feat: initial commit

2021-11-27 11:14:20 +01:00 · 2021-11-27 11:14:20 +01:00 · b406d732c3
commit b406d732c3
11 changed files with 197 additions and 0 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -0,0 +1,13 @@
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+end_of_line = lf
+max_line_length = null
+
+[Makefile]
+indent_style = tab
--- a/.git-hooks/pre-commit
+++ b/.git-hooks/pre-commit
@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+make tf-fmt-check
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+.terraform
+.terraform.lock.hcl
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,80 @@
+default:
+  image:
+    name: hashicorp/terraform:1.0.0
+    entrypoint: [""]
+
+stages:
+  - init
+  - validation
+  - pre-release
+  - release
+
+init:
+  stage: init
+  script:
+    - terraform init -input=false
+  artifacts:
+    untracked: false
+    expire_in: 30 days
+    paths:
+      - .terraform
+      - .terraform.lock.hcl
+
+format:
+  stage: validation
+  script:
+    - terraform fmt -recursive -check -diff .
+
+validate:
+  stage: validation
+  script:
+    - terraform validate
+
+tag release:
+  stage: pre-release
+  image: node:16-buster-slim
+  before_script:
+    - apt-get update && apt-get upgrade -y --no-install-recommends git-core ca-certificates
+    - npm install -g semantic-release @semantic-release/gitlab
+  script:
+    - semantic-release -b ${CI_COMMIT_REF_NAME}
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: never
+    - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH
+      when: always
+    - if: $CI_COMMIT_MSG =~ /^chore\(CHANGELOG\):/
+      when: never
+
+tag release dry-run:
+  stage: pre-release
+  image: node:16-buster-slim
+  before_script:
+    - apt-get update && apt-get upgrade -y --no-install-recommends git-core ca-certificates
+    - npm install -g semantic-release @semantic-release/gitlab
+  script:
+    - semantic-release -d -b ${CI_COMMIT_REF_NAME}
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: never
+    - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH
+      when: never
+    - if: $CI_COMMIT_MSG =~ /^chore\(CHANGELOG\):/
+      when: never
+
+publish:
+  stage: release
+  image: curlimages/curl:latest
+  variables:
+    TERRAFORM_MODULE_NAME: ${CI_PROJECT_NAME}
+    TERRAFORM_MODULE_VERSION: ${CI_COMMIT_TAG}
+    TERRAFORM_MODULE_SYSTEM: gitlab
+    ARCHIVE_FILE: ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tar.gz
+    UPLOAD_ENDPOINT: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${TERRAFORM_MODULE_NAME}/${TERRAFORM_MODULE_SYSTEM}/${TERRAFORM_MODULE_VERSION}/file
+  script:
+    - |
+      set -e
+      tar -cvzf "${ARCHIVE_FILE}" --exclude=./.terraform --exclude=./.terraform.lock.hcl --exclude=./.git --exclude=./.git-hooks --exclude=./Makefile --exclude=./.editorconfig --exclude=./.gitignore --exclude=./.releaserc.yml --exclude=./.gitlab-ci.yml .
+      curl --fail-with-body --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file "${ARCHIVE_FILE}" "${UPLOAD_ENDPOINT}"
+  rules:
+    - if: $CI_COMMIT_TAG
--- a/.releaserc.yml
+++ b/.releaserc.yml
@ -0,0 +1,29 @@
+verifyConditions:
+  - "@semantic-release/gitlab"
+  # - "@semantic-release/changelog"
+  # - "@semantic-release/git"
+prepare:
+  # - "@semantic-release/changelog"
+  # - "@semantic-release/git"
+generateNotes:
+  - "@semantic-release/release-notes-generator"
+publish:
+  - "@semantic-release/gitlab"
+success: false
+fail: false
+npmPublish: false
+tagFormat: ${version}
+plugins:
+  - - "@semantic-release/commit-analyzer"
+    - preset: angular
+      parserOpts:
+        - "BREAKING CHANGE"
+        - "BREAKING CHANGES"
+        - "BREAKING"
+  - - "@semantic-release/release-notes-generator"
+  # - - "@semantic-release/changelog"
+  #   - changelogFile: "CHANGELOG.md"
+  # - - "@semantic-release/git"
+  #   - assets:
+  #       - "CHANGELOG.md"
+  #     message: "chore(CHANGELOG): ${nextRelease.version}\n\n${nextRelease.notes}"
--- a/12
+++ b/12
@ -0,0 +1,12 @@
+.PHONY: setup-git-hooks
+setup-git-hooks:
+	rm -rf .git/hooks
+	(cd .git && ln -s ../.git-hooks hooks)
+
+.PHONY: tf-fmt-check
+tf-fmt-check:
+	terraform fmt -recursive -check
+
+.PHONY: tf-fmt
+tf-fmt:
+	terraform fmt -recursive
--- a/README.md
+++ b/README.md
@ -0,0 +1,3 @@
+# Terraform modules / GitLab project
+
+Default GitLab project with branch protection
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,14 @@
+resource "gitlab_project" "project" {
+  name           = var.project_name
+  path           = var.project_path
+  description    = var.project_desc
+  namespace_id   = var.project_namespace_id
+  default_branch = var.project_default_branch
+}
+
+resource "gitlab_branch_protection" "default_branch_protection" {
+  project            = gitlab_project.project.id
+  branch             = var.project_default_branch
+  push_access_level  = var.protection_push_access_level
+  merge_access_level = var.protection_merge_access_level
+}
--- a/outputs.tf
+++ b/outputs.tf
@ -0,0 +1,3 @@
+output "project_id" {
+  value = gitlab_project.project.id
+}
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,30 @@
+variable "project_name" {
+  type = string
+}
+
+variable "project_path" {
+  type = string
+}
+
+variable "project_desc" {
+  type = string
+}
+
+variable "project_default_branch" {
+  type    = string
+  default = "main"
+}
+
+variable "project_namespace_id" {
+  type = string
+}
+
+variable "protection_push_access_level" {
+  type    = string
+  default = "maintainer"
+}
+
+variable "protection_merge_access_level" {
+  type    = string
+  default = "maintainer"
+}
--- a/versions.tf
+++ b/versions.tf
@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    gitlab = {
+      source  = "gitlabhq/gitlab"
+      version = ">=3.6.0"
+    }
+  }
+}