作成されるもの
- グループ(publics)
- グループのデフォルトバッジ
- リリースバッジ
- パイプラインバッジ
- カバレッジバッジ
- runner設定(とトークン)
- グループ配下のプロジェクト(playwright-light)
- グループのデフォルトバッジ
terraform定義
main.tf
terraform {
required_providers {
gitlab = {
source = "gitlabhq/gitlab"
version = "17.2.0"
}
}
}
provider "gitlab" {
# rootアカウント、APIスコープでpersonal access tokenを発行する。1日程度の短い期限を推奨。
token = "glpat-******"
base_url = "https://gitlab.aruki.com/api/v4/"
}
resource "gitlab_group" "publics" {
name = "publics"
path = "publics"
visibility_level = "public"
description = "An public group"
}
# https://docs.gitlab.com/ee/user/project/badges.html#placeholders
resource "gitlab_group_badge" "pipeline" {
group = gitlab_group.publics.id
link_url = "https://gitlab.aruki.com/%%{project_path}/-/pipelines?ref=%%{default_branch}"
image_url = "https://gitlab.aruki.com/%%{project_path}/badges/%%{default_branch}/pipeline.svg?ignore_skipped=true&key_text=playwright"
}
resource "gitlab_group_badge" "coverage" {
group = gitlab_group.publics.id
link_url = "https://gitlab.aruki.com/%%{project_path}/-/jobs?statuses=SUCCESS"
image_url = "https://gitlab.aruki.com/%%{project_path}/badges/%%{default_branch}/coverage.svg"
}
resource "gitlab_group_badge" "release" {
group = gitlab_group.publics.id
link_url = "https://gitlab.aruki.com/%%{project_path}/-/releases"
image_url = "https://gitlab.aruki.com/%%{project_path}/-/badges/release.svg?order_by=release_at"
}
resource "gitlab_project" "playwright" {
namespace_id = gitlab_group.publics.id
name = "playwright-light"
description = "playwright chronus example: https://publics.gitlab.aruki.io/playwright-light"
pages_access_level = "private"
visibility_level = "internal"
}
resource "gitlab_project_badge" "playwright_container_scanning" {
project = gitlab_project.playwright.id
name = "container_scanning"
link_url = "https://gitlab.aruki.com/%%{project_path}/-/jobs/artifacts/main/browse?job=container_scanning"
image_url = "https://gitlab.aruki.com/%%{project_path}/badges/%%{default_branch}/pipeline.svg?ignore_skipped=true&key_text=container_scanning&key_width=130"
}
resource "gitlab_group_access_token" "gat" {
group = gitlab_group.publics.id
name = "Renovate and Registry"
expires_at = "2025-05-19"
access_level = "owner"
scopes = ["api"]
}
resource "gitlab_user_runner" "publics" {
runner_type = "group_type"
group_id = gitlab_group.publics.id
description = "Privilaged docker runner."
access_level = "not_protected"
untagged = true
locked = false
}
resource "gitlab_application_settings" "this" {
}
output "playwright" {
description = "playwtight"
value = nonsensitive(yamlencode(gitlab_project.playwright))
}
output "gat" {
description = "group-token"
value = nonsensitive(gitlab_group_access_token.gat.token)
}
output "gitlab_application_settings" {
description = "settings"
value = nonsensitive(yamlencode(gitlab_application_settings.this))
}
output "gitlab_group_runner" {
description = "runner-token"
value = nonsensitive(gitlab_user_runner.publics.token)
}
terraform init
terraform plan
terraform apply
gitlab-runnerの登録
gitlab-runner register --non-interactive --url "https://gitlab.aruki.com/" --name "my-docker-runner" --executor "docker" --docker-image alpine:3.20 --docker-privileged=true --docker-volumes '/var/run/docker.sock:/var/run/docker.sock' --docker-volumes '/cache' --docker-extra-hosts 'gitlab.aruki.com:192.168.1.3' --docker-tlsverify=false --tls-cert-file '/usr/local/share/ca-certificates/gitlab.aruki.com.crt' --registr
ation-token "glrt-*****"
パラメータの説明
| 引数 | 引数の意味 | 値の例 |
|---|---|---|
| --non-interactive | UIを使用しない | - |
| --url | GitLabのURL | https://gitlab.example.com/ |
| --name | Runner名称 | my-docker-runner |
| --docker-image | dockerイメージ | alpine:3.20 |
| --docker-privileged | (任意)dind用の特権にする | true |
| --docker-volumes | (任意)ボリュームマウント。複数回使用可能 | /var/run/docker.sock:/var/run/docker.sock |
| --docker-extra-hosts | (任意)主にセルフホスト時に使用するホスト名とIPの解決 | gitlab.example.com:192.168.1.3 |
| --docker-tlsverify | (任意)TLS検証を行うかどうか。主にセルフホスト時かつ自己証明書で使用する。 | false |
| --tls-cert-file | (任意)使用したいTLS証明書。主にセルフホスト時かつ自己証明書で使用する。 | /usr/local/share/ca-certificates/gitlab.example.com.crt |
参考資料