🦊GitLab Pipelines
CI/CD Automation
Gitlab Pipelines allows Resourcely to automatically evaluate your Terraform plans and policies on every pull request, and provide feedback directly within your merge-request. To set up Resourcely with Gitlab Pipelines, you must perform the following steps:
Adding Required Variables to the Repository
Create a Resourcely Job
Adding Required Variables to the Repository
Resourcely can be configured using environment variables. Some variables are optional and used for configuration, while others must be defined before the guardrails can be validated.
RESOURCELY_API_TOKEN
(Required) Token generated from the Resourcely portal. Used to verify infrastructure guardrails.
Yes
TF_PLAN_DIRECTORY
(Optional) The directory where the terraform files to verify are located.
Default Value: $CI_PROJECT_DIR
No
In GitLab, you can define non-secret variables within your .gitlab-ci.yml
as follows:
Secret variables should be applied using GitLab UI CI/CD variables. You can use UI CI/CD variables in this case to store values you don't want others to see by avoiding hard-coding them in your .gitlab-ci.yml
file and limit who can access them.
You must be a project member with the Maintainer role in order to create and manage UI CI/CD variables.
You can add a UI CI/CD variable as follows:
Open the repository you want to Resourcely to watch
Click the Settings tab
Click on the CI/CD
Scroll down and expand the Variables section
Click on the Add Variable button
Add the following variables and their values one at a time and press the Add variable button
Make sure to select the Mask variable flag so that secret data is not exposed in the job output.
You can learn more about GitLab CI/CD variables by checking out the following documentation:
Creating the Resourcely Job
Open the GitLab project you wish to use.
Create a file named
.gitlab-ci.yml
your the project's root directory, note that it may already existCopy and paste the following code
Note: The Resourcely guardrail validation GitLab template is imported directly from the Resourcely
Commit the change to the main branch
You should now have the Resourcely Job enabled in your GitLab pipeline, which will run each time a new resource generation Merge Request is created.
Last updated