Repository

A remote repository acts as a backup for all your code and makes it much easier to setup continuous integration, CI (testing, linting etc). We'll use gitlab, although you could also use github.

Rather than creating the repository through gitlab's UI we'll use Terraform as setup previously. To do so we'll first need an access token. This token is a secret, and hence best placed in the infrastructure/secrets.auto.tfvars as so,

gitlab_token = "abc1234"

We can then instruct terraform to use the gitlab provider to create a gitlab project, called tozo (change as appropriate ), by adding the following to infrastructure/main.tf,

terraform {
  required_providers {
    gitlab = {
      source  = "gitlabhq/gitlab"
      version = ">=3.3.0"
    }
  }
  required_version = ">=0.14"
}

to configure terraform with gitlab, and then the following to infrastructure/gitlab.tf,

variable "gitlab_token" {
  sensitive = true
}

provider "gitlab" {
  token = var.gitlab_token
}

resource "gitlab_project" "tozo" {
  name             = "tozo"
  visibility_level = "private"
  default_branch   = "main"
}

which you can then apply via following commands,

terraform init
terraform apply

Committing and pushing

Now we've run these commands we should encrypt the secrets and state as both have now changed,

ansible-vault encrypt secrets.auto.tfvars --output=secrets.auto.tfvars.vault
ansible-vault encrypt terraform.tfstate --output=terraform.tfstate.vault

which should result in these useful files in the repository,

tozo
├── backend
├── frontend
└── infrastructure
    ├── .gitignore
    ├── ansible.cfg
    ├── gitlab.tf
    ├── main.tf
    ├── secrets.auto.tfvars
    ├── secrets.auto.tfvars.vault
    ├── terraform.tfstate
    └── terraform.tfstate.vault

so lets commit those (excluding secrets.auto.tfvars and terraform.tfstate) and push to the remote (with your namespace and project names),

git remote add origin git@gitlab.com:namespace/tozo
git push origin main