Setup Frigg
❗This section is only applicable for customers that still utilize a non-docker version of Frigg, which is no longer available to new customers
Follow these steps to set up your Frigg repository in GitLab.
Prerequisites:
- one or more GitLab groups (with potential subgroups) that you want to start managing through Frigg
- a local copy of Frigg’s source code
Set up repository
- Create a Group Access Token called “Frigg API Token” with the scope
apion the GitLab group you want to manage. Hold onto the token. - Make a new GitLab project called “frigg” under the GitLab group you want to manage with Frigg. (In case you do not want to let Frigg manage itself as well, you can place Frigg outside this group.)
- Go to your Frigg project > Settings > CI/CD and add the following environment variables:
- GITLAB_BASE_GROUP: the GitLab short url of the base group you want to display your auth matrix for. E.g.
foo/bar. - GITLAB_FRIGG_PROJECT: the short GitLab ID of your Frigg project. E.g.
12345678. - GITLAB_TOKEN: the Group Access Token as created in step 1. Ensure to mark it as
masked. - GITLAB_URL: the URL of your GitLab instance. If using GitLab cloud it should be
https://gitlab.com. - RESOURCES_PATH: the path to the folder holding your resource files relative to Frigg’s backend folder. This guide assumes
./../resources.
Local environment
Before pushing any files to your Frigg project and attempting to apply any resources, let’s set up the local environment first.
Project Structure
- /backend contains a NodeJS application with all logic for exporting, validating, dry-running and applying resource files.
- /docs contains architecture decision records of Frigg.
- /pages-generator contains a NextJS project for generating the Auth Matrix.
- .gitlab-ci.yml contains CI/CD pipelines for applying Frigg resources.
- .tool-versions specifies the runtimes that should be used to run Frigg locally. See ASDF.
Local .env
Create a file named .env in /backend with the following variables.
- RESOURCES_PATH
- GITLAB_URL
- GITLAB_FRIGG_PROJECT
- GITLAB_TOKEN
These should correspond to the CI/CD variables in Frigg’s GitLab project.
Export GitLab
- Open your terminal in the root of your Frigg project.
- Set up your runtimes with ASDF.
- Run
cd backend - Run
yarn install - Run
yarn start --helpto see an overview of all commands - Run
yarn start --export-gitlab=<group_path,group_path2,...>to export your GitLab to resource files. The group paths should be the short GitLab URL, e.g.foo/bar.
If all steps run successfully, continue to the next step.
Adjust your defaults
Resources will leave out any configuration that matches the desired default configuration.
Open /backend/src/res/defaults.yaml. Adjust the default configuration values to your desire.
Make sure to re-run your exports to take the new defaults into account.
Dry-run apply
Let’s execute a local dry-run of applying the resource files once you’re content with the files exported to /resources in the previous steps:
- Open your terminal in
/backend - Run
yarn start --apply --dry-run - Observe the change list and resolve any validation errors printed to the console
The change list could contain only minimal changes, especially in case you haven’t adjusted any configuration after exporting resource files.
Finalising setup
To ensure Frigg can succesfully apply resource files, let’s run an actual apply locally before pushing to the repository:
- Open your terminal in
/backend - Run
yarn start --apply --dry-run=false - Resolve any issues if they occur
- Push Frigg to your Frigg repository on GitLab
This concludes the basic set up.
Scheduled Pipeline
Some people may accidentally change configuration outside of Frigg. To prevent a drifting discrepancy between your resource files and the actual configuration of your resources, let’s set up a scheduled pipeline which runs Frigg’s apply periodically:
- Go to your Frigg’s GitLab project > Build > Pipeline schedules.
- Create a new schedule with your default branch as target, and set it to active.