From 08780c7d2993d97b2bbb95605ef69980d13f51ee Mon Sep 17 00:00:00 2001 From: Liora Milbaum Date: Wed, 4 Oct 2023 09:19:24 +0300 Subject: [PATCH] Renamed gitlab-permissions module to gitlab-authorization --- Makefile | 23 ++++--- .../terragrunt.hcl | 6 +- .../terragrunt.hcl | 6 +- .../terragrunt.hcl | 6 +- .../backend.tf | 0 modules/gitlab-authorization/main.tf | 17 +++++ .../providers.tf | 0 modules/gitlab-authorization/variables.tf | 33 ++++++++++ .../versions.tf | 0 modules/gitlab-permissions/main.tf | 24 ------- modules/gitlab-permissions/variables.tf | 63 ------------------- 11 files changed, 69 insertions(+), 109 deletions(-) rename live/ci/{gitlab-permissions => gitlab-authorization}/terragrunt.hcl (56%) rename live/dev/{gitlab-permissions => gitlab-authorization}/terragrunt.hcl (56%) rename live/prod/{gitlab-permissions => gitlab-authorization}/terragrunt.hcl (56%) rename modules/{gitlab-permissions => gitlab-authorization}/backend.tf (100%) create mode 100644 modules/gitlab-authorization/main.tf rename modules/{gitlab-permissions => gitlab-authorization}/providers.tf (100%) create mode 100644 modules/gitlab-authorization/variables.tf rename modules/{gitlab-permissions => gitlab-authorization}/versions.tf (100%) delete mode 100644 modules/gitlab-permissions/main.tf delete mode 100644 modules/gitlab-permissions/variables.tf diff --git a/Makefile b/Makefile index 1fd0c56..eaa7147 100644 --- a/Makefile +++ b/Makefile @@ -24,10 +24,19 @@ tf/destroy: ${TERRAGRUNT_CMD} destroy -terragrunt-log-level debug tf/apply/audit: - cd live/${ENV}/audit && terragrunt run-all --terragrunt-non-interactive apply -auto-approve + cd live/${ENV}/audit && terragrunt run-all --terragrunt-non-interactive apply -tf/apply/gitlab-permissions: - cd live/${ENV}/gitlab-permissions && terragrunt run-all --terragrunt-non-interactive apply -auto-approve +tf/init/gitlab-authorization: + cd live/${ENV}/gitlab-authorization && terragrunt run-all --terragrunt-non-interactive init + +tf/plan/gitlab-authorization: + cd live/${ENV}/gitlab-authorization && terragrunt run-all --terragrunt-non-interactive plan + +tf/apply/gitlab-authorization: + cd live/${ENV}/gitlab-authorization && terragrunt run-all --terragrunt-non-interactive apply + +tf/destroy/gitlab-authorization: + cd live/${ENV}/gitlab-authorization && terragrunt run-all --terragrunt-non-interactive destroy tf/init/gitlab-runners: cd live/${ENV}/gitlab-runners && terragrunt run-all --terragrunt-non-interactive init @@ -36,7 +45,7 @@ tf/plan/gitlab-runners: cd live/${ENV}/gitlab-runners && terragrunt run-all --terragrunt-non-interactive plan tf/apply/gitlab-runners: - cd live/${ENV}/gitlab-runners && terragrunt run-all --terragrunt-non-interactive apply -auto-approve + cd live/${ENV}/gitlab-runners && terragrunt run-all --terragrunt-non-interactive apply tf/destroy/gitlab-runners: cd live/${ENV}/gitlab-runners && terragrunt run-all --terragrunt-non-interactive destroy @@ -51,7 +60,7 @@ tf/plan/renovate-runners: cd live/${ENV}/renovate-runners && terragrunt run-all --terragrunt-non-interactive plan tf/apply/renovate-runners: - cd live/${ENV}/renovate-runners && terragrunt run-all --terragrunt-non-interactive apply -auto-approve + cd live/${ENV}/renovate-runners && terragrunt run-all --terragrunt-non-interactive apply tf/import/renovate-runners: cd live/${ENV}/renovate-runners && terragrunt import github_repository.repository renovate-runner @@ -66,7 +75,7 @@ tf/plan/github-automerge: cd live/${ENV}/github-automerge && terragrunt run-all --terragrunt-non-interactive plan tf/apply/github-automerge: - cd live/${ENV}/github-automerge && terragrunt run-all --terragrunt-non-interactive apply -auto-approve + cd live/${ENV}/github-automerge && terragrunt run-all --terragrunt-non-interactive apply tf/destroy/github-automerge: - cd live/${ENV}/github-automerge && terragrunt run-all --terragrunt-non-interactive destroy -auto-approve + cd live/${ENV}/github-automerge && terragrunt run-all --terragrunt-non-interactive destroy diff --git a/live/ci/gitlab-permissions/terragrunt.hcl b/live/ci/gitlab-authorization/terragrunt.hcl similarity index 56% rename from live/ci/gitlab-permissions/terragrunt.hcl rename to live/ci/gitlab-authorization/terragrunt.hcl index c0177f0..f0567f2 100644 --- a/live/ci/gitlab-permissions/terragrunt.hcl +++ b/live/ci/gitlab-authorization/terragrunt.hcl @@ -1,9 +1,5 @@ terraform { - source = "../../../modules//gitlab-permissions" - extra_arguments "var-file" { - commands = ["apply", "plan"] - arguments = ["-var-file=ci.tfvars"] - } + source = "../../../modules//gitlab-authorization" } include "root" { diff --git a/live/dev/gitlab-permissions/terragrunt.hcl b/live/dev/gitlab-authorization/terragrunt.hcl similarity index 56% rename from live/dev/gitlab-permissions/terragrunt.hcl rename to live/dev/gitlab-authorization/terragrunt.hcl index ab0b594..f0567f2 100644 --- a/live/dev/gitlab-permissions/terragrunt.hcl +++ b/live/dev/gitlab-authorization/terragrunt.hcl @@ -1,9 +1,5 @@ terraform { - source = "../../../modules//gitlab-permissions" - extra_arguments "var-file" { - commands = ["apply", "plan"] - arguments = ["-var-file=dev.tfvars"] - } + source = "../../../modules//gitlab-authorization" } include "root" { diff --git a/live/prod/gitlab-permissions/terragrunt.hcl b/live/prod/gitlab-authorization/terragrunt.hcl similarity index 56% rename from live/prod/gitlab-permissions/terragrunt.hcl rename to live/prod/gitlab-authorization/terragrunt.hcl index 697f312..f0567f2 100644 --- a/live/prod/gitlab-permissions/terragrunt.hcl +++ b/live/prod/gitlab-authorization/terragrunt.hcl @@ -1,9 +1,5 @@ terraform { - source = "../../../modules//gitlab-permissions" - extra_arguments "var-file" { - commands = ["apply", "plan"] - arguments = ["-var-file=prod.tfvars"] - } + source = "../../../modules//gitlab-authorization" } include "root" { diff --git a/modules/gitlab-permissions/backend.tf b/modules/gitlab-authorization/backend.tf similarity index 100% rename from modules/gitlab-permissions/backend.tf rename to modules/gitlab-authorization/backend.tf diff --git a/modules/gitlab-authorization/main.tf b/modules/gitlab-authorization/main.tf new file mode 100644 index 0000000..1d0600e --- /dev/null +++ b/modules/gitlab-authorization/main.tf @@ -0,0 +1,17 @@ +data "gitlab_group" "top_level_group" { + full_path = var.top_level_group_full_path +} + +resource "gitlab_group_ldap_link" "developers_group" { + group = data.gitlab_group.top_level_group.id + cn = var.ldap_developers_group + group_access = "developer" + ldap_provider = "ldapmain" +} + +resource "gitlab_group_ldap_link" "owners_group" { + group = data.gitlab_group.top_level_group.id + cn = var.ldap_owners_group + group_access = "owner" + ldap_provider = "ldapmain" +} diff --git a/modules/gitlab-permissions/providers.tf b/modules/gitlab-authorization/providers.tf similarity index 100% rename from modules/gitlab-permissions/providers.tf rename to modules/gitlab-authorization/providers.tf diff --git a/modules/gitlab-authorization/variables.tf b/modules/gitlab-authorization/variables.tf new file mode 100644 index 0000000..3fb1106 --- /dev/null +++ b/modules/gitlab-authorization/variables.tf @@ -0,0 +1,33 @@ +variable "token" { + type = string + description = "Gitlab token" + sensitive = true +} + +variable "insecure" { + type = string + description = "Do not verify certifcate if true" +} + +variable "base_url" { + type = string + description = "gitlab api end point" +} + +variable "top_level_group_full_path" { + type = string + description = "GitLab top level group full path" + sensitive = true +} + +variable "ldap_developers_group" { + type = string + description = "LDAP developers group" + sensitive = true +} + +variable "ldap_owners_group" { + type = string + description = "LDAP owners group" + sensitive = true +} diff --git a/modules/gitlab-permissions/versions.tf b/modules/gitlab-authorization/versions.tf similarity index 100% rename from modules/gitlab-permissions/versions.tf rename to modules/gitlab-authorization/versions.tf diff --git a/modules/gitlab-permissions/main.tf b/modules/gitlab-permissions/main.tf deleted file mode 100644 index ea1ffff..0000000 --- a/modules/gitlab-permissions/main.tf +++ /dev/null @@ -1,24 +0,0 @@ -resource "gitlab_user" "bot_user" { - name = var.gitlab_bot_user_name - username = var.gitlab_bot_user_username - email = var.gitlab_bot_user_email -} - -resource "gitlab_group" "top_level_group" { - name = var.top_level_group_name - path = var.top_level_group_path -} - -resource "gitlab_group_ldap_link" "developers_group" { - group = gitlab_group.top_level_group.id - cn = var.ldap_developers_group - group_access = "developer" - ldap_provider = "ldapmain" -} - -resource "gitlab_group_ldap_link" "owners_group" { - group = gitlab_group.top_level_group.id - cn = var.ldap_owners_group - group_access = "developer" - ldap_provider = "ldapmain" -} diff --git a/modules/gitlab-permissions/variables.tf b/modules/gitlab-permissions/variables.tf deleted file mode 100644 index 93a84b2..0000000 --- a/modules/gitlab-permissions/variables.tf +++ /dev/null @@ -1,63 +0,0 @@ -variable "token" { - type = string - description = "Gitlab token" - sensitive = true -} - -variable "insecure" { - type = string - description = "Do not verify certifcate if true" -} - -variable "base_url" { - type = string - description = "gitlab api end point" -} - -variable "top_level_group_name" { - type = string - description = "GitLab top level group name" - sensitive = true -} - -variable "top_level_group_path" { - type = string - description = "GitLab top level group path" - sensitive = true -} - -variable "ldap_developers_group" { - type = string - description = "LDAP developers group" - sensitive = true -} - -variable "ldap_owners_group" { - type = string - description = "LDAP owners group" - sensitive = true -} - -variable "gitlab_bot_user_id" { - type = number - description = "GitLab bot user id" - sensitive = true -} - -variable "gitlab_bot_user_name" { - type = string - description = "GitLab bot user name" - sensitive = true -} - -variable "gitlab_bot_user_username" { - type = string - description = "GitLab bot user username" - sensitive = true -} - -variable "gitlab_bot_user_email" { - type = string - description = "GitLab bot user email" - sensitive = true -}