Hello team thank you for such an amazing tool I am setting u Infracost Community #help

$https://infracost.io logo$

Hello team, thank you for such an amazing tool. I ...

bulky-pizza-7116

11/15/2022, 11:03 AM

Hello team, thank you for such an amazing tool. I am setting up the gitlab ci/cd using the provided template but passing the INFRACOST_API_KEY that I have generated in my account says that the key is invalid when used. Is there an additional step that is required before adding an API key to the gitlab-ci.yml file? Do I need to auth with it first on my local machine to use it?

bulky-pizza-7116

11/15/2022, 11:05 AM

Step for reference (based on the template in your docs with the private modules portion removed as it wasn't relevant for me:

Copy code

infracost:
  stage: infracost
  dependencies:
    - checkov
    - tfsec
  image:
    name: infracost/infracost:ci-0.10
    entrypoint: [""]
  script:
    # Clone the base branch of the pull request (e.g. main/master) into a temp directory.
    - git clone $CI_REPOSITORY_URL --branch=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME --single-branch /tmp/base

    # Generate an Infracost cost snapshot from the comparison branch, so that Infracost can compare the cost difference.
    - |
      infracost breakdown --path=/tmp/base/${TF_ROOT} \
                          --format=json \
                          --out-file=infracost-base.json

    # Generate an Infracost diff and save it to a JSON file.
    - |
      infracost diff --path=${TF_ROOT} \
                     --compare-to=infracost-base.json \
                     --format=json \
                     --out-file=infracost.json
    - |
      infracost comment gitlab --path=infracost.json \
                               --repo=$CI_PROJECT_PATH \
                               --merge-request=$CI_MERGE_REQUEST_IID \
                               --gitlab-server-url=$CI_SERVER_URL \
                               --gitlab-token=$GITLAB_TOKEN \
                               --behavior=update
  variables:
    INFRACOST_API_KEY: $INFRACOST_API_KEY
    GITLAB_TOKEN: $GITLAB_TOKEN # With `api` scope to post merge request comments

  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'

busy-agent-35515

11/15/2022, 11:26 AM

Hello! Thank you for the nice words! 🙂 May I ask you what the exact error you see?

bulky-pizza-7116

11/15/2022, 11:31 AM

Of course,

bulky-pizza-7116

11/15/2022, 11:32 AM

Defined api key here in CI/CD section of gitlab

busy-agent-35515

11/15/2022, 11:39 AM

Interesting. Everything looks correct to me 🤔 May I ask if your GitLab runner is linux or windows based?

busy-agent-35515

11/15/2022, 11:43 AM

Can you also DM me your Org ID? It can be found in /org/settings in Infracost Cloud

bulky-pizza-7116

11/15/2022, 11:49 AM

Yes I can one moment, thank you for the help

bulky-pizza-7116

11/15/2022, 11:49 AM

I am assuming linux based, but isn't the infracost image determining whether it is linux or windows based?

busy-agent-35515

11/15/2022, 11:52 AM

The image will run the commands, yes. But there is a difference how to pass

$INFRACOST_API_KEY

to the container. For example, in Windows I'd need to use

$env:INFRACOST_API_KEY

instead

busy-agent-35515

11/15/2022, 12:14 PM

From your screenshot I see that you made the env var protected. Our quick start guide suggests to untick the "Protect variable" option to ensure it can be used for all MRs. Can you try to do that?

bulky-pizza-7116

11/15/2022, 1:14 PM

That was it, thank you so much @busy-agent-35515

busy-agent-35515

11/15/2022, 1:16 PM

Awesome, glad I could help! 🙂

3 Views

Open in Slack

Previous Next