How to use GitLab CICD variables in Terraform

How to use GitLab CICD variables in Terraform

Dhruv V, PMP Dhruv V, PMP

Dhruv V, PMP

PMP Certified AWS Cloud/DevOps engineer with expertise in automation, migration, and security. Actively looking for relevant roles.

发布日期: 2024年9月5日
+ 关注

To use GitLab CI/CD variables in Terraform, follow these steps.

1. Define CI/CD Variables in GitLab

First, define the necessary variables in GitLab. You can do this either at the project level or at the group level.

  • Go to your GitLab project.
  • Navigate to Settings > CI/CD > Variables.
  • Add your variables, e.g., AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or any other environment-specific configuration.

2. Reference CI/CD Variables in GitLab Pipeline (.gitlab-ci.yml)

In your GitLab pipeline configuration file (.gitlab-ci.yml), you can reference the CI/CD variables using the following syntax. 

stages:
  - apply

variables:
  TF_ROOT: "terraform"

before_script:
  - cd $TF_ROOT

apply_terraform:
  stage: apply
  script:
    - terraform init
    - terraform apply -auto-approve
  only:
    - main
  environment:
    name: production
  tags:
    - terraform

In this pipeline, we specify the Terraform root directory, navigate to it, and run the terraform apply command.

3. Access CI/CD Variables in Terraform Configuration

In your Terraform configuration (.tf files), use terraform input variables to access the CI/CD variables. You can use environment variables from GitLab CI/CD directly.

For example, let's say you have AWS credentials defined in GitLab CI/CD variables.

领英推荐

provider "aws" {
  access_key = var.aws_access_key
  secret_key = var.aws_secret_key
  region     = var.aws_region
}

In your variables.tf, define the input variables: 

variable "aws_access_key" {
  description = "AWS Access Key"
  type        = string
}

variable "aws_secret_key" {
  description = "AWS Secret Key"
  type        = string
}

variable "aws_region" {
  description = "AWS Region"
  type        = string
  default     = "us-west-2"
}

4. Pass GitLab CI/CD Variables to Terraform

GitLab automatically exposes CI/CD variables to the job environment as environment variables, so Terraform can pick them up without additional configuration. However, you can explicitly pass them using TF_VAR_ prefix.

In .gitlab-ci.yml, add. 

variables:
  TF_VAR_aws_access_key: $AWS_ACCESS_KEY_ID
  TF_VAR_aws_secret_key: $AWS_SECRET_ACCESS_KEY
  TF_VAR_aws_region: $AWS_REGION

5. Example of .gitlab-ci.yml with Terraform

Here’s an example pipeline file that uses GitLab CI/CD variables with Terraform. 

stages:
  - plan
  - apply

variables:
  TF_VAR_aws_access_key: $AWS_ACCESS_KEY_ID
  TF_VAR_aws_secret_key: $AWS_SECRET_ACCESS_KEY
  TF_VAR_aws_region: $AWS_REGION

before_script:
  - cd terraform

plan:
  stage: plan
  script:
    - terraform init
    - terraform plan
  only:
    - merge_requests
  tags:
    - terraform

apply:
  stage: apply
  script:
    - terraform init
    - terraform apply -auto-approve
  only:
    - main
  tags:
    - terraform

With this setup, GitLab CI/CD variables like AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are passed to Terraform as environment variables and used during Terraform execution.

要查看或添加评论,请登录

Dhruv V, PMP的更多文章

社区洞察

其他会员也浏览了