Resolve "Feature request: .gitlab.toolbox.customScripts for preloading `rails runner` scripts to use on demand"

General MR

Summary

Gitlab admins occasionally need to run custom Ruby scripts via gitlab-rails console or gitlab-rails runner. We could make this easier for them by allowing operators to preload scripts into a configmap that mounts into the gitlab-toolbox container.

Sample input

gitlab:
  toolbox:
    customScripts:
      # this will be mounted into the toolbox container at `/scripts/custom/hello_world.rb`
      # execute it in the toolbox with `gitlab-rails runner /scripts/custom/hello_world.rb`
      hello_world.rb: |
        puts "hello world, I'm a custom ruby script!"

Example usage

❯ kubectl -n gitlab exec -ti deploy/gitlab-toolbox -- /bin/bash -c "gitlab-rails runner /scripts/custom/hello_world.rb"
Defaulted container "toolbox" out of: toolbox, certificates (init), configure (init)
WARNING: Active Record does not support composite primary key.

security_findings has composite primary key. Composite primary key is ignored.
hello world, I'm a custom ruby script!

Design notes

What this would require to implement, at a minimum:

• add a new ConfigMap template for the toolbox container that mounts the contents of .Values.gitlab.toolbox.customScripts as named key/value pairs in the configmap, just like the existing gitlab-toolbox ConfigMap does
• wire that configMap up as both a volume and a volumeMount in the toolbox container spec

Stretch goals:

• build some configurable Jobs or ScheduledJobs around running these scripts
• add more convenient UX around the ad-hoc invocation of these scripts
• add some tests, whether ruby specs or helm tests

sample implementation

See !330 (closed) for a simple case with a hello world script

Relevant logs/screenshots

(Include any relevant logs/screenshots)

Linked Issue

#286 (closed)

Upgrade Notices

N/A

added gitlab kindenhancement priority5 statusdoing teamDevelopment & Ops labels

assigned to @cschaefer

changed the description

added 1 commit

• e8d3bd2d - initial add issue !286 (merged); testing configmap externally

Compare with previous version

added 1 commit

• 9b4aa52c - readme update

Compare with previous version

added 3 commits

• 9b4aa52c...143878c9 - 2 commits from branch main
• 86bc85e5 - Merge branch 'main' into...

Compare with previous version

added 1 commit

• 97bf7290 - add custom scripts

Compare with previous version

added 1 commit

• 050939c2 - fix syntax

Compare with previous version

added 1 commit

• 62232b61 - lowercase only

Compare with previous version

added 1 commit

• db503218 - readonly false

Compare with previous version

added 1 commit

• 6aba6d56 - fix volume

Compare with previous version

added 1 commit

• 4d9514cb - update docs

Compare with previous version

added 1 commit

• 0ff7bfb4 - no default testing script for toolbox

Compare with previous version

added 1 commit

• 26b804b2 - update readme

Compare with previous version

marked this merge request as ready

added statusreview label and removed statusdoing label

requested review from @afarasoteemo, @alfredodiaz53, @cschaefer, @daniel.stocum, @matt.vasquez, and @nbazzeghin

removed review request for @cschaefer

approved this merge request

merged

mentioned in commit d1ebf1d1

mentioned in merge request big-bang/bigbang!5280 (merged)