Title
#help
m

Michael Park

11/15/2022, 11:03 AM
Hello team, thank you for such an amazing tool. I am setting up the gitlab ci/cd using the provided template but passing the INFRACOST_API_KEY that I have generated in my account says that the key is invalid when used. Is there an additional step that is required before adding an API key to the gitlab-ci.yml file? Do I need to auth with it first on my local machine to use it?
11:05 AM
Step for reference (based on the template in your docs with the private modules portion removed as it wasn't relevant for me:
infracost:
  stage: infracost
  dependencies:
    - checkov
    - tfsec
  image:
    name: infracost/infracost:ci-0.10
    entrypoint: [""]
  script:
    # Clone the base branch of the pull request (e.g. main/master) into a temp directory.
    - git clone $CI_REPOSITORY_URL --branch=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME --single-branch /tmp/base

    # Generate an Infracost cost snapshot from the comparison branch, so that Infracost can compare the cost difference.
    - |
      infracost breakdown --path=/tmp/base/${TF_ROOT} \
                          --format=json \
                          --out-file=infracost-base.json

    # Generate an Infracost diff and save it to a JSON file.
    - |
      infracost diff --path=${TF_ROOT} \
                     --compare-to=infracost-base.json \
                     --format=json \
                     --out-file=infracost.json
    - |
      infracost comment gitlab --path=infracost.json \
                               --repo=$CI_PROJECT_PATH \
                               --merge-request=$CI_MERGE_REQUEST_IID \
                               --gitlab-server-url=$CI_SERVER_URL \
                               --gitlab-token=$GITLAB_TOKEN \
                               --behavior=update
  variables:
    INFRACOST_API_KEY: $INFRACOST_API_KEY
    GITLAB_TOKEN: $GITLAB_TOKEN # With `api` scope to post merge request comments

  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
Vadim (Infracost)

Vadim (Infracost)

11/15/2022, 11:26 AM
Hello! Thank you for the nice words! 🙂 May I ask you what the exact error you see?
m

Michael Park

11/15/2022, 11:31 AM
Of course,
11:32 AM
Defined api key here in CI/CD section of gitlab
Vadim (Infracost)

Vadim (Infracost)

11/15/2022, 11:39 AM
Interesting. Everything looks correct to me 🤔 May I ask if your GitLab runner is linux or windows based?
11:43 AM
Can you also DM me your Org ID? It can be found in /org/settings in Infracost Cloud
m

Michael Park

11/15/2022, 11:49 AM
Yes I can one moment, thank you for the help
11:49 AM
I am assuming linux based, but isn't the infracost image determining whether it is linux or windows based?
Vadim (Infracost)

Vadim (Infracost)

11/15/2022, 11:52 AM
The image will run the commands, yes. But there is a difference how to pass
$INFRACOST_API_KEY
to the container. For example, in Windows I'd need to use
$env:INFRACOST_API_KEY
instead
12:14 PM
From your screenshot I see that you made the env var protected. Our quick start guide suggests to untick the "Protect variable" option to ensure it can be used for all MRs. Can you try to do that?
m

Michael Park

11/15/2022, 1:14 PM
That was it, thank you so much @Vadim (Infracost)
Vadim (Infracost)

Vadim (Infracost)

11/15/2022, 1:16 PM
Awesome, glad I could help! 🙂