Skip to content

Commit

Permalink
feat: init project
Browse files Browse the repository at this point in the history
  • Loading branch information
KoLiBer committed Nov 2, 2022
0 parents commit b70c46f
Show file tree
Hide file tree
Showing 12 changed files with 381 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/.releaserc.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
tagFormat: "${version}"
branches:
- "+([0-9])?(.{+([0-9]),x}).x"
- "main"
plugins:
- "@semantic-release/commit-analyzer"
- "@semantic-release/release-notes-generator"
- "@semantic-release/changelog"
- "@semantic-release/github"
- - "@semantic-release/git"
- assets:
- CHANGELOG.md
49 changes: 49 additions & 0 deletions .github/workflows/cicd.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: CI/CD

on:
pull_request: { branches: ["*"] }
push:
branches:
- "+([0-9])?(.{+([0-9]),x}).x"
- main

jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v1
with:
terraform_version: "1.1.4"
- uses: actions/cache@v2
with:
path: .terraform/
key: ${{ hashFiles('.terraform.lock.hcl') }}

- run: terraform init
- run: terraform fmt -check
- run: terraform validate -no-color

test:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- run: echo Test

release:
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 17

- run: cp .github/.releaserc.yml .
- run: npm i -g semantic-release @semantic-release/changelog @semantic-release/git
- run: semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37 changes: 37 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Local .terraform directories
**/.terraform/*

# .tfstate files
*.tfstate
*.tfstate.*

# Crash log files
crash.log

# Exclude all .tfvars files, which are likely to contain sentitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#
*.tfvars

# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json

# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf

# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*

# Ignore CLI configuration files
.terraformrc
terraform.rc

# dotenv environment variables file
.env
26 changes: 26 additions & 0 deletions .terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 21 additions & 0 deletions LICENSE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
The MIT License (MIT)

Copyright (c) 2022-present, KoLiBer

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
49 changes: 49 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# Terraform Gitlab Organization

![pipeline](https://github.com/cktf/terraform-gitlab-organization/actions/workflows/cicd.yml/badge.svg)
![release](https://img.shields.io/github/v/release/cktf/terraform-gitlab-organization?display_name=tag)
![license](https://img.shields.io/github/license/cktf/terraform-gitlab-organization)

**Organization** is a Terraform module useful for creating multiple subgroups and projects in **Gitlab**

## Installation

Add the required configurations to your terraform config file and install module using command bellow:

```bash
terraform init
```

## Usage

```hcl
module "organization" {
source = "cktf/organization/gitlab"
group_id = "<PARENT_GROUP_ID>"
path = "myapp"
name = "My Organization"
description = "My Organization Group"
projects = {
react = {
name = "React"
description = "React Project"
}
nodejs = {
name = "NodeJS"
description = "NodeJS Project"
}
}
}
```

## Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

## License

This project is licensed under the [MIT](LICENSE.md).
Copyright (c) KoLiBer (koliberr136a1@gmail.com)
13 changes: 13 additions & 0 deletions group.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
resource "gitlab_group" "this" {
parent_id = var.group_id
path = var.path
name = var.name
description = var.description
visibility_level = "private"
}

resource "gitlab_deploy_token" "this" {
group = gitlab_group.this.id
name = "Registry Token"
scopes = ["read_registry"]
}
9 changes: 9 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
terraform {
required_version = ">= 0.14.0"
required_providers {
gitlab = {
source = "gitlabhq/gitlab"
version = "~> 3.16.1"
}
}
}
23 changes: 23 additions & 0 deletions outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
output "projects" {
value = { for key, value in var.projects : key => gitlab_project.this[key].id }
sensitive = false
description = "Gitlab Organization Projects"
}

output "registry_endpoint" {
value = "registry.gitlab.com"
sensitive = false
description = "Gitlab Organization Registry Endpoint"
}

output "registry_username" {
value = gitlab_deploy_token.this.username
sensitive = true
description = "Gitlab Organization Registry Username"
}

output "registry_password" {
value = gitlab_deploy_token.this.token
sensitive = true
description = "Gitlab Organization Registry Password"
}
39 changes: 39 additions & 0 deletions projects.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
resource "gitlab_project" "this" {
for_each = var.projects

namespace_id = gitlab_group.this.id
path = each.key
name = each.value.name
description = each.value.description

visibility_level = "private"
squash_option = "always"
merge_method = "ff"
ci_config_path = ".gitlab/.gitlab-ci.yml"

initialize_with_readme = false
shared_runners_enabled = true
merge_requests_enabled = true
remove_source_branch_after_merge = true
only_allow_merge_if_pipeline_succeeds = true
only_allow_merge_if_all_discussions_are_resolved = true
}

resource "gitlab_project_access_token" "this" {
for_each = var.projects

project = gitlab_project.this[each.key].id
name = "Release Bot"
scopes = ["api"]
}

resource "gitlab_project_variable" "this" {
for_each = var.projects

project = gitlab_project.this[each.key].id
environment_scope = "*"
key = "GITLAB_TOKEN"
value = gitlab_project_access_token.this[each.key].token
masked = true
protected = true
}
66 changes: 66 additions & 0 deletions protections.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
resource "gitlab_branch_protection" "maintenance" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "*.*.*"
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_branch_protection" "master" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "master"
allow_force_push = true
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_branch_protection" "main" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "main"
allow_force_push = true
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_branch_protection" "next" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "next"
allow_force_push = true
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_branch_protection" "beta" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "beta"
allow_force_push = true
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_branch_protection" "alpha" {
for_each = var.projects

project = gitlab_project.this[each.key].id
branch = "alpha"
allow_force_push = true
push_access_level = "maintainer"
merge_access_level = "maintainer"
}

resource "gitlab_tag_protection" "this" {
for_each = var.projects

project = gitlab_project.this[each.key].id
tag = "*"
create_access_level = "maintainer"
}
37 changes: 37 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
variable "group_id" {
type = number
default = 0
sensitive = false
description = "Gitlab Group ID"
}

variable "path" {
type = string
default = ""
sensitive = false
description = "Gitlab Organization Path"
}

variable "name" {
type = string
default = ""
sensitive = false
description = "Gitlab Organization Name"
}

variable "description" {
type = string
default = ""
sensitive = false
description = "Gitlab Organization Description"
}

variable "projects" {
type = map(object({
name = string
description = string
}))
default = {}
sensitive = false
description = "Gitlab Organization Projects"
}

0 comments on commit b70c46f

Please sign in to comment.