Getting closer to the maintained cloud native chart (!3) · Merge requests · freedesktop.org / helm-gitlab-deployment

Benjamin Tissoires requested to merge bentiss/helm-gitlab-omnibus:master into master Apr 24, 2020

I have been busy this week trying to create a path where we could move away from the omnibus installation to the cloud native chart.

There are 2 aspects in this MR:

I created a new chart 'freedesktop' where we should eventually put all of our tweaks in
I have ported quite some settings from the old chart to the native one

the end result is the following (with the newly created secrets for the new chart scrapped out):

 # Source: helm-gitlab-omnibus/charts/certmanager-issuer/templates/cert-manager.yml
 
 apiVersion: v1
@@ -800,7 +955,7 @@
     heritage: Tiller
     
 data:
-  gitlabVersion: "master"
+  gitlabVersion: "12.9.3"
   gitlabChartVersion: "3.2.2"
 
 ---
@@ -10036,9 +10191,9 @@
             gitlab_rails['smtp_address'] = 'gabe.freedesktop.org'
             gitlab_rails['smtp_port'] = 5878
             gitlab_rails['smtp_user_name'] = 'gitlab@gitlab.freedesktop.org'
-            gitlab_rails['smtp_domain'] = 'gitlab.freedesktop.org'
             gitlab_rails['smtp_password'] = ENV['SMTP_PASSWORD']
             gitlab_rails['smtp_authentication'] = 'login'
+            gitlab_rails['smtp_domain'] = 'gitlab.freedesktop.org'
             gitlab_rails['smtp_enable_starttls_auto'] = true
             gitlab_rails['smtp_tls'] = false
             gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
@@ -10060,6 +10215,13 @@
             # cf. https://gitlab.com/gitlab-org/gitlab-pages/issues/129
             #gitlab_pages['inplace_chroot'] = true
             
+            registry['storage'] = {
+              'gcs' => {
+                'bucket' => 'fdo-gitlab-registry',
+                'keyfile' => '/gitlab-ssh-keys/registry-gcs-key'
+              }
+            }
+            
             # Temporarily back up to the registry path, until we can stream tar
             # directly to object storage.
             gitlab_rails['backup_path'] = '/gitlab-registry'
@@ -10090,13 +10252,6 @@
               #'google_json_key_location' => '/gitlab-ssh-keys/upload-gcs-key'
             }
             
-            registry['storage'] = {
-              'gcs' => {
-                'bucket' => 'fdo-gitlab-registry',
-                'keyfile' => '/gitlab-ssh-keys/registry-gcs-key'
-              }
-            }
-            
             gitlab_rails['artifacts_enabled'] = true
             gitlab_rails['artifacts_object_store_enabled'] = true
             gitlab_rails['artifacts_object_store_proxy_download'] = false
@@ -10850,7 +11005,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: gitlab-prod-shared-secrets.0-n1x
+  name: gitlab-prod-shared-secrets.0-dp0
   namespace: default
   labels:
     app: shared-secrets

So nothing harmful.

I am mostly sending this as an FYI because once this gets in, a new upgrade of the charts means that all config/omnibus/secrets repos will need to be updated.

Cc: @daniels

Getting closer to the maintained cloud native chart

Merge request reports