diff --git a/CHANGELOG.md b/CHANGELOG.md
index d72e06a3386516f9105b2f5c4b9ee61c94e0158e..401ee905256b9d3e36640bb798919f6c51af0039 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
---
+## [8.3.0-bb.3] (2024-11-07)
+
+### Changed
+
+- move token job for GCPE to GCPE prep for subchart
+
## [8.3.0-bb.2] (2024-11-05)
### Changed
diff --git a/README.md b/README.md
index 7b2bc0c4c6c58c03b51cef7c41d3f436be050e12..686d679a34624de909790281d22c527d79f9c9bf 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
<!-- Warning: Do not manually edit this file. See notes on gluon + helm-docs at the end of this file for more information. -->
# gitlab
- 
+ 
GitLab is the most comprehensive AI-powered DevSecOps Platform.
@@ -439,118 +439,118 @@ helm install gitlab chart/
| certmanager.rbac.create | bool | `true` | |
| nginx-ingress.enabled | bool | `false` | |
| nginx-ingress-geo.<<.enabled | bool | `false` | |
-| nginx-ingress-geo.<<.tcpExternalConfig | string | `"true"` | |
| nginx-ingress.tcpExternalConfig | string | `"true"` | |
+| nginx-ingress-geo.<<.tcpExternalConfig | string | `"true"` | |
+| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress-geo.<<.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
-| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.<<.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
-| nginx-ingress-geo.controller.config.<<.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.<<.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
-| nginx-ingress.controller.config.hsts | string | `"true"` | |
+| nginx-ingress-geo.controller.config.<<.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.config.<<.hsts | string | `"true"` | |
-| nginx-ingress-geo.controller.<<.config.hsts | string | `"true"` | |
| nginx-ingress-geo.<<.controller.config.hsts | string | `"true"` | |
-| nginx-ingress.controller.config.hsts-include-subdomains | string | `"false"` | |
+| nginx-ingress-geo.controller.<<.config.hsts | string | `"true"` | |
+| nginx-ingress.controller.config.hsts | string | `"true"` | |
+| nginx-ingress-geo.controller.config.<<.hsts-include-subdomains | string | `"false"` | |
| nginx-ingress-geo.controller.<<.config.hsts-include-subdomains | string | `"false"` | |
+| nginx-ingress.controller.config.hsts-include-subdomains | string | `"false"` | |
| nginx-ingress-geo.<<.controller.config.hsts-include-subdomains | string | `"false"` | |
-| nginx-ingress-geo.controller.config.<<.hsts-include-subdomains | string | `"false"` | |
-| nginx-ingress-geo.<<.controller.config.hsts-max-age | string | `"63072000"` | |
-| nginx-ingress-geo.controller.<<.config.hsts-max-age | string | `"63072000"` | |
-| nginx-ingress.controller.config.hsts-max-age | string | `"63072000"` | |
| nginx-ingress-geo.controller.config.<<.hsts-max-age | string | `"63072000"` | |
+| nginx-ingress.controller.config.hsts-max-age | string | `"63072000"` | |
+| nginx-ingress-geo.controller.<<.config.hsts-max-age | string | `"63072000"` | |
+| nginx-ingress-geo.<<.controller.config.hsts-max-age | string | `"63072000"` | |
| nginx-ingress-geo.controller.config.<<.server-name-hash-bucket-size | string | `"256"` | |
| nginx-ingress-geo.controller.<<.config.server-name-hash-bucket-size | string | `"256"` | |
| nginx-ingress-geo.<<.controller.config.server-name-hash-bucket-size | string | `"256"` | |
| nginx-ingress.controller.config.server-name-hash-bucket-size | string | `"256"` | |
| nginx-ingress-geo.controller.config.<<.use-http2 | string | `"true"` | |
| nginx-ingress-geo.controller.<<.config.use-http2 | string | `"true"` | |
-| nginx-ingress-geo.<<.controller.config.use-http2 | string | `"true"` | |
| nginx-ingress.controller.config.use-http2 | string | `"true"` | |
-| nginx-ingress-geo.controller.config.<<.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
-| nginx-ingress-geo.<<.controller.config.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
-| nginx-ingress-geo.controller.<<.config.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
+| nginx-ingress-geo.<<.controller.config.use-http2 | string | `"true"` | |
| nginx-ingress.controller.config.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
-| nginx-ingress-geo.controller.<<.config.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
+| nginx-ingress-geo.controller.<<.config.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
+| nginx-ingress-geo.<<.controller.config.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
+| nginx-ingress-geo.controller.config.<<.ssl-ciphers | string | `"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"` | |
| nginx-ingress-geo.<<.controller.config.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
-| nginx-ingress.controller.config.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
| nginx-ingress-geo.controller.config.<<.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
-| nginx-ingress.controller.config.server-tokens | string | `"false"` | |
+| nginx-ingress.controller.config.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
+| nginx-ingress-geo.controller.<<.config.ssl-protocols | string | `"TLSv1.3 TLSv1.2"` | |
| nginx-ingress-geo.<<.controller.config.server-tokens | string | `"false"` | |
+| nginx-ingress.controller.config.server-tokens | string | `"false"` | |
| nginx-ingress-geo.controller.<<.config.server-tokens | string | `"false"` | |
| nginx-ingress-geo.controller.config.<<.server-tokens | string | `"false"` | |
+| nginx-ingress.controller.config.upstream-keepalive-connections | int | `100` | |
+| nginx-ingress-geo.<<.controller.config.upstream-keepalive-connections | int | `100` | |
| nginx-ingress-geo.controller.<<.config.upstream-keepalive-connections | int | `100` | |
| nginx-ingress-geo.controller.config.<<.upstream-keepalive-connections | int | `100` | |
-| nginx-ingress-geo.<<.controller.config.upstream-keepalive-connections | int | `100` | |
-| nginx-ingress.controller.config.upstream-keepalive-connections | int | `100` | |
-| nginx-ingress-geo.controller.<<.config.upstream-keepalive-time | string | `"30s"` | |
| nginx-ingress-geo.controller.config.<<.upstream-keepalive-time | string | `"30s"` | |
-| nginx-ingress.controller.config.upstream-keepalive-time | string | `"30s"` | |
| nginx-ingress-geo.<<.controller.config.upstream-keepalive-time | string | `"30s"` | |
+| nginx-ingress-geo.controller.<<.config.upstream-keepalive-time | string | `"30s"` | |
+| nginx-ingress.controller.config.upstream-keepalive-time | string | `"30s"` | |
| nginx-ingress-geo.controller.<<.config.upstream-keepalive-timeout | int | `5` | |
+| nginx-ingress.controller.config.upstream-keepalive-timeout | int | `5` | |
| nginx-ingress-geo.controller.config.<<.upstream-keepalive-timeout | int | `5` | |
| nginx-ingress-geo.<<.controller.config.upstream-keepalive-timeout | int | `5` | |
-| nginx-ingress.controller.config.upstream-keepalive-timeout | int | `5` | |
+| nginx-ingress.controller.config.upstream-keepalive-requests | int | `1000` | |
+| nginx-ingress-geo.<<.controller.config.upstream-keepalive-requests | int | `1000` | |
| nginx-ingress-geo.controller.<<.config.upstream-keepalive-requests | int | `1000` | |
| nginx-ingress-geo.controller.config.<<.upstream-keepalive-requests | int | `1000` | |
-| nginx-ingress-geo.<<.controller.config.upstream-keepalive-requests | int | `1000` | |
-| nginx-ingress.controller.config.upstream-keepalive-requests | int | `1000` | |
-| nginx-ingress.controller.service.externalTrafficPolicy | string | `"Local"` | |
| nginx-ingress-geo.<<.controller.service.externalTrafficPolicy | string | `"Local"` | |
+| nginx-ingress.controller.service.externalTrafficPolicy | string | `"Local"` | |
| nginx-ingress-geo.controller.<<.service.externalTrafficPolicy | string | `"Local"` | |
| nginx-ingress-geo.controller.<<.ingressClassByName | bool | `false` | |
| nginx-ingress-geo.<<.controller.ingressClassByName | bool | `false` | |
| nginx-ingress.controller.ingressClassByName | bool | `false` | |
| nginx-ingress.controller.ingressClassResource.name | string | `"{{ include \"ingress.class.name\" $ }}"` | |
-| nginx-ingress-geo.controller.<<.ingressClassResource.name | string | `"{{ include \"ingress.class.name\" $ }}"` | |
| nginx-ingress-geo.<<.controller.ingressClassResource.name | string | `"{{ include \"ingress.class.name\" $ }}"` | |
+| nginx-ingress-geo.controller.<<.ingressClassResource.name | string | `"{{ include \"ingress.class.name\" $ }}"` | |
+| nginx-ingress.controller.resources.requests.cpu | string | `"100m"` | |
| nginx-ingress-geo.<<.controller.resources.requests.cpu | string | `"100m"` | |
| nginx-ingress-geo.controller.<<.resources.requests.cpu | string | `"100m"` | |
-| nginx-ingress.controller.resources.requests.cpu | string | `"100m"` | |
-| nginx-ingress-geo.controller.<<.resources.requests.memory | string | `"100Mi"` | |
| nginx-ingress.controller.resources.requests.memory | string | `"100Mi"` | |
+| nginx-ingress-geo.controller.<<.resources.requests.memory | string | `"100Mi"` | |
| nginx-ingress-geo.<<.controller.resources.requests.memory | string | `"100Mi"` | |
| nginx-ingress-geo.<<.controller.publishService.enabled | bool | `true` | |
-| nginx-ingress.controller.publishService.enabled | bool | `true` | |
| nginx-ingress-geo.controller.<<.publishService.enabled | bool | `true` | |
-| nginx-ingress.controller.replicaCount | int | `2` | |
+| nginx-ingress.controller.publishService.enabled | bool | `true` | |
| nginx-ingress-geo.controller.<<.replicaCount | int | `2` | |
| nginx-ingress-geo.<<.controller.replicaCount | int | `2` | |
+| nginx-ingress.controller.replicaCount | int | `2` | |
+| nginx-ingress-geo.controller.<<.minAvailable | int | `1` | |
| nginx-ingress.controller.minAvailable | int | `1` | |
| nginx-ingress-geo.<<.controller.minAvailable | int | `1` | |
-| nginx-ingress-geo.controller.<<.minAvailable | int | `1` | |
-| nginx-ingress-geo.<<.controller.scope.enabled | bool | `true` | |
| nginx-ingress.controller.scope.enabled | bool | `true` | |
+| nginx-ingress-geo.<<.controller.scope.enabled | bool | `true` | |
| nginx-ingress-geo.controller.<<.scope.enabled | bool | `true` | |
-| nginx-ingress.controller.metrics.enabled | bool | `true` | |
-| nginx-ingress-geo.<<.controller.metrics.enabled | bool | `true` | |
| nginx-ingress-geo.controller.<<.metrics.enabled | bool | `true` | |
+| nginx-ingress-geo.<<.controller.metrics.enabled | bool | `true` | |
+| nginx-ingress.controller.metrics.enabled | bool | `true` | |
+| nginx-ingress-geo.controller.<<.metrics.service.annotations."gitlab.com/prometheus_scrape" | string | `"true"` | |
| nginx-ingress.controller.metrics.service.annotations."gitlab.com/prometheus_scrape" | string | `"true"` | |
| nginx-ingress-geo.<<.controller.metrics.service.annotations."gitlab.com/prometheus_scrape" | string | `"true"` | |
-| nginx-ingress-geo.controller.<<.metrics.service.annotations."gitlab.com/prometheus_scrape" | string | `"true"` | |
-| nginx-ingress-geo.controller.<<.metrics.service.annotations."gitlab.com/prometheus_port" | string | `"10254"` | |
| nginx-ingress.controller.metrics.service.annotations."gitlab.com/prometheus_port" | string | `"10254"` | |
| nginx-ingress-geo.<<.controller.metrics.service.annotations."gitlab.com/prometheus_port" | string | `"10254"` | |
+| nginx-ingress-geo.controller.<<.metrics.service.annotations."gitlab.com/prometheus_port" | string | `"10254"` | |
+| nginx-ingress-geo.controller.<<.metrics.service.annotations."prometheus.io/scrape" | string | `"true"` | |
| nginx-ingress-geo.<<.controller.metrics.service.annotations."prometheus.io/scrape" | string | `"true"` | |
| nginx-ingress.controller.metrics.service.annotations."prometheus.io/scrape" | string | `"true"` | |
-| nginx-ingress-geo.controller.<<.metrics.service.annotations."prometheus.io/scrape" | string | `"true"` | |
-| nginx-ingress.controller.metrics.service.annotations."prometheus.io/port" | string | `"10254"` | |
-| nginx-ingress-geo.<<.controller.metrics.service.annotations."prometheus.io/port" | string | `"10254"` | |
| nginx-ingress-geo.controller.<<.metrics.service.annotations."prometheus.io/port" | string | `"10254"` | |
-| nginx-ingress.controller.admissionWebhooks.enabled | bool | `false` | |
+| nginx-ingress-geo.<<.controller.metrics.service.annotations."prometheus.io/port" | string | `"10254"` | |
+| nginx-ingress.controller.metrics.service.annotations."prometheus.io/port" | string | `"10254"` | |
| nginx-ingress-geo.<<.controller.admissionWebhooks.enabled | bool | `false` | |
+| nginx-ingress.controller.admissionWebhooks.enabled | bool | `false` | |
| nginx-ingress-geo.controller.<<.admissionWebhooks.enabled | bool | `false` | |
| nginx-ingress-geo.<<.defaultBackend.resources.requests.cpu | string | `"5m"` | |
| nginx-ingress.defaultBackend.resources.requests.cpu | string | `"5m"` | |
-| nginx-ingress-geo.<<.defaultBackend.resources.requests.memory | string | `"5Mi"` | |
| nginx-ingress.defaultBackend.resources.requests.memory | string | `"5Mi"` | |
+| nginx-ingress-geo.<<.defaultBackend.resources.requests.memory | string | `"5Mi"` | |
| nginx-ingress.rbac.create | bool | `true` | |
| nginx-ingress-geo.<<.rbac.create | bool | `true` | |
| nginx-ingress-geo.<<.rbac.scope | bool | `false` | |
| nginx-ingress.rbac.scope | bool | `false` | |
-| nginx-ingress.serviceAccount.create | bool | `true` | |
| nginx-ingress-geo.<<.serviceAccount.create | bool | `true` | |
+| nginx-ingress.serviceAccount.create | bool | `true` | |
| nginx-ingress-geo.enabled | bool | `false` | |
| nginx-ingress-geo.controller.config.use-forwarded-headers | bool | `true` | |
| nginx-ingress-geo.controller.electionID | string | `"ingress-controller-leader-geo"` | |
@@ -1086,7 +1086,6 @@ helm install gitlab chart/
| networkPolicies.additionalPolicies | list | `[]` | |
| openshift | bool | `false` | |
| use_iam_profile | bool | `false` | |
-| gitlab-ci-pipelines-exporter.enabled | bool | `false` | |
| bbtests.enabled | bool | `false` | |
| bbtests.cypress.resources.requests.cpu | int | `1` | |
| bbtests.cypress.resources.requests.memory | string | `"2Gi"` | |
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 962026a9dccae55c500ec0c5c57a886666485b52..558de4f813f7b7aedba4f0cb220558384407546e 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,7 +1,7 @@
---
apiVersion: v1
name: gitlab
-version: 8.3.6-bb.2
+version: 8.3.6-bb.3
appVersion: v17.3.6
description: GitLab is the most comprehensive AI-powered DevSecOps Platform.
keywords:
diff --git a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_job.yaml b/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_job.yaml
deleted file mode 100644
index 163b172e8f1e326dbee1622672d6394268e7d9c8..0000000000000000000000000000000000000000
--- a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_job.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if index .Values "gitlab-ci-pipelines-exporter" "enabled" }}
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: gitlab-exporter-token
- namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- app.kubernetes.io/version: {{ .Chart.AppVersion }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- {{- include "gitlab.standardLabels" . | nindent 4 }}
- {{- include "gitlab.commonLabels" . | nindent 4 }}
- annotations:
- # This is what defines this resource as a hook. Without this line, the
- # job is considered part of the release.
- "helm.sh/hook": post-install,post-upgrade
- "helm.sh/hook-weight": "-5"
-spec:
- template:
- metadata:
- name: gitlab-exporter-token
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- {{- include "gitlab.standardLabels" . | nindent 8 }}
- {{- include "gitlab.commonLabels" . | nindent 8 }}
- spec:
- automountServiceAccountToken: true
- serviceAccountName: exporter-token-sa
- restartPolicy: Never
- {{- with .Values.global.kubectl.image.pullSecrets }}
- imagePullSecrets:
- {{ toYaml . | nindent 8 }}
- {{- end }}
- containers:
- - name: post-install-token-to-secret
- image: {{ .Values.global.kubectl.image.repository }}:{{ .Values.global.kubectl.image.tag }}
- command: ["/bin/bash"]
- args:
- - -c
- - >-
- token_string=$(head -c 128 /dev/urandom | sha256sum | head -c 32 | awk '{print "glpat-"$1}') && kubectl -n gitlab exec -ti deploy/gitlab-toolbox -- gitlab-rails runner "t=User.find_by_username('root').personal_access_tokens.new(name: 'ci-exporter-token', scopes:['api'], expires_at: 1.year.from_now.utc); t.set_token('${token_string}'); t.save" && kubectl create secret -n gitlab generic gitlab-ci-exporter-token --from-literal=gitlabToken=${token_string}
- securityContext:
- runAsNonRoot: true
- runAsUser: 1001
- runAsGroup: 1001
- capabilities:
- drop:
- - ALL
-{{- end }}
diff --git a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_role.yaml b/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_role.yaml
deleted file mode 100644
index 7b1118094a15232e7f7dc030dda23a6be71e722d..0000000000000000000000000000000000000000
--- a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_role.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- if index .Values "gitlab-ci-pipelines-exporter" "enabled" }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- namespace: {{ .Release.Namespace }}
- name: gitlab-token-exporter-exec
- labels:
- {{- include "gitlab.standardLabels" . | nindent 4 }}
- {{- include "gitlab.commonLabels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": pre-install,pre-upgrade
- "helm.sh/hook-weight": "-10"
-rules:
- - apiGroups: ["apps"]
- resources: ["deployments"]
- verbs: ["get", "list"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["get", "list"]
- - apiGroups: [""]
- resources: ["pods/exec"]
- verbs: ["create"]
- - apiGroups: [""]
- resources: ["secrets"]
- verbs: ["create", "update"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["roles", "rolebindings"]
- verbs: ["delete", "list", "get"]
-{{- end }}
diff --git a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_rolebinding.yaml b/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_rolebinding.yaml
deleted file mode 100644
index 126bd969646316563b74e76067c88749e832c683..0000000000000000000000000000000000000000
--- a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_rolebinding.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- if index .Values "gitlab-ci-pipelines-exporter" "enabled" }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- namespace: {{ .Release.Namespace }}
- name: gitlab-token-exporter-exec
- labels:
- {{- include "gitlab.standardLabels" . | nindent 4 }}
- {{- include "gitlab.commonLabels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": pre-install,pre-upgrade
- "helm.sh/hook-weight": "-10"
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: gitlab-token-exporter-exec
-subjects:
- - kind: ServiceAccount
- name: exporter-token-sa
- namespace: {{ .Release.Namespace }}
-{{- end }}
diff --git a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_serviceaccount.yaml b/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_serviceaccount.yaml
deleted file mode 100644
index 58cb5dbecbca6bfdeaf67d40edb754358794431f..0000000000000000000000000000000000000000
--- a/chart/templates/bigbang/gitlab-ci-pipelines-exporter/gitlab-ci-exporter_serviceaccount.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- if index .Values "gitlab-ci-pipelines-exporter" "enabled" }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: exporter-token-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "gitlab.standardLabels" . | nindent 4 }}
- {{- include "gitlab.commonLabels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": pre-install,pre-upgrade
- "helm.sh/hook-weight": "-10"
-{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 54e0e34d68cdf2ce60a4eeff920e15ab0976fcdc..aee59e442f5cc255edfdb2150fb3f630a20276df 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -2142,11 +2142,6 @@ openshift: false
# Track if AWS IAM Profile is used for Object Storage
use_iam_profile: false
-# Set this to 'enabled' if this a new install and you plan to use the Gitlab CI Pipelines Exporter package add-on.
-# See https://repo1.dso.mil/big-bang/product/maintained/gitlab-ci-pipelines-exporter for details.
-gitlab-ci-pipelines-exporter:
- enabled: false
-
bbtests:
enabled: false
cypress:
diff --git a/docs/DEVELOPMENT_MAINTENANCE.md b/docs/DEVELOPMENT_MAINTENANCE.md
index a998262cb4632fc873df8865cc6bcca3dd7b1401..81176ffbe1a676ae39f1e52d78c9dcf53ce4fbe1 100644
--- a/docs/DEVELOPMENT_MAINTENANCE.md
+++ b/docs/DEVELOPMENT_MAINTENANCE.md
@@ -293,7 +293,6 @@ If that is not present it will use the global chart serviceAccount automountServ
- Add istio peerauthentications.
- Add Secrets for DoD certificate authorities.
- Add istio authorization policies.
-- Add GCPE token post-hook install job resources.
## chart/templates/tests/*
diff --git a/tests/test-values.yml b/tests/test-values.yml
index 3b16f4d4ba5cbba722ab32430d1af03dbccbe395..936b4f2ef08b9724d88097b14045d37d7ed125d2 100644
--- a/tests/test-values.yml
+++ b/tests/test-values.yml
@@ -34,10 +34,5 @@ gitlab:
networkPolicies:
enabled: true
controlPlaneCidr: 172.16.0.0/12
-
-# This tests the from-scratch hook job to create an api token for GCPE in a fresh gitlab deployment.
-gitlab-ci-pipelines-exporter:
- enabled: true
-
bbtests:
enabled: true