[Pulumi] Use Pulumi GitLab provider TypeScript SDK to manage GitLab

Pulumi is a Modern Infrastructure as Code (IaC) to create, deploy, and manage infrastructure on any cloud using familiar programming languages and tools.

The GitLab provider for Pulumi can be used to provision any of the cloud resources available in GitLab. The GitLab provider must be configured with credentials to deploy and update resources in GitLab.

This article is about how to use Pulumi GitLab provider and TypeScript SDK to manage GitLab.

Prerequisites

• GitLab Account and Token

  GitLab’s DevOps platform is a single application for unparalleled collaboration, visibility, and development velocity. Learn more here Iterate faster, innovate together | GitLab - https://about.gitlab.com/!

  • GitLab account
    You should have a GitLab account or Signup with Sign in · GitLab - https://gitlab.com/users/sign_in.

  • GitLab Token
    You should have or generate a personal access token for quick access to the GitLab API.

    Personal Access Tokens · User Settings · GitLab - https://gitlab.com/-/profile/personal_access_tokens

Install Pulumi and NodeJS

Pulumi

Install the Pulumi - https://www.pulumi.com/ CLI.

# Mac OS X
$ brew install pulumi

NodeJS Language Runtime

Install Node.js - https://nodejs.org/en/.

# Mac OS X
$ brew install node

Pulumi New

First, create a directory col-pulumi-gitlab-typescript or with your prefer name.

$ mkdir col-pulumi-gitlab-typescript
$ cd col-pulumi-gitlab-typescript

Pulumi login into local file system.

$ pulumi login file://.
Logged in to cloudolife as cloudolife (file://.)
or visit https://pulumi.com/docs/reference/install/ for manual instructions and release notes.

Pulumi new a project with TypeScript SDK.

$ pulumi new typescript
This command will walk you through creating a new Pulumi project.

Enter a value or leave blank to accept the (default), and press <ENTER>.
Press ^C at any time to quit.

project name: (col-pulumi-gitlab-typescript) 
project description: (A minimal TypeScript Pulumi program) 
Created project 'col-pulumi-gitlab-typescript'

stack name: (dev) 
Created stack 'dev'
Enter your passphrase to protect config/secrets: 
Re-enter your passphrase to confirm: 

Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember): 
Installing dependencies...

...

To perform an initial deployment, run 'pulumi up'

The above command will create some files within the current directory.

$ tree .
.
├── Pulumi.dev.yaml
├── Pulumi.yaml
├── README.md
├── index.ts
├── node_modules
├── package-lock.json
├── package.json
└── tsconfig.json

See and modify index.ts file.

# main.ts

import * as pulumi from "@pulumi/pulumi";
import * as gitlab from "@pulumi/gitlab";

const project = new gitlab.Project("my-project", {
  description: "example project created by Pulumi",
  visibilityLevel: "public",
});

NPM Install

Then, install pulumi-gitlab TypeScript SDK.

$ npm install @pulumi/gitlab

Pulumi Conf

The Pulumi GitLab Provider needs to be configured with GitLab credentials before it can be used to create resources.

Once obtained, there are two ways to communicate your authorization tokens to Pulumi:

Set the environment variable GITLAB_TOKEN:

export GITLAB_TOKEN=XXXXXXXXXXXXXX

Set them using configuration, if you prefer that they be stored alongside your Pulumi stack for easy multi-user access:

pulumi config set gitlab:token XXXXXXXXXXXXXX --secret

Or pulumi config set gitlab:token --secret
```shell
$ pulumi config set gitlab:token --secret
value: 
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember): 

It will put gitlab:token and value into ./Pulumi.dev.yaml.

# Pulumi.dev.yaml

encryptionsalt: < Encryptionsalt >
config:
  gitlab:token:
    secure: < Secure >

Remember to pass --secret when setting gitlab:token so that it is properly encrypted. A full set of configuration parameters can be found listed on the Project README.

The GitLab provider supports several options for providing access to GitLab credentials. See the GitLab setup page pulumi/pulumi-gitlab: A Pulumi package to facilitate interacting with GitLab - https://github.com/pulumi/pulumi-gitlab/ for details.

Pulumi up

Create Repository

$ pulumi up

You cant visit Clodolife/demo-repo-c192cd1 - https://gitlab.com/Clodolife/demo-repo-40447f2 to see the demo-repo-40447f2 repository or with your prefer name.

Rename Repository

You can rename the repository from demo-repo-40447f2 to demo-repo or with your prefer name…

Modify index.ts file.

# main.ts

import * as pulumi from "@pulumi/pulumi";

import * as gitlab from "@pulumi/gitlab";

const repo = new gitlab.Repository("demo-repo", {
  name: "demo-repo",
  description: "Generated from automated test",
  visibility: "private",
});

Run pulumi up.

$ pulumi up

You cant visit Clodolife/demo-repo - https://gitlab.com/Clodolife/demo-repo to see the demo-repo repository or with your prefer name.

Pulumi Destroy

Destroy all resources created by Pulumi.

$ pulumi destroy

FAQs

Missing required argument: “mirror”: all of import_url,mirror must be specified

$ pulumi up
...
    error: gitlab:index/project:Project resource 'my-project' has a problem: Missing required argument: "mirror": all of `import_url,mirror` must be specified. Examine values at 'Project.Mirror'.
    error: gitlab:index/project:Project resource 'my-project' has a problem: Missing required argument: "mirror_trigger_builds": all of `import_url,mirror_trigger_builds` must be specified. Examine values at 'Project.MirrorTriggerBuilds'.
    error: gitlab:index/project:Project resource 'my-project' has a problem: Missing required argument: "mirror_overwrites_diverged_branches": all of `import_url,mirror_overwrites_diverged_branches` must be specified. Examine values at 'Project.MirrorOverwritesDivergedBranches'.
    error: gitlab:index/project:Project resource 'my-project' has a problem: Missing required argument: "only_mirror_protected_branches": all of `import_url,only_mirror_protected_branches` must be specified. Examine values at 'Project.OnlyMirrorProtectedBranches'.
...

Append the missing argument importUrl to main.ts file.

const project = new gitlab.Project("my-project", {
  description: "example project created by Pulumi",
  visibilityLevel: "public",
+   importUrl: "",
});

See Can’t create projects without a mirror url in 4.2.0 [python] · Issue #128 · pulumi/pulumi-gitlab - https://github.com/pulumi/pulumi-gitlab/issues/128 to learn more.

References

[1] GitLab | Pulumi - https://www.pulumi.com/docs/intro/cloud-providers/gitlab/

[2] GitLab Setup | Pulumi - https://www.pulumi.com/docs/intro/cloud-providers/gitlab/setup/

[3] pulumi/pulumi-gitlab: A GitLab Pulumi resource package, providing multi-language access to GitLab - https://github.com/pulumi/pulumi-gitlab

[4] Pulumi - Modern Infrastructure as Code - https://www.pulumi.com/

[5] Node.js - https://nodejs.org/en/

[6] Personal Access Tokens · User Settings · GitLab - https://gitlab.com/-/profile/personal_access_tokens

[7] Iterate faster, innovate together | GitLab - https://about.gitlab.com/

[8] Can’t create projects without a mirror url in 4.2.0 [python] · Issue #128 · pulumi/pulumi-gitlab - https://github.com/pulumi/pulumi-gitlab/issues/128