Pulumi CI/CD & GitLab integration
With this GitLab integration, Pulumi is able to add summary notes to a GitLab Merge Request by using the merge request information posted to the Pulumi Cloud via GitLab Webhooks.
To enable the integration with your GitLab project, you will need to ensure you have done the following two things:
- Signup for a Pulumi account with your GitLab identity (or link your GitLab identity with an existing account.)
- If your GitLab Project is under a GitLab Group, ensure that the group is added to Pulumi as an organization
- You must have a GitLab identity associated with your Pulumi account.
- If you are integrating a GitLab project that is under a group, add an organization
- After you add the organization, ensure that it uses GitLab as its identity provider.
Configuring the GitLab Webhook
- Create a Pulumi access token using the account that you would like the merge request notes to be posted as. Save this token as we will use this momentarily in a following step.
- You can configure a Group Hook or a Project Hook. The configuration values you use are the same regardless of where the webhook is registered on GitLab.
- Configuring a webhook at the Group-level means that you don’t have to configure the webhook for every project manually. If you only want to configure a webhook for a certain project, then you may do that as well.
- Head-over to the Settings > Webhooks page of your Group or Project and fill out the form as follows:
- Secret Token:
<The Pulumi access token from above.>
- Uncheck all boxes and check just the Merge request events checkbox
- Ensure the checkbox under SSL verification is checked as shown below
- Click the Add webhook button.
That’s it! Now when you create a merge request and run Pulumi in a merge request pipeline, you should see notes in the MR that show a summary of the Pulumi preview. Learn how to run Pulumi in GitLab CI/CD.
Here’s a preview of what it looks like.
Disabling the Integration
If would like to disable the integration for a specific execution of Pulumi,
you can always set the
PULUMI_DISABLE_CI_DETECTION env var to
false without having to remove
the integration configuration itself.