UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects

PR-80

Merged PR-80
PR-80 into master
Merged Repo_Sync_Bot requested to merge PR-80 into master

This Merge Request is associated with A GitHub PR

Please Use caution before running the pipeline.

Created by: daniel-palmer-gu

Description

Allows setting Gitlab object store endpoint when using IAM profile

Testing

Negative Test IAM Profile (not setting endpoint)

custom-values.yaml:

addons:
  gitlab:
    enabled: true
    objectStorage:
      type: "s3"
      region: "us-gov-west-1"
      bucketPrefix: "my-prefix"
      iamProfile: "my-profile"

Command: helm template . -f custom-values.yaml -s templates/gitlab/secret-objectstore.yaml

Output:

---
# Source: bigbang/templates/gitlab/secret-objectstore.yaml
apiVersion: v1
kind: Secret
metadata:
    name: gitlab-object-storage
    namespace: gitlab
type: kubernetes.io/opaque
stringData:
    rails: |-
      provider: AWS
      region: us-gov-west-1
      use_iam_profile: true
    registry: |-
      s3:
        bucket: my-prefix-gitlab-registry
        region: us-gov-west-1
        v4auth: true
    backups: |-
      [default]
      bucket_location = us-gov-west-1
      multipart_chunk_size_mb = 128

Negative Test AccessKey/AccessSecret (not setting endpoint)

custom-values.yaml:

addons:
  gitlab:
    enabled: true
    objectStorage:
      type: "s3"
      region: "us-gov-west-1"
      bucketPrefix: "my-prefix"
      accessKey: "my-key"
      accessSecret: "my-secret"

Command: helm template . -f custom-values.yaml -s templates/gitlab/secret-objectstore.yaml

Output:

---
# Source: bigbang/templates/gitlab/secret-objectstore.yaml
apiVersion: v1
kind: Secret
metadata:
    name: gitlab-object-storage
    namespace: gitlab
type: kubernetes.io/opaque
stringData:
    rails: |-
      provider: AWS
      region: us-gov-west-1
      aws_access_key_id: my-key
      aws_secret_access_key: my-secret
    registry: |-
      s3:
        bucket: my-prefix-gitlab-registry
        accesskey: my-key
        secretkey: my-secret
        region: us-gov-west-1
        v4auth: true
    backups: |-
      [default] 
      access_key = my-key
      secret_key = my-secret
      host_bucket = %(bucket)s.
      bucket_location = us-gov-west-1
      multipart_chunk_size_mb = 128

Positive Test IAM Profile (setting endpoint)

custom-values.yaml:

addons:
  gitlab:
    enabled: true
    objectStorage:
      type: "s3"
      region: "us-gov-west-1"
      bucketPrefix: "my-prefix"
      iamProfile: "my-profile"
      endpoint: "https://s3.us-gov-west-1.amazonaws.com"

Command: helm template . -f custom-values.yaml -s templates/gitlab/secret-objectstore.yaml

Output:

---
# Source: bigbang/templates/gitlab/secret-objectstore.yaml
apiVersion: v1
kind: Secret
metadata:
    name: gitlab-object-storage
    namespace: gitlab
type: kubernetes.io/opaque
stringData:
    rails: |-
      provider: AWS
      region: us-gov-west-1
      use_iam_profile: true
      endpoint: "https://s3.us-gov-west-1.amazonaws.com"
    registry: |-
      s3:
        bucket: my-prefix-gitlab-registry
        regionendpoint: "https://s3.us-gov-west-1.amazonaws.com"
        region: us-gov-west-1
        v4auth: true
    backups: |-
      [default]
      bucket_location = us-gov-west-1
      multipart_chunk_size_mb = 128

Positive Test AccessKey/AccessSecret (setting endpoint)

custom-values.yaml:

addons:
  gitlab:
    enabled: true
    objectStorage:
      type: "s3"
      region: "us-gov-west-1"
      bucketPrefix: "my-prefix"
      accessKey: "my-key"
      accessSecret: "my-secret"
      endpoint: "https://s3.us-gov-west-1.amazonaws.com"

Command: helm template . -f custom-values.yaml -s templates/gitlab/secret-objectstore.yaml

Output:

---
# Source: bigbang/templates/gitlab/secret-objectstore.yaml
apiVersion: v1
kind: Secret
metadata:
    name: gitlab-object-storage
    namespace: gitlab
type: kubernetes.io/opaque
stringData:
    rails: |-
      provider: AWS
      region: us-gov-west-1
      aws_access_key_id: my-key
      aws_secret_access_key: my-secret
      endpoint: "https://s3.us-gov-west-1.amazonaws.com"
    registry: |-
      s3:
        bucket: my-prefix-gitlab-registry
        accesskey: my-key
        secretkey: my-secret
        regionendpoint: "https://s3.us-gov-west-1.amazonaws.com"
        region: us-gov-west-1
        v4auth: true
    backups: |-
      [default] 
      access_key = my-key
      secret_key = my-secret
      host_bucket = %(bucket)s.s3.us-gov-west-1.amazonaws.com
      bucket_location = us-gov-west-1
      multipart_chunk_size_mb = 128

Closes #2476 (closed)

Edited by Christopher O'Connell

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply

UNCLASSIFIED - NO CUI