Trigegr Gitlab CI/CD via API call

This lab makes use of Gitlab CI to configure firewall on VyOS

Step 1 - Setup playbook & inventory file

Step 2 - Trigger playbook locally by giving values during runtime and test

ansible-playbook -i ../inventory -e "address=1.1.1.1" -e "dst_port=8081" -e "protocol=udp" -e "fw_action=reject" vyos-firewall-demo2.yml -l router.a03.labs.sanog.org

Step 3 - Update Gitlab CI config. Look for config of this project itself

Step 4 - Create Gitlab CI/CD trigger token

To create a trigger token:

1. On the top bar, select Menu > Projects and find your project.
2. On the left sidebar, select Settings > CI/CD. Expand Pipeline triggers. Enter a description and select Add trigger. You can view and copy the full token for all triggers you have created. You can only see the first 4 characters for tokens created by other project members.

Detailed documentation about trigger tokens here.

Step 5 - Install jq

Install jq on your server to make parsing json easy in command line

sudo apt install -y jq

Step 6 - Trigger job via API call using curl on your Server

Remember to update values which are inside < >

curl -s --request POST --form token=<token> --form ref=<branch> --form "variables[job]=vyos_fw" --form "variables[dst_port]=<Destination PORT value here>" --form "variables[protocol]=<Protocol here>" --form "variables[address]=<address here>" --form "variables[fw_action]=<ACTION here>" "https://gitlab.com/api/v4/projects/<PROJECT ID HERE>/trigger/pipeline" | jq .

Here’s a sample with filled in values

curl -s --request POST --form token=glptt-aa445351f72e0dgerg1817c9019fefb1b55d --form ref=master --form "variables[job]=vyos_fw" --form "variables[dst_port]=8081" --form "variables[protocol]=tcp" --form "variables[address]=10.11.12.16" --form "variables[fw_action]=accept" "https://gitlab.com/api/v4/projects/43600072/trigger/pipeline" | jq .