Gitlab CI and Pipelines
You can use digger with gitlab as your VCS and gitlab pipelines as a CI backend. Currently this is an EE feature only.
Prerequisites:
- Having a valid digger EE license key. If you don’t have a license key please contact us to request an EE trial
- A gitlab account.
- a personal github access token. This can be created from user preferences > access tokens
Install the digger EE orchestrator:
You need to install the digger EE orchestrator. The installation steps are the same as the steps in self hosting docker with some differences:
- For the docker image you will need to use the ee image: https://github.com/diggerhq/digger/pkgs/container/digger_backend
- You will need to include the license key environment variable to the backend and the cli:
DIGGER_LICENSE_KEY=xxxyyy
- You can ignore all the steps regarding setting up Github app and all GITHUB_** environment variables
- For gitlab CI configuration you need to specify the following environment variables:
Other than that if you follow the steps in the self hosting guide you should end up with the orchestrator up and running along with a github app successfully installed. The repo you wish to try with digger should be installed onto the orchestrator.
Prepare your repo with a digger.yml
You need to prepare a digger.yml to configure your terraform projects. For that refer to our quickstart guides. For a quick one all you need would be a path to a directory and project name:
Setting up gitlab webhooks
In the repo where you are interested to integrate with digger you need to set up a webhook pointing to your digger hostname.
Go to Settings > Webhooks and add digger host name. Set the secret token as “abc123” (same as DIGGER_GITLAB_WEBHOOK_SECRET
) above.
make sure that “Comments” and “Merge request events” are selected for Trigger events. Finally you can save.
Create digger pipeline in your gitlab repo
To create a gitlab pipeline you can use a .gitlab-ci.yml file in the root of your file. In this you need to create a script which downloads digger binary and invokes it, the purpose here is to have this pipeline triggered by digger externally. Here is an example of such file:
This will instruct digger to run the “spec” which is composed and sent from the backend. That should be all you need to set up and try digger!
Test your setup
In order to test your setup try to create a pull request in your repo. After you Comment “digger plan” You should see in the backend logs that a webhook event was received and an initial comment should be triggered in your pull request. Your gitlab should also trigger and also perform a plan. If successful the job will comment back the plan as follows:
Repo allowlist
You can set DIGGER_REPO_ALLOW_LIST
env variable on the server to define a whitelist of repositories allowed to trigger Digger workflows in Gitlab. This is needed because unlike GitHub, there’s no concept of “apps” in Gitlab to allow granular control of per-repo access.