diff --git a/CHANGELOG.md b/CHANGELOG.md
index 392bbefa6ef5fd315a87df396f4fc9f2aefbbf5a..288d8b68176141ce77176c57f38b073f39bf387f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,10 +4,48 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
---
-## [Unreleased]
+## [1.0.3]
+
+* Added [Gitlab](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab)
+* Added ability to provide multiple registry credentials while maintaining current capabilities:
+
+```
+registryCredentials:
+ username: registry1user
+ password: somesecretpassword
+```
+
+or
+```
+registryCredentials:
+- registry: registry1.dso.mil
+ username: registry1user
+ password: somesecretpassword
+- registry: registry.dsop.io
+ username: registry1user
+ password: somesecretpassword
+- registry: somewhere.else.io
+ username: someuser
+ password: someothersecret
+```
+will correctly create the ImagePullSecrets for all those registries
+
+
+## [1.0.2]
### Changed
+* Updated istio-controlplane to [1.7.3-bb.5](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane/-/tags/1.7.3-bb.5) to allow
+for setting ingressgateway to use nodeports
+
+## [1.0.1]
+
+
+### Changed
+
+* Updated Istio Control plane to support Node Ports for ingressGateway
+* Update Istio Control plane to support SSO for Kiali and Jaeger
+* Update Authservice to refact definitions of filter chains
* Updated documentation
---
diff --git a/Packages.md b/Packages.md
index b1366fbfa3603f0d0db73ed9448b288c416d9887..aec07a16b5df99b5eef937649efc770fb75d45cf 100644
--- a/Packages.md
+++ b/Packages.md
@@ -4,25 +4,28 @@
| Package | Status |
| ---- | --- |
-| Istio Operator |  |
-| Istio Controlplane |  |
-| Monitoring |  |
-| ECK Operator |  |
-| Elasticsearch Kibana | |
-| Fluentbit |  |
-| OPA Gatekeeper |  |
-| Argocd | |
-| Cluster Auditor |  |
+| [Istio Operator](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator) |  |
+| [Istio Controlplane](https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane) |  |
+| [Monitoring](https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring) |  |
+| [ECK Operator](https://repo1.dso.mil/platform-one/big-bang/apps/core/eck-operator) |  |
+| [Elasticsearch Kibana](https://repo1.dso.mil/platform-one/big-bang/apps/core/elasticsearch-kibana) | |
+| [Fluentbit](https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit) |  |
+| [OPA Gatekeeper](https://repo1.dso.mil/platform-one/big-bang/apps/core/policy) |  |
+| [Argocd](https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd) | |
+| [Cluster Auditor](https://repo1.dso.mil/platform-one/big-bang/apps/core/cluster-auditor) |  |
## Security
| Package | Status |
| ---- | --- |
-| Keycloak |  |
-| Twistlock |  |
+| [Keycloak](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak) |  |
+| [Twistlock](https://repo1.dsop.io/platform-one/big-bang/apps/security-tools/twistlock) |  |
+| [Anchore Enterprise](https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise) | 
+| [Authservice](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/authservice) | 
## Development Tools
| Package | Status |
| ---- | --- |
-| Gitlab Runner |  |
+| [Gitlab](https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab) |  |
+| [Gitlab Runner](https://repo1.dsop.io/platform-one/big-bang/apps/developer-tools/gitlab-runner) |  |
diff --git a/base/gitrepository.yaml b/base/gitrepository.yaml
index 1ae1a886217e5f06411f0cdd70190019934a66f1..0954604e87802f2994e0dd663285ea03d492e584 100644
--- a/base/gitrepository.yaml
+++ b/base/gitrepository.yaml
@@ -11,4 +11,4 @@ spec:
interval: 10m
url: https://repo1.dsop.io/platform-one/big-bang/umbrella.git
ref:
- tag: 0.0.2
\ No newline at end of file
+ tag: 1.0.3
\ No newline at end of file
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index fae0cedf16ec1fd7bdf177948555d7b655fbfd18..31824a72ea6c69a7b699ab42b35560c5da3b9d32 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,3 +1,3 @@
apiVersion: v2
name: bigbang
-version: 1.0.2
+version: 1.0.3
diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt
new file mode 100644
index 0000000000000000000000000000000000000000..11d51c6c531568031b6a057d02ec6122d18d0655
--- /dev/null
+++ b/chart/templates/NOTES.txt
@@ -0,0 +1,96 @@
+Thank you for supporting PlatformOne!
+
+{{ if $.Values.addons.gitlab.enabled }}
+Gitlab is enabled.
+Please follow the Gitlab online documentation for proper configuration.
+Here is an example of how to configure external perstistent storage for postgres DB and object storage.
+
+addons:
+ gitlab:
+ enabled: true
+ values:
+ postgresql:
+ install: false
+ global:
+ minio:
+ enabled: false
+ psql:
+ host: postgres-postgresql-headless.postgres.svc.cluster.local
+ port: 5432
+ username: postgres
+ database: postgres
+ password:
+ secret: db-credentials
+ key: PGPASSWORD
+ registry:
+ bucket: gitlab-registry-storage
+ appConfig:
+ lfs:
+ bucket: gitlab-lfs
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ artifacts:
+ bucket: gitlab-artifacts
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ uploads:
+ bucket: gitlab-uploads
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ packages:
+ bucket: gitlab-packages
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ externalDiffs:
+ bucket: gitlab-mr-diffs
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ terraformState:
+ enabled: false
+ bucket: gitlab-terraform-state
+ connection:
+ secret: gitlab-object-storage
+ key: rails
+ backups:
+ bucket: gitlab-backup
+ tmpBucket: gitlab-backup-tmp
+ gitlab:
+ task-runner:
+ psql:
+ host: postgres-postgresql-headless.postgres.svc.cluster.local
+ port: 5432
+ username: postgres
+ database: postgres
+ password:
+ secret: db-credentials
+ key: PGPASSWORD
+ backups:
+ objectStorage:
+ config:
+ secret: gitlab-object-storage
+ key: backups
+ registry:
+ storage:
+ secret: gitlab-object-storage
+ key: registry
+
+
+{{- if $.Values.addons.gitlab.values.postgresql.install }}
+PLATFORM ONE GITLAB WARNING:
+ You have enabled an internal postgres database in the values configuration.
+ PlatformOne does not support this option for production deployments because your persistent data can be permanently lost.
+ This option should only be used for development or CI pipelines.
+{{- end -}}
+
+{{- if $.Values.addons.gitlab.values.global.minio.enabled }}
+PLATFORM ONE GITLAB WARNING:
+ You have enabled a MinIO internal service in the values configuration.
+ PlatformOne does not support this option for production deployments because your persistent data can be permanently lost.
+ This option should only be used for development or CI pipelines.
+{{- end }}
+{{- end }}
diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl
index 0b3344918e2e2c1233fe8c6df14fa2763a9b7da1..7d880f70c297d911f473022ea70648bbb5126124 100644
--- a/chart/templates/_helpers.tpl
+++ b/chart/templates/_helpers.tpl
@@ -1,7 +1,32 @@
{{- define "imagePullSecret" }}
-{{- with .Values.registryCredentials }}
-{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
+ {{- if .Values.registryCredentials -}}
+ {{- $credType := typeOf .Values.registryCredentials -}}
+ {{- /* If we have a list, embed that here directly. This allows for complex configuration from configmap, downward API, etc. */ -}}
+ {{- if eq $credType "[]interface {}" -}}
+ {{- include "multipleCreds" . | b64enc }}
+ {{- else if eq $credType "map[string]interface {}" }}
+ {{- /* If we have a map, treat those as key-value pairs. */ -}}
+ {{- with .Values.registryCredentials }}
+ {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
+ {{- end }}
+ {{- end -}}
+ {{- end }}
{{- end }}
+
+{{- define "multipleCreds" -}}
+{
+ "auths": {
+ {{- $length := len .Values.registryCredentials }}
+ {{- range $index, $entry := .Values.registryCredentials }}
+ "{{- $entry.registry }}": {
+ "username{{ $index }}":"{{- $entry.username }}",
+ "password":"{{- $entry.password }}",
+ "email":"{{- $entry.email }}",
+ "auth":"{{- (printf "%s:%s" $entry.username $entry.password | b64enc) }}"
+ }{{- if ne $length (add $index 1) }},{{- end }}
+ {{- end }}
+ }
+}
{{- end }}
{{/*
diff --git a/chart/templates/argocd/namespace.yaml b/chart/templates/argocd/namespace.yaml
index f267596ebf537f72f62cff7001c8e0a6c507029a..5c5537b0284c6efb044b2794bef08eb09880968c 100644
--- a/chart/templates/argocd/namespace.yaml
+++ b/chart/templates/argocd/namespace.yaml
@@ -7,7 +7,7 @@ metadata:
name: argocd
---
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/clusterauditor/namespace.yaml b/chart/templates/clusterauditor/namespace.yaml
index 768328796bfcd3a7a87fa365e72bbb804ba4042f..5fbb31f86282a5556e059e54c4b339e27c41fce9 100644
--- a/chart/templates/clusterauditor/namespace.yaml
+++ b/chart/templates/clusterauditor/namespace.yaml
@@ -7,7 +7,7 @@ metadata:
name: cluster-auditor
---
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/gatekeeper/namespace.yaml b/chart/templates/gatekeeper/namespace.yaml
index 8fefadd7996ff29c3384b14f8fb6bd8e8540a36a..0be0ac6710e53c2245c128557c858ee9b04ff3de 100644
--- a/chart/templates/gatekeeper/namespace.yaml
+++ b/chart/templates/gatekeeper/namespace.yaml
@@ -10,7 +10,7 @@ metadata:
name: gatekeeper-system
---
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/gitlab/gitrepository.yaml b/chart/templates/gitlab/gitrepository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b8ce163c1813241247a1107e3d1b227e882f401e
--- /dev/null
+++ b/chart/templates/gitlab/gitrepository.yaml
@@ -0,0 +1,13 @@
+{{- if and (not .Values.offline) .Values.addons.gitlab.enabled }}
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+ name: gitlab
+ namespace: {{ .Release.Namespace }}
+spec:
+ interval: {{ .Values.flux.interval }}
+ url: {{ .Values.addons.gitlab.git.repo }}
+ ref:
+ {{- include "validRef" .Values.addons.gitlab.git | nindent 4 }}
+ {{- include "gitCreds" .Values.git | nindent 2 }}
+{{- end }}
diff --git a/chart/templates/gitlab/helmrelease.yaml b/chart/templates/gitlab/helmrelease.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..226804a16fa7868edb9a0f820d2331bb0ff37996
--- /dev/null
+++ b/chart/templates/gitlab/helmrelease.yaml
@@ -0,0 +1,136 @@
+{{- if .Values.addons.gitlab.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: gitlab
+ namespace: {{ .Release.Namespace }}
+spec:
+ releaseName: gitlab
+ targetNamespace: gitlab
+ chart:
+ spec:
+ chart: {{ .Values.addons.gitlab.git.path }}
+ interval: 5m
+ sourceRef:
+ kind: GitRepository
+ name: gitlab
+ namespace: {{ .Release.Namespace }}
+
+{{- with .Values.flux }}
+ interval: {{ .interval }}
+ test:
+ enable: false
+ install:
+ remediation:
+ retries: {{ .install.retries }}
+ upgrade:
+ remediation:
+ retries: {{ .upgrade.retries }}
+ remediateLastFailure: true
+ cleanupOnFail: true
+ rollback:
+ timeout: {{ .rollback.timeout }}
+ cleanupOnFail: {{ .rollback.cleanupOnFail }}
+ {{- end }}
+
+ valuesFrom:
+ - name: values
+ kind: Secret
+ valuesKey: "gitlab.yaml"
+
+ values:
+ hostname: {{ .Values.hostname }}
+ istio:
+ enabled: {{ .Values.istio.enabled }}
+ monitoring:
+ enabled: {{ .Values.monitoring.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+ ## values for image pull secrets
+ redis:
+ metrics:
+ image:
+ pullSecrets:
+ - private-registry
+ image:
+ pullSecrets:
+ - private-registry
+ registry:
+ image:
+ pullSecrets:
+ - name: private-registry
+ shared-secrets:
+ selfsign:
+ image:
+ pullSecrets:
+ - name: private-registry
+ gitlab:
+ task-runner:
+ image:
+ pullSecrets:
+ - name: private-registry
+ migrations:
+ image:
+ pullSecrets:
+ - name: private-registry
+ webservice:
+ image:
+ pullSecrets:
+ - name: private-registry
+ workhorse:
+ pullSecrets:
+ - name: private-registry
+ sidekiq:
+ image:
+ pullSecrets:
+ - name: private-registry
+ gitaly:
+ image:
+ pullSecrets:
+ - name: private-registry
+ gitlab-shell:
+ image:
+ pullSecrets:
+ - name: private-registry
+ gitlab-exporter:
+ image:
+ pullSecrets:
+ - name: private-registry
+ minio:
+ pullSecrets:
+ - name: private-registry
+ {{- end }}
+ global:
+ hosts:
+ domain: code.{{ .Values.hostname }}
+ gitlab:
+ name: code.{{ .Values.hostname }}
+ registry:
+ name: registry.{{ .Values.hostname }}
+{{- if ( include "imagePullSecret" . ) }}
+ ## values for image pull secrets
+ certificates:
+ image:
+ pullSecrets:
+ - name: private-registry
+ kubectl:
+ image:
+ pullSecrets:
+ - name: private-registry
+ {{ end }}
+
+ {{- if or .Values.gatekeeper.enabled .Values.istio.enabled .Values.monitoring.enabled }}
+ dependsOn:
+ {{- if .Values.gatekeeper.enabled }}
+ - name: gatekeeper
+ namespace: {{ .Release.Namespace }}
+ {{- end }}
+ {{- if .Values.istio.enabled }}
+ - name: istio
+ namespace: {{ .Release.Namespace }}
+ {{- end }}
+ {{- if .Values.monitoring.enabled }}
+ - name: monitoring
+ namespace: {{ .Release.Namespace }}
+ {{- end }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/namespace.yaml b/chart/templates/gitlab/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..306742c3312a36593ceaf06042f543a21e6c9415
--- /dev/null
+++ b/chart/templates/gitlab/namespace.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.addons.gitlab.enabled }}
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ app: gitlab
+ name: gitlab
+---
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: gitlab
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/namespace.yaml b/chart/templates/istio/controlplane/namespace.yaml
index 0c0bc61dbbf761945b6dfa09e5bb5b825823a3bf..e85b31d6f16a59d8a19020e5129f1163f893772e 100644
--- a/chart/templates/istio/controlplane/namespace.yaml
+++ b/chart/templates/istio/controlplane/namespace.yaml
@@ -3,8 +3,7 @@ apiVersion: v1
kind: Namespace
metadata:
name: istio-system
-
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
---
apiVersion: v1
kind: Secret
diff --git a/chart/templates/istio/operator/namespace.yaml b/chart/templates/istio/operator/namespace.yaml
index 5c5b12f2b2e9e870702c2f0fda54deb5a818b81e..cc80d914aa650fa88f2aa17bb6ec833a1459edac 100644
--- a/chart/templates/istio/operator/namespace.yaml
+++ b/chart/templates/istio/operator/namespace.yaml
@@ -6,8 +6,7 @@ metadata:
labels:
istio-operator-managed: Reconcile
istio-injection: disabled
-
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
---
apiVersion: v1
kind: Secret
diff --git a/chart/templates/logging/eck-operator/namespace.yaml b/chart/templates/logging/eck-operator/namespace.yaml
index 42842e6a50d128e9d0f0d69e771f8b8b574ca5ec..c6d1fdca189cdc6918401fe0adce4988ab9e11d1 100644
--- a/chart/templates/logging/eck-operator/namespace.yaml
+++ b/chart/templates/logging/eck-operator/namespace.yaml
@@ -5,7 +5,7 @@ metadata:
name: eck-operator
---
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/logging/elasticsearch-kibana/namespace.yaml b/chart/templates/logging/elasticsearch-kibana/namespace.yaml
index 0ac10874ddf1bdcdefdd9e600e095ef8b5b1a66c..99fecb889d41cfce04d2fc76aad2a580570b2310 100644
--- a/chart/templates/logging/elasticsearch-kibana/namespace.yaml
+++ b/chart/templates/logging/elasticsearch-kibana/namespace.yaml
@@ -4,13 +4,8 @@ apiVersion: v1
kind: Namespace
metadata:
name: logging
- {{- if .Values.istio.enabled }}
- labels:
- istio-injection: enabled
- {{- end}}
-
---
- {{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/monitoring/namespace.yaml b/chart/templates/monitoring/namespace.yaml
index 03226e2e25c40d09f243a8d137a907c27a2d2ddd..b0e2c0707489c4bfb4fb6591dbac3b795c29109d 100644
--- a/chart/templates/monitoring/namespace.yaml
+++ b/chart/templates/monitoring/namespace.yaml
@@ -3,9 +3,8 @@ apiVersion: v1
kind: Namespace
metadata:
name: monitoring
-
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
---
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/twistlock/namespace.yaml b/chart/templates/twistlock/namespace.yaml
index 1ab7039d975a9cf7c4091c48839d5c548aca55bb..2757133a64ad63f39a4f00e23bf40caededd5c71 100644
--- a/chart/templates/twistlock/namespace.yaml
+++ b/chart/templates/twistlock/namespace.yaml
@@ -3,9 +3,8 @@ apiVersion: v1
kind: Namespace
metadata:
name: twistlock
-
-{{- if and (ne .Values.registryCredentials.username "") (ne .Values.registryCredentials.password "") }}
---
+{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/values.yaml b/chart/templates/values.yaml
index 38fe8998032260aedfe0bb78a9501511ad88e051..edf4a8caa918c09ccaf3261abf191d10a5b424f8 100644
--- a/chart/templates/values.yaml
+++ b/chart/templates/values.yaml
@@ -29,4 +29,6 @@ stringData:
{{ toYaml .Values.twistlock.values | indent 4 }}
clusterauditor.yaml: |
{{ toYaml .Values.twistlock.values | indent 4 }}
+ gitlab.yaml: |
+{{ toYaml .Values.addons.gitlab.values | indent 4 }}
data:
diff --git a/chart/values.yaml b/chart/values.yaml
index ab9449ce3d46e4a966a04c4f4d9bcd4fefad16d8..f3acaaa82732bd7adc58c766b7e84be116a0d383 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -4,13 +4,28 @@ hostname: bigbang.dev
# TODO: All this does right now is toggle GitRepositories, it is _not_ fully functional
offline: false
-# Registry credentials to use from pulling images from private registry, will create an appropriate imagePullSecret in all relevant namespaces
+# Regisitires can be an explicit map of registries as provided here
registryCredentials:
registry: registry1.dsop.io
username: ""
password: ""
email: ""
+# Or a list of registires:
+# registryCredentials:
+# - registry: registry1.dsop.io
+# username: user.name
+# password: user-secret
+# email: xxx@xxx.xxx
+# - registry: registry1.dso.mil
+# username: user.name
+# password: user-secret
+# email: xxx@xxx.xxx
+# - registry: registry.dso.mil
+# username: user.name
+# password: user-secret
+# email: xxx@xxx.xxx
+
# Global git values
# Order of precedence is:
# 1. existingSecret
@@ -39,7 +54,7 @@ flux:
upgrade:
retries: 3
rollback:
- timeout: 5m
+ timeout: 10m
cleanupOnFail: true
# ----------------------------------------------------------------------------------------------------------------------
@@ -152,5 +167,12 @@ addons:
git:
repo: https://repo1.dsop.io/platform-one/big-bang/apps/sandbox/authservice.git
path: "./chart"
- tag: "0.1.4-bb.0"
- values: {}
\ No newline at end of file
+ tag: "0.1.6-bb.0"
+ values: {}
+
+ gitlab:
+ enabled: false
+ git:
+ repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab.git
+ path: "./chart"
+ tag: "4.2.0-bb.1"
diff --git a/scripts/deploy/01_deploy_bigbang.sh b/scripts/deploy/01_deploy_bigbang.sh
index 4a2d3e1e33ee5154428b46eb8a9e80c9ee2672ac..fc84dec4e6292fa55f82f6f0b04546bd8d6696c4 100755
--- a/scripts/deploy/01_deploy_bigbang.sh
+++ b/scripts/deploy/01_deploy_bigbang.sh
@@ -10,6 +10,7 @@ flux check --pre
# Install flux in the cluster
kubectl create ns flux-system || true
+# TODO When changing the flux images to .mil this will need to chagne
kubectl create secret docker-registry private-registry -n flux-system \
--docker-server=registry1.dsop.io \
--docker-username='robot$bigbang' \
@@ -25,8 +26,11 @@ flux check
# Deploy BigBang using dev sized scaling
echo "Installing BigBang"
helm upgrade -i bigbang chart -n bigbang --create-namespace \
- --set registryCredentials.username='robot$bigbang' --set registryCredentials.password=${REGISTRY1_PASSWORD} \
- -f tests/ci/k3d/values.yaml
+--set registryCredentials[0].username='robot$bigbang' --set registryCredentials[0].password=${REGISTRY1_PASSWORD} \
+--set registryCredentials[0].registry=registry1.dsop.io \
+--set registryCredentials[1].username='robot$bigbang' --set registryCredentials[1].password=${REGISTRY1_PASSWORD} \
+--set registryCredentials[1].registry=registry1.dso.mil \
+-f tests/ci/k3d/values.yaml
## Apply secrets kustomization pointing to current branch
echo "Deploying secrets from the ${CI_COMMIT_REF_NAME} branch"
diff --git a/scripts/deploy/02_wait_for_helmrealeases.sh b/scripts/deploy/02_wait_for_helmrealeases.sh
index 30621bad69765833465039240314aacfda0ef894..6347c9f6e010a7500931d586e506f1618f8dda81 100755
--- a/scripts/deploy/02_wait_for_helmrealeases.sh
+++ b/scripts/deploy/02_wait_for_helmrealeases.sh
@@ -3,7 +3,7 @@
set -e
## This is an array to instantiate the order of wait conditions
-ORDERED_HELMRELEASES="gatekeeper istio-operator istio monitoring eck-operator ek fluent-bit twistlock cluster-auditor"
+ORDERED_HELMRELEASES="gatekeeper istio-operator istio monitoring eck-operator ek fluent-bit twistlock cluster-auditor gitlab"
## This the actual deployed helmrelease objects in the cluster
diff --git a/tests/ci/k3d/values.yaml b/tests/ci/k3d/values.yaml
index 53ba5c26f8d498239af4ea175d044f9c30c4f010..16fb20cc9889ff932d2d4a8661e8de7d73cc7530 100644
--- a/tests/ci/k3d/values.yaml
+++ b/tests/ci/k3d/values.yaml
@@ -58,3 +58,11 @@ addons:
enabled: true
authservice:
enabled: true
+ gitlab:
+ enabled: true
+ values:
+ postgresql:
+ install: true
+ global:
+ minio:
+ enabled: true