Instead of manual configuration, our Terraform/OpenTofu module can be used.

terraform {
  required_providers {
    gitlab = {
      source = "registry.terraform.io/gitlabhq/gitlab"
    }
  }
}

provider "gitlab" {
  // Must have owner role (to create a runner) with api, create_runner, and manage_runner scopes.
  token = ""
}

module "cedarci" {
  source = "git::git@gitlab.com:cedarci/integration/terraform_cedarci.git?ref=main"
  config_user = "speedy"
  gitlab_group = "path/to/group"
  config_gitlab_enhanced = {
    // See https://doc.cedarci.com/config/enhanced/.
    // Increase default job resources.
    cpu = "8"
    memory = "32Gi"

    // Configure internal container registry mirror for all images within `gitlab_group`.
    // Useful when using bespoke containers for CI jobs.
    // registry_mirror_pair = "registry.gitlab.com"
    // See also `registry_mirror` to mirror other private registries.
  }

  // When using the free tier on gitlab.com a group API token is not allowed, so pass
  // in a user token directly. Perhaps the same used with Gitlab provider.
  // gitlab_api_token = ""
}

output "config_nonsensitive" {
  // Provides a pretty plan diff.
  value = module.cedarci.config_nonsensitive
}

Otherwise, create the required tokens and push to the config repository.

• Gitlab: Runner
• Gitlab: API
• Repository