Skip to content

GitLab

Provisioning Tasks

AddGitlabExternalIdentity

This task makes it easier to add an external identity without writing code. Useful in JIT workflows.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.AddGitlabExternalIdentity
  params:
    # Which omni_auth provider to use
    provider: "openid_connect"
    # The attribute in the user object to map the user's identity to
    userAttribute: "username"

AddGroupToProject

This task will add an existing group to a project and set its entitlements on that project. The group will be added to the last project created by the CreateProject task.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.AddGroupToProject
  params:
    # Group to add
    groupName: "approvers-k8s-$nameSpace$"
    # GitLab provisioning target
    targetName: "gitlab"
    # Entitlement level for the group in the project
    accessLevel: "MAINTAINER"

CreateDeploymentKey

CreateDeploymentKey will create a deployment key on a project, making the key and its base64-encoded value available in the workflow's request object.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.CreateDeploymentKey
  params:
    # GitLab provisioning target
    targetName: "gitlab"
    # Project namespace
    namespace: "$nameSpace$-production"
    # Project name
    project: "$nameSpace$-application"
    # Label for the key
    keyLabel: "tekton_pull"
    # If the key is writeable or read-only
    makeWriteable: "false"
    # The name of the request object where the key is stored, base64 encoded
    privateKeyReuestName: "tektonPullecret"
    # The name of the request object where the key is stored, plain text
    privateKeyReuestNamePT: "tektonPullSecretPT"

CreateGitFile

Creates a file in the named project.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.CreateGitFile
  params:
    # GitLab target
    targetName: "gitlab"
    # Project namespace
    namespace: "$nameSpace$-production"
    # Project name
    project: "$nameSpace$-application"
    # Branch to commit against
    branch: "master"
    # Path and file (excluding "/")
    path: "README.md"
    # Content of the file to create
    content: |
      # $nameSpace$-application

      Fork this project to create your application. Create a pull request to trigger a build and deployment to development.
    # Commit message
    commitMessage: "initializing the repository"

CreateProject

Creates a GitLab project. Can optionally create a webhook and generate a deployment key.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.CreateProject
  params:
    # Project namespace
    namespace: "$nameSpace$-production"
    # Project name
    name: "$nameSpace$-application"
    # Project description
    description: "Application project"
    # Enable issues
    issuesEnabled: "true"
    # Enable merge requests
    mergeRequestsEnabled: "true"
    # Enable wiki
    wikiEnabled: "true"
    # Enable snippets
    snipitsEnabled: "true"
    # Visibility level
    visibility: "2"
    # GitLab provisioning target
    targetName: "gitlab"
    # Git SSH Host
    gitSshHost: "#[GITLAB_SSH_HOST]"
    # Optionally create a webhook
    createWebhook: "true"
    # Webhook suffix
    webhookSuffix: "#[GITLAB_WEBHOOK_SUFFIX]"
    # Webhook branch filter
    webhookBranchFilter: "master"
    # Webhook secret request name
    webhookSecretRequestName: "appProjectWebhook"

ForkProject

Forks a GitLab project into another namespace.

- taskType: customTask
  className: com.tremolosecurity.unison.gitlab.provisioning.tasks.ForkProject
  params:
    # Source project name
    sourceProjectName: "$nameSpace$-operations"
    # Source project namespace
    sourceProjectNamespace: "$nameSpace$-production"
    # Destination namespace
    destinationNamespace: "$nameSpace$-dev"
    # GitLab provisioning target
    targetName: "gitlab"
    # Git SSH Host
    gitSshHost: "#[GITLAB_SSH_HOST]"