terraform-tofu-labs/4-gitlab-ci/README.md

3.9 KiB

Introduction

First off this lab is entirely optional and also not for the faint hearted. Gitlab CI is currently introducing components to replace the current templates and openTofu will be updated to that as soon as they are supported in self managed runners. If you're not comfortable experimenting and cleaning things up in AWS manually don't do this lab. For this lab I recommend using the terraform template, I'll update this once the tofu templates are ready.

First things first lets get some things setup. Make sure you have a free account on https://gitlab.com

Get AWS Credentials for Gitlab

Log into the AWS console and head to the IAM service. In here you need to create a new user called gitlab.

Generate an AWS user

Hit next and continue. On the next screen click attach policy and choose Administrator Access (this is because you sometimes need to use terraform/tofu to create IAM policies)

Generate an AWS user

Now click next until the user is created. You can now click that user in the IAM console and click on the security tab. Here you'll need to click on create access key

Generate an AWS user

Now you can select the top option Command Line Interface and check the accept box at the bottom of the page then hit next.

Generate an AWS user

Enter gitlab access for the optional field.

Generate an AWS user

Now click Download CSV and save this file for getting your access keys from later, you'll need to input these into Gitlab.

Generate an AWS user

Set up Gitlab CI/CD

First steps

  1. Login to Gitlab and create a new private repo
  2. Clone that repo either into CloudShell or your local machine
  3. Copy the files from this directories code folder into your new cloned repo
  4. Edit versions.tf to match your bucket and table created in lab 3
  5. Run git add .
  6. Run git commit -a -m "initial commit
  7. Run git push

Set up variables for CI/CD

  1. Login to Gitlab
  2. Open your project repo
  3. Click on Settings > CI/CD

Settings in Gitlab

  1. Expand the Variables section
  2. Add the following variables as masked and expanded, untick protected. Create Variables for:
  • AWS_ACCESS_KEY_ID (use the value from your downloaded CSV)
  • AWS_SECRET_ACCESS_KEY (use the value from your downloaded CSV)
  • AWS_DEFAULT_REGION (set to eu-west-1)

Setting variables in Gitlab

Add a ci/cd template

  1. Login to Gitlab
  2. Go to your project
  3. Go to Build in the left hand menu and then Pipeline Editor

Pipeline Editor

  1. Click Configure Pipeline
  2. Click Browse templates or copy the below and paste into your pipeline:
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml

include:
  - template: Terraform/Base.gitlab-ci.yml  # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Terraform/Base.gitlab-ci.yml

stages:
  - validate
  - test
  - build
  - deploy
  - cleanup

fmt:
  extends: .terraform:fmt
  needs: []

validate:
  extends: .terraform:validate
  needs: []

build:
  extends: .terraform:build
  environment:
    name: demo
    action: prepare

deploy:
  extends: .terraform:deploy
  dependencies:
    - build
  environment:
    name: demo
    action: start
  1. Click commit and your build should begin
  2. You'll need to manually click deploy in the pipeline view

Build Pipeline

Clean Up

You should be able to run the following from your local directory as the state file is configured to be remote.

tofu destroy