tf-modules/gitlab-group
2
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Compare commits

base: tf-modules:master
Branches Tags
tf-modules:master tf-modules:renovate/configure tf-modules:feature/init
..
compare: tf-modules:feature/init
Branches Tags
tf-modules:renovate/configure tf-modules:master tf-modules:feature/init

1 Commits
master ... feature/in

Author SHA1 Message Date
Aleksander Cynarski
19c05b8b3b initial commit 2024-09-14 16:07:11 +02:00
10 changed files with 41 additions and 207 deletions
Expand all files Collapse all files

52
README.md
View File

@@ -1,51 +1 @@
## Requirements
| Name | Version |
|------|---------|
| <a name="requirement_gitlab"></a> [gitlab](#requirement\_gitlab) | 18.0.0 |
## Providers
| Name | Version |
|------|---------|
| <a name="provider_gitlab"></a> [gitlab](#provider\_gitlab) | 18.0.0 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [gitlab_group.group](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/resources/group) | resource |
| [gitlab_group_badge.badge](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/resources/group_badge) | resource |
| [gitlab_group_label.label](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/resources/group_label) | resource |
| [gitlab_group_ldap_link.link_gitlab_group_with_ad_group](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/resources/group_ldap_link) | resource |
| [gitlab_group_variable.variable](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/resources/group_variable) | resource |
| [gitlab_group.parent](https://registry.terraform.io/providers/gitlabhq/gitlab/18.0.0/docs/data-sources/group) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_allowed_avatar_types_json"></a> [allowed\_avatar\_types\_json](#input\_allowed\_avatar\_types\_json) | Path to allowed avatar types json | `string` | `""` | no |
| <a name="input_avatar"></a> [avatar](#input\_avatar) | Type of the icon for the group (default: from type) | `string` | `""` | no |
| <a name="input_avatars_dir"></a> [avatars\_dir](#input\_avatars\_dir) | Avatars directory png files | `string` | `""` | no |
| <a name="input_badges"></a> [badges](#input\_badges) | n/a | <pre>map(object({<br/> link_url = string<br/> image_url = string<br/> }))</pre> | `{}` | no |
| <a name="input_default_branch"></a> [default\_branch](#input\_default\_branch) | The group's default branch | `string` | `"main"` | no |
| <a name="input_description"></a> [description](#input\_description) | Description of the gitlab group | `string` | n/a | yes |
| <a name="input_labels"></a> [labels](#input\_labels) | n/a | <pre>map(object({<br/> description = string<br/> color = string<br/> }))</pre> | `{}` | no |
| <a name="input_name"></a> [name](#input\_name) | Name of the gitlab group | `string` | n/a | yes |
| <a name="input_parent_group"></a> [parent\_group](#input\_parent\_group) | Gitlab parent group | `string` | n/a | yes |
| <a name="input_permissions"></a> [permissions](#input\_permissions) | Group permission mapping | <pre>map(object({<br/> permission = string<br/> }))</pre> | `{}` | no |
| <a name="input_variables"></a> [variables](#input\_variables) | n/a | <pre>map(object({<br/> value = string<br/> description = optional(string)<br/> protected = optional(bool)<br/> masked = optional(bool)<br/> environment_scope = optional(string)<br/> }))</pre> | `{}` | no |
| <a name="input_visibility"></a> [visibility](#input\_visibility) | The group's visibility | `string` | `"private"` | no |
## Outputs
| Name | Description |
|------|-------------|
| <a name="output_full_path"></a> [full\_path](#output\_full\_path) | Full path in gitlab for created group |
| <a name="output_group_name"></a> [group\_name](#output\_group\_name) | Name of created group |
| <a name="output_id"></a> [id](#output\_id) | ID of created group |
# terraform module

2
data.tf
View File

@@ -1,4 +1,4 @@
data "gitlab_group" "parent" {
count = var.parent_group != "" ? 1 : 0
full_path = var.parent_group
}
}

14
data/allowed_icon_types.json
View File

@@ -1,14 +0,0 @@
[
"",
"ansible",
"archived",
"containers",
"devops",
"golang",
"gitlab",
"infrastructure",
"packer",
"python",
"terraform",
"typescript"
]

BIN
images/golang.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 195 KiB

BIN
images/typescript.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

21
locals.tf
View File

@@ -1,18 +1,13 @@
locals {
avatars_dir = var.avatars_dir == "" ? "${path.root}/images" : var.avatars_dir
allowed_avatar_types_json = var.allowed_avatar_types_json == "" ? "${path.root}/data/allowed_avatar_group_types.json" : var.allowed_avatar_types_json
allowed_avatar_types = jsondecode(file("${local.allowed_avatar_types_json}"))
# Define the allowed project types as a map
avatar = try(file("${local.avatars_dir}/${var.avatar}.png"), null) == null ? "${local.avatars_dir}/${var.avatar}.png" : null
permissions_list = {
for key, var in var.permissions : key => merge(
default_ci_variables = {
for key, var in var.ci_variables : key => merge(
{
group = key,
permission = var.permission
}
description = lookup(var, "description", ""),
protected = lookup(var, "protected", false),
masked = lookup(var, "masked", false),
environment_scope = lookup(var, "environment_scope", "*"),
},
var
)
}
}

46
main.tf
View File

@@ -1,33 +1,14 @@
resource "gitlab_group" "group" {
name = var.name
path = var.name
description = var.description
parent_id = var.parent_group != "" ? data.gitlab_group.parent[0].id : null
default_branch = var.default_branch
avatar = local.avatar == null ? null : "${local.avatar}"
avatar_hash = local.avatar == null ? null : filesha256("${local.avatar}")
name = var.name
path = var.name
description = var.description
parent_id = var.parent_group != "" ? data.gitlab_group.parent[0].id : null
avatar = var.type != "" ? "${path.module}/images/${var.type}.png" : null
avatar_hash = var.type != "" ? filesha256("${path.module}/images/${var.type}.png") : null
}
resource "gitlab_group_label" "label" {
for_each = var.labels
group = gitlab_group.group.id
name = each.key
description = each.value.description
color = each.value.color
}
resource "gitlab_group_badge" "badge" {
for_each = var.badges
group = gitlab_group.group.id
name = each.key
link_url = each.value.link_url
image_url = each.value.image_url
}
resource "gitlab_group_variable" "variable" {
for_each = var.variables
resource "gitlab_group_variable" "ci_variables" {
for_each = local.default_ci_variables
group = gitlab_group.group.id
key = each.key
@@ -38,14 +19,3 @@ resource "gitlab_group_variable" "variable" {
environment_scope = each.value.environment_scope
}
resource "gitlab_group_ldap_link" "link_gitlab_group_with_ad_group" {
for_each = local.permissions_list
group = gitlab_group.group.full_path
cn = each.value.group
group_access = each.value.permission
ldap_provider = "ldapmain"
}

11
output.tf
View File

@@ -1,14 +1,7 @@
output "full_path" {
description = "Full path in gitlab for created group"
value = gitlab_group.group.full_path
value = gitlab_group.group.full_path
}
output "id" {
description = "ID of created group"
value = gitlab_group.group.id
}
output "group_name" {
description = "Name of created group"
value = gitlab_group.group.name
value = gitlab_group.group.id
}

2
provider.tf
View File

@@ -2,7 +2,7 @@ terraform {
required_providers {
gitlab = {
source = "gitlabhq/gitlab"
version = "18.0.0"
version = "17.3.1"
}
}
}

100
variable.tf
View File

@@ -1,74 +1,38 @@
variable "parent_group" {
type = string
default = ""
description = "Parent group ID"
}
variable "name" {
type = string
description = "Name of the gitlab group"
description = "Group name"
}
variable "description" {
type = string
description = "Description of the gitlab group"
description = "Group description"
}
variable "parent_group" {
variable "type" {
type = string
description = "Gitlab parent group"
}
variable "visibility" {
type = string
default = "private"
description = "The group's visibility"
description = "Group type"
default = ""
validation {
condition = contains([
"private",
"internal",
"public"
], var.visibility)
error_message = "Unsupported group visibility"
}
}
variable "default_branch" {
type = string
default = "main"
description = "The group's default branch"
}
variable "allowed_avatar_types_json" {
type = string
default = ""
description = "Path to allowed avatar types json"
}
variable "avatar" {
type = string
description = "Type of the icon for the group (default: from type)"
default = ""
validation {
condition = contains(local.allowed_avatar_types, var.avatar)
"",
"container",
"golang",
"typescript",
"cicd"
], var.type)
error_message = "Unsupported group type"
}
}
variable "labels" {
type = map(object({
description = string
color = string
}))
default = {}
}
variable "badges" {
type = map(object({
link_url = string
image_url = string
}))
default = {}
}
variable "variables" {
variable "ci_variables" {
type = map(object({
value = string
description = optional(string)
@@ -76,30 +40,6 @@ variable "variables" {
masked = optional(bool)
environment_scope = optional(string)
}))
default = {}
}
variable "permissions" {
type = map(object({
permission = string
}))
validation {
condition = alltrue([for k, v in var.permissions :
v.permission == "owner" ||
v.permission == "maintainer" ||
v.permission == "developer" ||
v.permission == "reporter" ||
v.permission == "guest"
])
error_message = "Each permission must be one of the following values: owner, maintainer, developer, reporter, guest"
}
description = "Group permission mapping"
description = "CI variables to be set for the group"
default = {}
}
variable "avatars_dir" {
description = "Avatars directory png files"
type = string
default = ""
}