apply)
+ group_runners_enabled = (known after apply)
+ http_url_to_repo = (known after apply)
+ id = (known after apply)
+ infrastructure_access_level = (known after apply)
+ initialize_with_readme = true
+ issues_access_level = (known after apply)
+ issues_enabled = (known after apply)
+ keep_latest_artifact = (known after apply)
+ lfs_enabled = (known after apply)
+ merge_method = (known after apply)
+ merge_pipelines_enabled = (known after apply)
+ merge_requests_access_level = (known after apply)
+ merge_requests_enabled = (known after apply)
+ merge_trains_enabled = (known after apply)
+ mirror_overwrites_diverged_branches = (known after apply)
+ mirror_trigger_builds = (known after apply)
+ model_experiments_access_level = (known after apply)
+ model_registry_access_level = (known after apply)
+ monitor_access_level = (known after apply)
+ name = "packer"
+ namespace_id = 102205056
+ only_allow_merge_if_all_discussions_are_resolved = (known after apply)
+ only_allow_merge_if_pipeline_succeeds = (known after apply)
+ only_mirror_protected_branches = (known after apply)
+ packages_enabled = (known after apply)
+ pages_access_level = (known after apply)
+ path_with_namespace = (known after apply)
+ pipelines_enabled = (known after apply)
+ pre_receive_secret_detection_enabled = (known after apply)
+ prevent_merge_without_jira_issue = (known after apply)
+ printing_merge_request_link_enabled = (known after apply)
+ public_builds = (known after apply)
+ public_jobs = (known after apply)
+ releases_access_level = (known after apply)
+ remove_source_branch_after_merge = (known after apply)
+ repository_access_level = (known after apply)
+ repository_storage = (known after apply)
+ request_access_enabled = (known after apply)
+ requirements_access_level = (known after apply)
+ restrict_user_defined_variables = (known after apply)
+ runners_token = (sensitive value)
+ security_and_compliance_access_level = (known after apply)
+ shared_runners_enabled = (known after apply)
+ snippets_access_level = (known after apply)
+ snippets_enabled = (known after apply)
+ squash_option = (known after apply)
+ ssh_url_to_repo = (known after apply)
+ tags = [
+ "docker",
+ "packer",
]
+ topics = (known after apply)
+ visibility_level = "public"
+ web_url = (known after apply)
+ wiki_access_level = (known after apply)
+ wiki_enabled = (known after apply)
+ container_expiration_policy (known after apply)
+ push_rules (known after apply)
}
# module.pl_rachuna-net.module.containers.module.packer.gitlab_project_variable.ci_variable_project_type will be created
+ resource "gitlab_project_variable" "ci_variable_project_type" {
+ description = "Project Type"
+ environment_scope = "*"
+ id = (known after apply)
+ key = "PROJECT_TYPE"
+ masked = false
+ project = (known after apply)
+ protected = false
+ raw = false
+ value = "container"
+ variable_type = "env_var"
}
# module.pl_rachuna-net.module.containers.module.packer.gitlab_tag_protection.protected_tags["v*"] will be created
+ resource "gitlab_tag_protection" "protected_tags" {
+ create_access_level = "maintainer"
+ id = (known after apply)
+ project = (known after apply)
+ tag = "v*"
}
Plan: 4 to add, 0 to change, 0 to destroy.
Wdrożenie zmian¶
Jeśli planowane zmiany są zgodne z oczekiwaniami, należy wdrożyć je do main poprzez Merge Request (MR), co spowoduje utworzenie grupy repozytoriów w GitLab.
Podsumowanie¶
Wdrożenie grupy repozytoriów w GitLab za pomocą Terraform zapewnia automatyzację, powtarzalność i centralizację zarządzania. Po poprawnym wykonaniu opisanych kroków, nowa grupa repozytoriów będzie gotowa do użytku.
🚀 Gotowe! Grupa repozytoriów została pomyślnie utworzona przy użyciu Terraform. 🎉
