UNCLASSIFIED - NO CUI

Skip to content

Resolve "Feature request: .gitlab.toolbox.customScripts for preloading `rails runner` scripts to use on demand"

General MR

Summary

Gitlab admins occasionally need to run custom Ruby scripts via gitlab-rails console or gitlab-rails runner. We could make this easier for them by allowing operators to preload scripts into a configmap that mounts into the gitlab-toolbox container.

Sample input

gitlab:
  toolbox:
    customScripts:
      # this will be mounted into the toolbox container at `/scripts/custom/hello_world.rb`
      # execute it in the toolbox with `gitlab-rails runner /scripts/custom/hello_world.rb`
      hello_world.rb: |
        puts "hello world, I'm a custom ruby script!"

Example usage

❯ kubectl -n gitlab exec -ti deploy/gitlab-toolbox -- /bin/bash -c "gitlab-rails runner /scripts/custom/hello_world.rb"
Defaulted container "toolbox" out of: toolbox, certificates (init), configure (init)
WARNING: Active Record does not support composite primary key.

security_findings has composite primary key. Composite primary key is ignored.
hello world, I'm a custom ruby script!

Design notes

What this would require to implement, at a minimum:

  • add a new ConfigMap template for the toolbox container that mounts the contents of .Values.gitlab.toolbox.customScripts as named key/value pairs in the configmap, just like the existing gitlab-toolbox ConfigMap does
  • wire that configMap up as both a volume and a volumeMount in the toolbox container spec

Stretch goals:

  • build some configurable Jobs or ScheduledJobs around running these scripts
  • add more convenient UX around the ad-hoc invocation of these scripts
  • add some tests, whether ruby specs or helm tests

sample implementation

See !330 (closed) for a simple case with a hello world script

Relevant logs/screenshots

(Include any relevant logs/screenshots)

Linked Issue

#286 (closed)

Upgrade Notices

N/A

Edited by Chris Schaefer

Merge request reports