GitlabDefaults
Specifies a resource used internally in Frigg to allow for templating GitlabGroups and GitlabProjects.
Schema
GitlabDefaults
| property | type | description |
|---|---|---|
| version | string, required | Version of Frigg to use. Should be 1. |
| kind | GitlabDefaults, required | Kind of resource you want to specify |
| gitlabLicense | Free or Premium | The license tier of the gitlab instance (top level group) |
| metadata | object, required | Data used by Frigg internally |
| metadata.name | string, required | Name used to reference this resource from other resources |
| spec | object, required | State you want the resource to have |
| spec.groupConfig | GitlabGroupConfig, required | Should include all properties. |
| spec.projectConfig | GitlabProjectConfig, required | Should include all properties. |
| spec.approvalsConfig | GitlabApprovalsConfig, required | Should include all properties. |
| spec.approvalRules | GitlabApprovalRule array, required | Should include all properties. |
| spec.pushRules | GitlabPushRule, required | Should include all properties. |
| spec.protectedBranches | GitlabProtectedBranch array, required | Should include all properties. |
Example
version: '1'
kind: GitlabDefaults
metadata:
name: GitlabDefaults
spec:
groupConfig:
autoDevopsEnabled: false
defaultBranchProtection: 2
description: ''
emailsEnabled: true
lfsEnabled: true
membershipLock: false
mentionsDisabled: false
projectCreationLevel: maintainer
requestAccessEnabled: true
requireTwoFactorAuthentication: true
shareWithGroupLock: false
subgroupCreationLevel: owner
twoFactorGracePeriod: 48
visibility: private
projectConfig:
allowMergeOnSkippedPipeline: false
allowPipelineTriggerApproveDeployment: false
analyticsAccessLevel: enabled
autoCancelPendingPipelines: enabled
autoDevopsDeployStrategy: continuous
autoDevopsEnabled: false
autocloseReferencedIssues: true
buildGitStrategy: fetch
buildTimeout: 3600
buildsAccessLevel: enabled
ciAllowForkPipelinesToRunInParentProject: true
ciConfigPath: ''
ciDefaultGitDepth: 20
ciForwardDeploymentEnabled: true
ciSeparatedCaches: true
containerExpirationPolicyAttributes:
cadence: 1d
enabled: false
keepN: 10
nameRegexDelete: .*
nameRegexKeep: ''
olderThan: 90d
containerRegistryAccessLevel: enabled
defaultBranch: main
description: ''
emailsEnabled: true
enforceAuthChecksOnUploads: true
externalAuthorizationClassificationLabel: ''
featureFlagsAccessLevel: enabled
forkingAccessLevel: enabled
groupRunnersEnabled: true
infrastructureAccessLevel: enabled
issueBranchTemplate: ''
issuesAccessLevel: enabled
issuesTemplate: ''
keepLatestArtifact: true
lfsEnabled: true
mergeCommitTemplate: ''
mergeMethod: ff
mergePipelinesEnabled: true
mergeRequestsAccessLevel: private
mergeRequestsTemplate: ''
mergeTrainsEnabled: false
mirror: false
monitorAccessLevel: enabled
onlyAllowMergeIfAllDiscussionsAreResolved: true
onlyAllowMergeIfPipelineSucceeds: true
packagesEnabled: true
pagesAccessLevel: private
printingMergeRequestLinkEnabled: true
releasesAccessLevel: enabled
removeSourceBranchAfterMerge: true
repositoryAccessLevel: enabled
requestAccessEnabled: false
requirementsAccessLevel: enabled
resolveOutdatedDiffDiscussions: false
restrictUserDefinedVariables: false
securityAndComplianceAccessLevel: private
serviceDeskEnabled: true
sharedRunnersEnabled: true
sharedWithGroups: []
snippetsAccessLevel: disabled
squashCommitTemplate: ''
squashOption: default_off
suggestionCommitMessage: ''
topics: []
visibility: private
wikiAccessLevel: disabled
approvalsConfig:
disableOverridingApproversPerMergeRequest: false
mergeRequestsAuthorApproval: false
mergeRequestsDisableCommittersApproval: false
requirePasswordToApprove: false
resetApprovalsOnPush: true
approvalRules:
- name: Approval rule
appliesToAllProtectedBranches: false
approvalsRequired: 1
groupIds: []
protectedBranchIds: []
ruleType: any_approver
usernames: []
pushRules:
commitMessageRegex: ''
commitMessageNegativeRegex: ''
branchNameRegex: ''
authorEmailRegex: ''
fileNameRegex: ''
maxFileSize: 0
rejectUnsignedCommits: false
commitCommitterCheck: false
preventSecrets: false
memberCheck: false
denyDeleteTag: false
protectedBranches:
- name: main
allowForcePush: false
codeOwnerApprovalRequired: false
mergeAccessLevels:
- maintainer
pushAccessLevels:
- maintainer
unprotectedAccessLevels: []