MitchellGerdisch
commented
2 years ago In case it helps, here's a prototype for a way to implement the MR preview feature without Gitlab SSO being required:
gitlab-ci.yml:
# This runs when a Merge Request is created or updated.
mr_preview:
only:
- merge_requests
script:
# Echo the Gitlab-provided environment variables related to MR.
- echo "CI_MERGE_REQUEST_PROJECT_ID ${CI_MERGE_REQUEST_PROJECT_ID}"
- echo "CI_MERGE_REQUEST_IID ${CI_MERGE_REQUEST_IID}"
# Select the stack based on the target branch name.
- pulumi stack select ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}
# Run bash script that uses Gitlab API to add a comment to the MR.
- chmod +x ./add_mr_note.sh
- ./add_mr_note.sh ${GITLAB_ACCESS_TOKEN} ${CI_MERGE_REQUEST_PROJECT_ID} ${CI_MERGE_REQUEST_IID}add_mr_note.sh script:
#!/bin/sh
if [ $# -ne 3 ]
then
echo "USAGE: $0 PRIVATE_TOKEN PROJECT_ID MR_IID"
exit 1
fi
token=${1}
project_id=${2}
mr_iid=${3}
mr_thread_id=${4}
# Gitlab API
project_api_url="https://gitlab.com/api/v4/projects/${project_id}"
mr_api_url="${project_api_url}/merge_requests/${mr_iid}"
body="\`\`\``pulumi preview --diff`"
curl --header "PRIVATE-TOKEN: ${token}" \
--request POST \
--form "body=${body}"\
${mr_api_url}/discussions
Hello!
Issue details
Currently, if one wants to use the GitLab Merge Request Comments integration: https://www.pulumi.com/docs/guides/continuous-delivery/gitlab-app/ then the relevant Pulumi user used for the GitLab webhook configuration needs to use GitLab SSO.
This request is to remove this constraint so that one can use, say, Okta SAML SSO with Pulumi and still leverage the Pulumi GitLab integration to augment GitLab Merge Request comments with Pulumi summary notes.
Affected area/feature
GitLab Integration: https://www.pulumi.com/docs/guides/continuous-delivery/gitlab-app/ SAML SSO support