Project
data class ProjectProtectedEnvironmentArgs(val approvalRules: Output<List<ProjectProtectedEnvironmentApprovalRuleArgs>>? = null, val deployAccessLevels: Output<List<ProjectProtectedEnvironmentDeployAccessLevelArgs>>? = null, val environment: Output<String>? = null, val project: Output<String>? = null, val requiredApprovalCount: Output<Int>? = null) : ConvertibleToJava<ProjectProtectedEnvironmentArgs>
The gitlab.ProjectProtectedEnvironment resource allows to manage the lifecycle of a protected environment in a project.
In order to use a user or group in the
deploy_access_levelsconfiguration, you need to make sure that users have access to the project and groups must have this project shared. You may use thegitlab.ProjectMembershipandgitlab_project_shared_groupresources to achieve this. Unfortunately, the GitLab API does not complain about users and groups without access to the project and just ignores those. In case this happens you will get perpetual state diffs. Upstream API: GitLab REST API docs
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gitlab.ProjectEnvironment;
import com.pulumi.gitlab.ProjectEnvironmentArgs;
import com.pulumi.gitlab.ProjectProtectedEnvironment;
import com.pulumi.gitlab.ProjectProtectedEnvironmentArgs;
import com.pulumi.gitlab.inputs.ProjectProtectedEnvironmentDeployAccessLevelArgs;
import com.pulumi.gitlab.inputs.ProjectProtectedEnvironmentApprovalRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var this_ = new ProjectEnvironment("this", ProjectEnvironmentArgs.builder()
.project(123)
.externalUrl("www.example.com")
.build());
// Example with deployment access level
var exampleWithAccessLevel = new ProjectProtectedEnvironment("exampleWithAccessLevel", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.requiredApprovalCount(1)
.environment(this_.name())
.deployAccessLevels(ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.accessLevel("developer")
.build())
.build());
// Example with group-based deployment level
var exampleWithGroup = new ProjectProtectedEnvironment("exampleWithGroup", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.environment(this_.name())
.deployAccessLevels(ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.groupId(456)
.build())
.build());
// Example with user-based deployment level
var exampleWithUser = new ProjectProtectedEnvironment("exampleWithUser", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.environment(this_.name())
.deployAccessLevels(ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.userId(789)
.build())
.build());
// Example with multiple deployment access levels
var exampleWithMultipleProjectProtectedEnvironment = new ProjectProtectedEnvironment("exampleWithMultipleProjectProtectedEnvironment", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.requiredApprovalCount(2)
.environment(this_.name())
.deployAccessLevels(
ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.accessLevel("developer")
.build(),
ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.groupId(456)
.build(),
ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.userId(789)
.build())
.build());
// Example with access-level based approval rules
var exampleWithMultipleIndex_projectProtectedEnvironmentProjectProtectedEnvironment = new ProjectProtectedEnvironment("exampleWithMultipleIndex/projectProtectedEnvironmentProjectProtectedEnvironment", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.requiredApprovalCount(2)
.environment(this_.name())
.deployAccessLevels(ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.accessLevel("developer")
.build())
.approvalRules(ProjectProtectedEnvironmentApprovalRuleArgs.builder()
.access_level("developer")
.build())
.build());
// Example with multiple approval rules, using access level, user, and group
var exampleWithMultipleGitlabIndex_projectProtectedEnvironmentProjectProtectedEnvironment = new ProjectProtectedEnvironment("exampleWithMultipleGitlabIndex/projectProtectedEnvironmentProjectProtectedEnvironment", ProjectProtectedEnvironmentArgs.builder()
.project(this_.project())
.requiredApprovalCount(2)
.environment(this_.name())
.deployAccessLevels(ProjectProtectedEnvironmentDeployAccessLevelArgs.builder()
.accessLevel("developer")
.build())
.approvalRules(
ProjectProtectedEnvironmentApprovalRuleArgs.builder()
.user_id(789)
.build(),
ProjectProtectedEnvironmentApprovalRuleArgs.builder()
.access_level("developer")
.build(),
ProjectProtectedEnvironmentApprovalRuleArgs.builder()
.group_id(456)
.build())
.build());
}
}Content copied to clipboard
resources:
this:
type: gitlab:ProjectEnvironment
properties:
project: 123
externalUrl: www.example.com
# Example with deployment access level
exampleWithAccessLevel:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
requiredApprovalCount: 1
environment: ${this.name}
deployAccessLevels:
- accessLevel: developer
# Example with group-based deployment level
exampleWithGroup:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
environment: ${this.name}
deployAccessLevels:
- groupId: 456
# Example with user-based deployment level
exampleWithUser:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
environment: ${this.name}
deployAccessLevels:
- userId: 789
# Example with multiple deployment access levels
exampleWithMultipleProjectProtectedEnvironment:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
requiredApprovalCount: 2
environment: ${this.name}
deployAccessLevels:
- accessLevel: developer
- groupId: 456
- userId: 789
# Example with access-level based approval rules
exampleWithMultipleIndex/projectProtectedEnvironmentProjectProtectedEnvironment:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
requiredApprovalCount: 2
environment: ${this.name}
deployAccessLevels:
- accessLevel: developer
approvalRules:
- access_level: developer
# Example with multiple approval rules, using access level, user, and group
exampleWithMultipleGitlabIndex/projectProtectedEnvironmentProjectProtectedEnvironment:
type: gitlab:ProjectProtectedEnvironment
properties:
project: ${this.project}
requiredApprovalCount: 2
environment: ${this.name}
deployAccessLevels:
- accessLevel: developer
approvalRules:
- user_id: 789
- access_level: developer
- group_id: 456Content copied to clipboard
Import
GitLab protected environments can be imported using an id made up of projectId:environmentName, e.g.
$ pulumi import gitlab:index/projectProtectedEnvironment:ProjectProtectedEnvironment bar 123:productionContent copied to clipboard
Constructors
Link copied to clipboard
constructor(approvalRules: Output<List<ProjectProtectedEnvironmentApprovalRuleArgs>>? = null, deployAccessLevels: Output<List<ProjectProtectedEnvironmentDeployAccessLevelArgs>>? = null, environment: Output<String>? = null, project: Output<String>? = null, requiredApprovalCount: Output<Int>? = null)
Properties
Link copied to clipboard
Array of approval rules to deploy, with each described by a hash.
Link copied to clipboard
Array of access levels allowed to deploy, with each described by a hash.
Link copied to clipboard
The name of the environment.
Link copied to clipboard
The number of approvals required to deploy to this environment.