Initial (#2)

Author: xMoelletschi

.dockerignore

@@ -0,0 +1,8 @@
+.git/
+.gitignore
+.github/
+.releaserc.json
+Dockerfile
+*.md
+*_test.go
+*.test

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,36 @@
+---
+name: Bug Report
+about: Report a bug or unexpected behavior
+title: '[BUG] '
+labels: bug
+assignees: ''
+---
+
+## Description
+
+<!-- Describe what the bug is -->
+
+## Steps to Reproduce
+
+<!-- Provide steps to reproduce the issue -->
+
+```bash
+terraform-gitlab-drift scan --group my-group
+```
+
+## Expected vs Actual Behavior
+
+<!-- What should happen vs what actually happens -->
+
+## Error Output
+
+```
+<!-- Paste error logs here -->
+```
+
+## Environment
+
+- **OS**:
+- **Version**: <!-- terraform-gitlab-drift version -->
+- **GitLab**: <!-- gitlab.com or self-hosted version -->
+- **Installation**: <!-- binary/Docker/go install -->

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,32 @@
+---
+name: Feature Request
+about: Suggest a new feature or enhancement
+title: '[FEATURE] '
+labels: enhancement
+assignees: ''
+---
+
+## Description
+
+<!-- What feature would you like to see? -->
+
+## Problem
+
+<!-- What problem does this solve? Why is it needed? -->
+
+## Proposed Solution
+
+<!-- How should this work? -->
+
+```bash
+# Example usage
+terraform-gitlab-drift scan --new-flag
+```
+
+## Alternatives
+
+<!-- Any alternative solutions you've considered? -->
+
+## Additional Context
+
+<!-- Links, examples, or other context -->

.github/workflows/ci.yml

@@ -0,0 +1,48 @@
+name: CI
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+
+      - name: Run tests
+        run: go test -v -race -coverprofile=coverage.out ./...
+
+      - name: Upload coverage
+        uses: codecov/codecov-action@v4
+        with:
+          file: ./coverage.out
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v9
+        with:
+          version: latest
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+
+      - name: Build binary
+        run: go build -v -o bin/terraform-gitlab-drift .

.github/workflows/release.yml

@@ -0,0 +1,57 @@
+name: Release
+
+on:
+  push:
+    branches: [master]
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+
+      - name: Semantic Release
+        uses: cycjimmy/semantic-release-action@v4
+        with:
+          extra_plugins: |
+            @semantic-release/git
+            @semantic-release/changelog
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=semver,pattern={{version}}
+            type=raw,value=latest
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.gitignore

@@ -1,32 +1,14 @@
-# If you prefer the allow list template instead of the deny list, see community template:
-# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
-#
-# Binaries for programs and plugins
-*.exe
-*.exe~
-*.dll
-*.so
-*.dylib
+bin/
+.idea/
+.envrc
+tmp/
 
-# Test binary, built with `go test -c`
 *.test
 
-# Code coverage profiles and other test artifacts
 *.out
 coverage.*
 *.coverprofile
 profile.cov
 
-# Dependency directories (remove the comment below to include it)
-# vendor/
-
-# Go workspace file
 go.work
 go.work.sum
-
-# env file
-.env
-
-# Editor/IDE
-# .idea/
-# .vscode/

.releaserc.json

@@ -0,0 +1,16 @@
+{
+  "branches": ["master"],
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/changelog",
+    "@semantic-release/github",
+    [
+      "@semantic-release/git",
+      {
+        "assets": ["CHANGELOG.md"],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ]
+  ]
+}

Dockerfile

@@ -0,0 +1,17 @@
+FROM golang:1.25-alpine AS builder
+
+WORKDIR /build
+
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . .
+RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-w -s" -o terraform-gitlab-drift .
+
+FROM alpine:3.23.3
+
+RUN apk --no-cache add ca-certificates
+
+COPY --from=builder /build/terraform-gitlab-drift /usr/local/bin/terraform-gitlab-drift
+
+WORKDIR /workspace

Makefile

@@ -0,0 +1,24 @@
+.PHONY: build test lint fmt deps gotestsum test-update
+
+build:
+	go build -race -o bin/terraform-gitlab-drift .
+
+test:
+	go test -v -race -count=1 ./...
+
+lint:
+	golangci-lint run -v
+
+fmt:
+	go fmt ./...
+
+deps:
+	go mod download
+	go mod tidy
+	go mod verify
+
+gotestsum:
+	gotestsum --watch -- --count=1 --timeout=5s
+
+test-update:
+	UPDATE_GOLDEN=1 go test -v -count=1 ./...

README.md

@@ -1,2 +1,88 @@
 # terraform-gitlab-drift
-CLI tool to find GitLab resources missing from your Terraform code
+
+[![CI](https://github.com/xMoelletschi/terraform-gitlab-drift/actions/workflows/ci.yml/badge.svg)](https://github.com/xMoelletschi/terraform-gitlab-drift/actions/workflows/ci.yml)
+[![Release](https://img.shields.io/github/v/release/xMoelletschi/terraform-gitlab-drift)](https://github.com/xMoelletschi/terraform-gitlab-drift/releases)
+[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
+
+Detect GitLab resources not managed by Terraform and generate Terraform code to bring them under management.
+
+Uses the [GitLab Terraform Provider](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs) resource definitions.
+
+## Features
+
+- 🔍 **Drift Detection**: Scan GitLab groups and projects to identify resources not managed by Terraform
+- 📝 **Code Generation**: Automatically generate Terraform code for unmanaged resources
+- 🔄 **Diff Comparison**: Show differences between existing and generated Terraform configurations
+- 🐳 **Docker-ready**: Designed for CI/CD pipeline
+
+## Quick Start
+
+### Local Installation
+
+```bash
+go install github.com/xMoelletschi/terraform-gitlab-drift@latest
+terraform-gitlab-drift scan --group my-group
+```
+
+## GitLab CI Usage
+
+### Basic Drift Check
+
+```yaml
+drift-check:
+  image: ghcr.io/xmoelletschi/terraform-gitlab-drift:latest
+  script:
+    - terraform-gitlab-drift scan --group $CI_PROJECT_ROOT_NAMESPACE
+```
+
+## Configuration
+
+### Command-line Flags
+
+| Flag              | Environment Variable | Default              | Description                                       |
+| ----------------- | -------------------- | -------------------- | ------------------------------------------------- |
+| `--gitlab-token`  | `GITLAB_TOKEN`       | -                    | GitLab API token (required)                       |
+| `--gitlab-url`    | -                    | `https://gitlab.com` | GitLab instance URL                               |
+| `--group`         | -                    | -                    | Top-level group to scan (required for gitlab.com) |
+| `--terraform-dir` | -                    | `.`                  | Path to Terraform directory                       |
+| `--overwrite`     | -                    | `false`              | Overwrite files in terraform directory            |
+| `--show-diff`     | -                    | `true`               | Show diff between generated and existing files    |
+| `--verbose`, `-v` | -                    | `false`              | Enable verbose (debug) logging                    |
+| `--json`          | -                    | `false`              | Output logs in JSON format                        |
+
+### Supported Resources
+
+- ✅ GitLab Groups ([`gitlab_group`](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs/resources/group))
+- ✅ GitLab Projects ([`gitlab_project`](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs/resources/project))
+- 🚧 More resources coming soon
+
+## Contributing
+
+Contributions are welcome! Please:
+
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feature/amazing-feature`)
+3. Push to the branch (`git push origin feature/amazing-feature`)
+4. Open a Pull Request
+
+Please make sure to:
+
+- Add tests for new features
+- Update documentation as needed
+- Ensure CI checks pass
+
+## License
+
+This project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.
+
+## Acknowledgments
+
+Built with:
+
+- [Cobra](https://github.com/spf13/cobra) - CLI framework
+- [GitLab Go SDK](https://gitlab.com/gitlab-org/api/client-go) - GitLab API client
+- [HCL](https://github.com/hashicorp/hcl) - Terraform configuration parsing
+
+---
+
+**Note**: This tool is not affiliated with HashiCorp or GitLab.