|
| 1 | +--- |
| 2 | +title: "Using digger with gitlab Pipelines" |
| 3 | +--- |
| 4 | + |
| 5 | + |
| 6 | +You can use Digger with Gitlab as your VCS and Gitlab pipelines as a CI backend. Currently this is an EE feature only. |
| 7 | + |
| 8 | +### Prerequisites: |
| 9 | + |
| 10 | +- Having a valid Digger EE license key. This needs to be provided by us, please [contact us](https://digger.dev/pricing) to request it |
| 11 | +- A Gitlab account. |
| 12 | +- A personal Gitlab access token. This can be created from user preferences > access tokens |
| 13 | + |
| 14 | +### Install the digger EE orchestrator: |
| 15 | + |
| 16 | +You need to install the digger EE orchestrator. The installation steps are the same as the steps in [**self hosting docker**](https://docs.digger.dev/self-host/deploy-docker) with some differences: |
| 17 | + |
| 18 | +- For the docker image you will need to use the ee image: https://github.com/diggerhq/digger/pkgs/container/digger_backend_ee **(latest version, v0.6.5 as of this guide)** |
| 19 | +- You will need to include the license key environment variable to the backend and the cli: **`DIGGER_LICENSE_KEY=xxxyyy`** |
| 20 | +- You can ignore all the steps regarding setting up Github app and all GITHUB_** environment variables |
| 21 | +- For gitlab CI configuration you need to specify the following environment variables: |
| 22 | + |
| 23 | +```jsx |
| 24 | +DIGGER_CI_BACKEND=gitlab_pipelines |
| 25 | +DIGGER_GITLAB_WEBHOOK_SECRET=abc123 |
| 26 | +DIGGER_GITLAB_ACCESS_TOKEN=glpat-xxxxyyyyyzzzzz # (this is your gitlab access token from prerequisite step)` |
| 27 | +DIGGER_GITLAB_BASE_URL=https://git.mydomain.com/api/v4 |
| 28 | +``` |
| 29 | + |
| 30 | +Other than that if you follow the steps in the self hosting guide you should end up with the orchestrator up and running along with a webhook set for your gitlab POC repo. |
| 31 | + |
| 32 | +### Prepare your repo with a digger.yml |
| 33 | + |
| 34 | +You need to prepare a digger.yml to configure your terraform projects. For that refer to our quickstart guides. For a quick one all you need would be a path to a directory and project name: |
| 35 | + |
| 36 | +```jsx |
| 37 | +projects: |
| 38 | + - name: dev |
| 39 | + dir: dev/ |
| 40 | +``` |
| 41 | + |
| 42 | +**Setting up Gitlab webhooks** |
| 43 | + |
| 44 | +In the repo where you are interested to integrate with digger you need to set up a webhook pointing to your digger hostname. Go to Settings > Webhooks and add digger host name. Set the secret token as “abc123” (same as **`DIGGER_GITLAB_WEBHOOK_SECRET`**) above. make sure that “Comments” and “Merge request events” are selected for Trigger events. Finally you can save. |
| 45 | + |
| 46 | +### Create digger pipeline in your gitlab repo |
| 47 | + |
| 48 | +To create a Gitlab pipeline you can use a .gitlab-ci.yml file in the root of your file. In this you need to create a script which downloads Digger binary and invokes it, the purpose here is to have this pipeline triggered by Digger externally. Here is an example of such file: |
| 49 | + |
| 50 | +```jsx |
| 51 | +
|
| 52 | +variables: |
| 53 | + DIGGER_LICENSE_KEY: "XXXXXXXXXXXXXXXXXXXXXX" |
| 54 | + DIGGER_GITLAB_BASE_URL: "https://git.mydomain.com/api/v4" # optional |
| 55 | +
|
| 56 | +workflow: |
| 57 | + rules: |
| 58 | + - if: $CI_PIPELINE_SOURCE == "merge_request_event" |
| 59 | + when: never |
| 60 | + - if: $CI_PIPELINE_SOURCE == "schedule" |
| 61 | + when: never |
| 62 | + - if: $CI_PIPELINE_SOURCE == "api" |
| 63 | +stages: |
| 64 | +- digger |
| 65 | +
|
| 66 | +image: golang:1.22.4 |
| 67 | +
|
| 68 | +print_env: |
| 69 | + stage: digger |
| 70 | + script: |
| 71 | + - env |
| 72 | +
|
| 73 | +digger_action: |
| 74 | + stage: digger |
| 75 | + script: |
| 76 | + - apt-get update && apt-get install -y gnupg software-properties-common |
| 77 | + - wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg |
| 78 | + - gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint |
| 79 | + - echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/hashicorp.list |
| 80 | + - apt update |
| 81 | + - apt-get install terraform |
| 82 | + - mkdir -p digger && cd digger && curl -SSL -o digger https://github.com/diggerhq/digger/releases/download/v0.6.5/digger-ee-cli-Linux-X64 |
| 83 | + - chmod +x digger |
| 84 | + - cd ../ |
| 85 | + - digger |
| 86 | +``` |
| 87 | + |
| 88 | +This will instruct digger to run the “spec” which is composed and sent from the backend. That should be all you need to set up and try digger! |
| 89 | + |
| 90 | +## Test your setup |
| 91 | + |
| 92 | +In order to test your setup try to create a pull request in your repo. After you Comment “digger plan” You should see in the backend logs that a webhook event was received and an initial comment should be triggered in your pull request. |
| 93 | + |
| 94 | +Your Gitlab should also trigger and also perform a plan. If successful the job will comment back the plan as follows: |
| 95 | + |
| 96 | + |
| 97 | + |
| 98 | + |
0 commit comments