Skip to content

Instantly share code, notes, and snippets.

@RothAndrew

RothAndrew/gitlab_set_personal_access_token.tf

Last active September 24, 2020 21:32
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save RothAndrew/e1c8d3e183293d3fadb6cdbf64a3475d to your computer and use it in GitHub Desktop.
Save RothAndrew/e1c8d3e183293d3fadb6cdbf64a3475d to your computer and use it in GitHub Desktop.
Download ZIP
Idempotently create a Personal Access Token for a user in GitLab running in Kubernetes
Raw
gitlab_set_personal_access_token.tf
// WARNING: Don’t mess with gitlab-rails runner unless you REALLY know what you are doing.
// It gives root-level access to EVERYTHING at the database level.
// Idempotently create a Personal Access Token for a user in GitLab running in Kubernetes
// USE AT YOUR OWN RISK
resource "null_resource" "set_gitlab_personal_access_token" {
triggers = {
uuid = uuid()
}
provisioner "local-exec" {
command = "kubectl exec -n gitlab -c task-runner $(kubectl get pod -n gitlab -l \"app=task-runner\" -o jsonpath='{.items[0].metadata.name}') -- gitlab-rails runner 'user = User.find_by_username(\"'\"$GITLAB_USER\"'\"); tokens = user.personal_access_tokens; token = tokens.find_by(name: \"'\"$TOKEN_NAME\"'\"); token = user.personal_access_tokens.create(scopes: [:api, :sudo], name: \"'\"$TOKEN_NAME\"'\") unless token.present?; token.set_token(\"'\"$TOKEN_VALUE\"'\"); token.save!'"
environment = {
GITLAB_USER = "root"
KUBECONFIG = abspath(local_file.kubeconfig.filename)
TOKEN_NAME = "terraform"
TOKEN_VALUE = random_password.gitlab_root_user_personal_access_token.result
}
}
depends_on = [
null_resource.helmfile_deployments
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment