-
Notifications
You must be signed in to change notification settings - Fork 178
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* add docs about gitlab support * add the pat token
- Loading branch information
Showing
5 changed files
with
113 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
--- | ||
title: "Using digger with gitlab CI and Pipelines" | ||
--- | ||
|
||
You can use digger with gitlab as your VCS and gitlab pipelines as a CI backend. Currently this is an EE feature only. | ||
|
||
|
||
### Prerequisites: | ||
|
||
- Having a valid digger EE license key. If you don't have a license key please [contact us](https://calendly.com/diggerdev/diggerdemo) to request an EE trial | ||
- A gitlab account. | ||
- a personal github access token. This can be created from user prefences > access tokens | ||
|
||
### Install the digger EE orchestrator: | ||
|
||
You need to install the digger EE orchestrator. The installation steps are the same as the steps in [self hosting docker](/self-host/deploy-docker) | ||
with some differences: | ||
|
||
- For the docker image you will need to use the ee image: https://github.com/diggerhq/digger/pkgs/container/digger_backend | ||
- You will need to include the license key environment variable to the backend and the cli: `DIGGER_LICENSE_KEY=xxxyyy` | ||
- You can ignore all the steps regarding setting up Github app and all GITHUB_** environment variables | ||
- For gitlab CI configuration you need to specify the following environment variables: | ||
|
||
``` | ||
DIGGER_CI_BACKEND=gitlab_pipelines | ||
DIGGER_GITLAB_WEBHOOK_SECRET=abc123 | ||
DIGGER_GITLAB_ACCESS_TOKEN=glpat-xxxxyyyyyzzzzz # (this is your gitlab access token from prerequisite step) | ||
``` | ||
|
||
Other than that if you folllow the steps in the self hosting guide you should end up with the orchestrator up and running | ||
along with a github app successfully installed. The repo you wish to try with digger should be installed onto the orchestrator. | ||
|
||
|
||
### Prepare your repo with a digger.yml | ||
|
||
You need to prepare a digger.yml to configure your terraform projects. For that refer to our quickstart | ||
guides. For a quick one all you need would be a path to a directory and project name: | ||
|
||
``` | ||
projects: | ||
- name: dev | ||
dir: dev/ | ||
``` | ||
|
||
### Setting up gitlab webhooks | ||
|
||
In the repo where you are interested to integrate with digger you need to set up a webhook pointing to your digger hostname. | ||
Go to Settings > Webhooks and add digger host name. Set the secret token as "abc123" (same as `DIGGER_GITLAB_WEBHOOK_SECRET`) above. | ||
make sure that "Comments" and "Merge request events" are selected for Trigger events. Finally you can save. | ||
|
||
|
||
### Create digger pipeline in your gitlab repo | ||
|
||
To create a gitlab pipeline you can use a .gitlab-ci.yml file in the root of your file. In this you need to | ||
create a script which downloads digger binary and invokes it, the purpose here is to have this pipeline triggered | ||
by digger externally. Here is an example of such file: | ||
|
||
``` | ||
workflow: | ||
rules: | ||
- if: $CI_PIPELINE_SOURCE == "merge_request_event" | ||
when: never | ||
- if: $CI_PIPELINE_SOURCE == "schedule" | ||
when: never | ||
- if: $CI_PIPELINE_SOURCE == "api" | ||
stages: | ||
- digger | ||
image: golang:1.22.4 | ||
print_env: | ||
stage: digger | ||
script: | ||
- env | ||
digger_action: | ||
stage: digger | ||
script: | ||
- apt-get update && apt-get install -y gnupg software-properties-common | ||
- wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg | ||
- gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint | ||
- echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/hashicorp.list | ||
- apt update | ||
- apt-get install terraform | ||
# - git clone https://github.com/diggerhq/digger.git | ||
# - cd digger/cli | ||
# - pwd | ||
# - git checkout feat/gitlab-support2 | ||
# - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o digger ./cmd/digger | ||
# - PATH=$PATH:$(pwd) | ||
# - cd ../../ | ||
- mkdir -p digger && cd digger && curl -SSL -o digger https://github.com/diggerhq/digger/releases/download/vLatest/digger-cli-Linux-X64 | ||
- cd ../ | ||
- digger | ||
``` | ||
|
||
This will instruct digger to run the "spec" which is composed and sent from the backend. That should be | ||
all you need to set up and try digger! | ||
|
||
## Test your setup | ||
|
||
In order to test your setup try to create a pull request in your repo. After you Comment "digger plan" You should see in the backend logs | ||
that a webhook event was received and an initial comment should be triggered in your pull request. Your | ||
gitlab should also trigger and also perform a plan. If successful the job will comment back the plan as follows: | ||
|
||
![](/images/gitlab/gitlab-plan.png) | ||
|
||
![](/images/gitlab/gitlab-apply.png) | ||
|
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters