diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS
index 0a9f5bfad43a817c1023754cccbf16c9792e1128..f55066fcddf95b3a21dec1541810fed444d0a8bb 100644
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -7,7 +7,7 @@
.gitlab/CODEOWNERS @gitlab-org/development-leaders @gitlab-org/tw-leadership
## Allows release tooling and Gitaly team members to update the Gitaly Version
-GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend @gitlab-org/delivery @gl-gitaly
+/GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend @gitlab-org/delivery @gl-gitaly
## Files that are excluded from required approval
## These rules override the * rule above, so that changes to docs and templates
diff --git a/.gitlab/ci/test-on-cng/main.gitlab-ci.yml b/.gitlab/ci/test-on-cng/main.gitlab-ci.yml
index a830dcb0343d4c470c1645090f1881e9a0f08d50..0c07556322c37afc80bed59915451d12de16484d 100644
--- a/.gitlab/ci/test-on-cng/main.gitlab-ci.yml
+++ b/.gitlab/ci/test-on-cng/main.gitlab-ci.yml
@@ -50,12 +50,8 @@ workflow:
- export QA_GITLAB_URL="http://gitlab.${GITLAB_DOMAIN}"
- source scripts/utils.sh
- source scripts/rspec_helpers.sh
- - source scripts/qa/cng_deploy/cng-kind.sh
- cd qa && bundle install
- - bundle exec cng create cluster --ci
- # Currently this only performs pre-deploy setup
- - bundle exec cng create deployment --ci
- - deploy ${GITLAB_DOMAIN}
+ - bundle exec cng create deployment --gitlab-domain "${GITLAB_DOMAIN}" --ci --with-cluster ${EXTRA_DEPLOY_VALUES}
script:
- export QA_COMMAND="bundle exec bin/qa ${QA_SCENARIO:=Test::Instance::All} $QA_GITLAB_URL -- --force-color --order random --format documentation"
- echo "Running - '$QA_COMMAND'"
@@ -120,7 +116,11 @@ cng-qa-min-redis-version:
extends: .cng-base
variables:
QA_SCENARIO: Test::Instance::Smoke
- REDIS_VERSION_TYPE: MIN_REDIS_VERSION
+ before_script:
+ - |
+ redis_version=$(awk -F "=" "/MIN_REDIS_VERSION =/ {print \$2}" $CI_PROJECT_DIR/lib/system_check/app/redis_version_check.rb | sed "s/['\" ]//g")
+ export EXTRA_DEPLOY_VALUES="--set redis.image.tag=${redis_version%.*}"
+ - !reference [.cng-base, before_script]
after_script:
- !reference [.set-suite-status, after_script]
- !reference [.cng-base, after_script]
diff --git a/gems/gitlab-cng/Gemfile.lock b/gems/gitlab-cng/Gemfile.lock
index bf86ae848c793332d4aeacee87b78c2ab38dc92f..fdf46e19725be378851657b3f7567f4cea6bc5a3 100644
--- a/gems/gitlab-cng/Gemfile.lock
+++ b/gems/gitlab-cng/Gemfile.lock
@@ -2,6 +2,7 @@ PATH
remote: .
specs:
gitlab-cng (0.0.1)
+ activesupport (>= 7)
rainbow (~> 3.1)
require_all (~> 3.0)
thor (~> 1.3)
diff --git a/gems/gitlab-cng/gitlab-cng.gemspec b/gems/gitlab-cng/gitlab-cng.gemspec
index 62306ce5c71566272f163fb129a20fe2c402bd6a..fa29f4ee3048c21eb73d5442f718bd17739b5b18 100644
--- a/gems/gitlab-cng/gitlab-cng.gemspec
+++ b/gems/gitlab-cng/gitlab-cng.gemspec
@@ -19,6 +19,7 @@ Gem::Specification.new do |spec|
spec.executables = "cng"
spec.require_paths = ["lib"]
+ spec.add_dependency "activesupport", ">= 7"
spec.add_dependency "rainbow", "~> 3.1"
spec.add_dependency "require_all", "~> 3.0"
spec.add_dependency "thor", "~> 1.3"
diff --git a/gems/gitlab-cng/lib/gitlab/cng/commands/create.rb b/gems/gitlab-cng/lib/gitlab/cng/commands/create.rb
index 3fa54ad48da9622d351285c12c9120fa40249446..56ff6cc54fea10a0682620905c3d24b23d05f3b1 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/commands/create.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/commands/create.rb
@@ -6,6 +6,9 @@ module Commands
# Create command composed of subcommands that create various resources needed for CNG deployment
#
class Create < Command
+ # @return [Array] configurations that are used for kind cluster deployments
+ KIND_CLUSTER_CONFIGURATIONS = %w[kind].freeze
+
desc "cluster", "Create kind cluster for local deployments"
option :name,
desc: "Cluster name",
@@ -29,6 +32,8 @@ def cluster
long_desc <<~LONGDESC
This command installs a GitLab chart archive and performs all additional pre-install and post-install setup.
Argument NAME is helm install name and defaults to "gitlab".
+ Deployment has several optional environment variables it can read before performing chart install:
+ QA_EE_LICENSE|EE_LICENSE - gitlab test license, if present, will be added to deployment,
LONGDESC
option :configuration,
desc: "Deployment configuration",
@@ -49,8 +54,21 @@ def cluster
desc: "Use CI specific configuration",
default: false,
type: :boolean
+ option :gitlab_domain,
+ desc: "Domain for deployed app. Defaults to (your host IP).nip.io",
+ type: :string
+ option :with_cluster,
+ desc: "Create kind cluster for local deployments. \
+ Only valid for configurations designed to run against local kind cluster",
+ type: :boolean
def deployment(name = "gitlab")
- Deployment::Installation.new(name, **symbolized_options).create
+ if options[:with_cluster] && KIND_CLUSTER_CONFIGURATIONS.include?(options[:configuration])
+ invoke :cluster, [], ci: options[:ci]
+ end
+
+ Deployment::Installation
+ .new(name, **symbolized_options.slice(:configuration, :namespace, :set, :ci, :gitlab_domain))
+ .create
end
end
end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/_base.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/_base.rb
index 6083f8cc5aaa96161cb97ed7c5309d78f38e220e..dc89fb30f8263f1b55c63405d5f6f2b7eea73c23 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/_base.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/_base.rb
@@ -20,9 +20,11 @@ module Configurations
class Base
include Helpers::Output
- def initialize(namespace, kubeclient)
+ def initialize(namespace, kubeclient, ci, gitlab_domain)
@namespace = namespace
@kubeclient = kubeclient
+ @ci = ci
+ @gitlab_domain = gitlab_domain
end
class << self
@@ -41,7 +43,7 @@ def skip_pre_deployment_setup!
#
# @return [void]
def skip_post_deployment_setup!
- @skip_pre_deployment_setup = true
+ @skip_post_deployment_setup = true
end
end
@@ -51,7 +53,7 @@ def skip_post_deployment_setup!
def run_pre_deployment_setup
return if self.class.skip_pre_deployment_setup
- raise(NoMethodError, 'run_pre_deployment_setup not implemented')
+ raise(NoMethodError, "run_pre_deployment_setup not implemented")
end
# Steps to be executed after helm deployment has been performed
@@ -60,19 +62,26 @@ def run_pre_deployment_setup
def run_post_deployment_setup
return if self.class.skip_post_deployment_setup
- raise(NoMethodError, 'run_post_deployment_setup not implemented')
+ raise(NoMethodError, "run_post_deployment_setup not implemented")
end
# Values hash containing the values to be passed to helm chart install
#
# @return [Hash]
def values
- raise(NoMethodError, 'values not implemented')
+ {}
+ end
+
+ # Deployed app url
+ #
+ # @return [String]
+ def gitlab_url
+ "http://gitlab.#{gitlab_domain}"
end
private
- attr_reader :namespace, :kubeclient
+ attr_reader :namespace, :kubeclient, :ci, :gitlab_domain
end
end
end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/kind.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/kind.rb
index 3916892ee7b934106d658ca9cb686f40ba9e6b02..2a00e06dcf7c4a2f9efc70a94038e1180c712e42 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/kind.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/configurations/kind.rb
@@ -7,41 +7,118 @@ module Configurations
# Configuration for performing deployment setup on local kind cluster
#
class Kind < Base
+ # @return [String] secret name for initial admin password
ADMIN_PASSWORD_SECRET = "gitlab-initial-root-password"
+ # @return [String] configmap name for pre-receive hook
PRE_RECEIVE_HOOK_CONFIGMAP_NAME = "pre-receive-hook"
+ # @return [String] pre-receive hook script used by e2e tests
+ PRE_RECEIVE_HOOK = <<~'SH'
+ #!/usr/bin/env bash
- skip_post_deployment_setup!
+ if [[ $GL_PROJECT_PATH =~ 'reject-prereceive' ]]; then
+ echo 'GL-HOOK-ERR: Custom error message rejecting prereceive hook for projects with GL_PROJECT_PATH matching pattern reject-prereceive'
+ exit 1
+ fi
+ SH
+ # Run pre-deployment setup
+ #
+ # @return [void]
def run_pre_deployment_setup
create_initial_root_password
create_pre_receive_hook
end
+ # Run post-deployment setup
+ #
+ # @return [void]
+ def run_post_deployment_setup
+ create_root_token
+ end
+
+ # Helm chart values specific to kind deployment
+ #
+ # @return [Hash]
+ def values
+ {
+ global: {
+ initialRootPassword: {
+ secret: ADMIN_PASSWORD_SECRET
+ },
+ gitaly: {
+ hooks: {
+ preReceive: {
+ configmap: PRE_RECEIVE_HOOK_CONFIGMAP_NAME
+ }
+ }
+ }
+ },
+ "nginx-ingress": {
+ controller: {
+ replicaCount: 1,
+ minAavailable: 1,
+ service: {
+ type: "NodePort",
+ nodePorts: {
+ "gitlab-shell": 32022,
+ http: 32080
+ }
+ }
+ }
+ }
+ }
+ end
+
+ # Gitlab url
+ #
+ # @return [String]
+ def gitlab_url
+ "http://gitlab.#{gitlab_domain}#{ci ? '' : ':32080'}"
+ end
+
private
- # Pre-receive hook script used by e2e tests to test global git hooks
+ # Gitlab initial admin password, defaults to commonly used password across development environments
#
# @return [String]
- def pre_receive_hook
- <<~SH
- #!/usr/bin/env bash
+ def admin_password
+ @admin_password ||= ENV["GITLAB_ADMIN_PASSWORD"] || "5iveL!fe"
+ end
- if [[ $GL_PROJECT_PATH =~ 'reject-prereceive' ]]; then
- echo 'GL-HOOK-ERR: Custom error message rejecting prereceive hook for projects with GL_PROJECT_PATH matching pattern reject-prereceive'
- exit 1
- fi
- SH
+ # Gitlab admin user personal access token, defaults to value used in development seed data
+ #
+ # @return [String]
+ def admin_token
+ @admin_token ||= ENV["GITLAB_ADMIN_ACCESS_TOKEN"] || "ypCa3Dzb23o5nvsixwPA"
+ end
+
+ # Token seed script for root user
+ #
+ # @return [String]
+ def admin_pat_seed
+ <<~RUBY
+ Gitlab::Seeder.quiet do
+ User.find_by(username: 'root').tap do |user|
+ params = {
+ scopes: Gitlab::Auth.all_available_scopes.map(&:to_s),
+ name: 'seeded-api-token'
+ }
+
+ user.personal_access_tokens.build(params).tap do |pat|
+ pat.expires_at = 365.days.from_now
+ pat.set_token("#{admin_token}")
+ pat.save!
+ end
+ end
+ end
+ RUBY
end
# Create initial root password
#
# @return [void]
def create_initial_root_password
- admin_password = ENV["GITLAB_ADMIN_PASSWORD"]
-
- log("Creating initial root password secret", :info)
- return log("`GITLAB_ADMIN_PASSWORD` variable is not set, skipping", :warn) unless admin_password
-
+ log("Creating admin user initial password secret", :info)
secret = Kubectl::Resources::Secret.new(ADMIN_PASSWORD_SECRET, "password", admin_password)
puts mask_secrets(kubeclient.create_resource(secret), [admin_password, Base64.encode64(admin_password)])
end
@@ -51,9 +128,20 @@ def create_initial_root_password
# @return [void]
def create_pre_receive_hook
log("Creating pre-receive hook", :info)
- configmap = Kubectl::Resources::Configmap.new(PRE_RECEIVE_HOOK_CONFIGMAP_NAME, "hook.sh", pre_receive_hook)
+ configmap = Kubectl::Resources::Configmap.new(PRE_RECEIVE_HOOK_CONFIGMAP_NAME, "hook.sh", PRE_RECEIVE_HOOK)
puts kubeclient.create_resource(configmap)
end
+
+ # Create admin user personal access token
+ #
+ # @return [void]
+ def create_root_token
+ log("Creating admin user personal access token", :info)
+ puts mask_secrets(
+ kubeclient.execute("toolbox", ["gitlab-rails", "runner", admin_pat_seed], container: "toolbox"),
+ [admin_token]
+ ).strip
+ end
end
end
end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/default_values.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/default_values.rb
new file mode 100644
index 0000000000000000000000000000000000000000..508b8a5291f99ba3602a35b8dec717be6a367a4e
--- /dev/null
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/default_values.rb
@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Gitlab
+ module Cng
+ module Deployment
+ # Helpers for common chart values
+ #
+ class DefaultValues
+ extend Helpers::CI
+
+ IMAGE_REPOSITORY = "registry.gitlab.com/gitlab-org/build/cng-mirror"
+
+ class << self
+ # Main common chart values
+ #
+ # @param [String] domain
+ # @return [Hash]
+ def common_values(domain)
+ {
+ global: {
+ hosts: {
+ domain: domain,
+ https: false
+ },
+ ingress: {
+ configureCertmanager: false,
+ tls: {
+ enabled: false
+ }
+ },
+ appConfig: {
+ applicationSettingsCacheSeconds: 0
+ }
+ },
+ gitlab: { "gitlab-exporter": { enabled: false } },
+ redis: { metrics: { enabled: false } },
+ prometheus: { install: false },
+ certmanager: { install: false },
+ "gitlab-runner": { install: false }
+ }
+ end
+
+ # Key value pairs for ci specific component version values
+ #
+ # This is defined as key value pairs to allow constructing example cli args for easier reproducability
+ #
+ # @return [Hash]
+ def component_ci_versions
+ {
+ "gitaly.image.repository" => "#{IMAGE_REPOSITORY}/gitaly",
+ "gitaly.image.tag" => gitaly_version,
+ "gitlab-shell.image.repository" => "#{IMAGE_REPOSITORY}/gitlab-shell",
+ "gitlab-shell.image.tag" => "v#{gitlab_shell_version}",
+ "migrations.image.repository" => "#{IMAGE_REPOSITORY}/gitlab-toolbox-ee",
+ "migrations.image.tag" => commit_sha,
+ "toolbox.image.repository" => "#{IMAGE_REPOSITORY}/gitlab-toolbox-ee",
+ "toolbox.image.tag" => commit_sha,
+ "sidekiq.annotations.commit" => commit_short_sha,
+ "sidekiq.image.repository" => "#{IMAGE_REPOSITORY}/gitlab-sidekiq-ee",
+ "sidekiq.image.tag" => commit_sha,
+ "webservice.annotations.commit" => commit_short_sha,
+ "webservice.image.repository" => "#{IMAGE_REPOSITORY}/gitlab-webservice-ee",
+ "webservice.image.tag" => commit_sha,
+ "webservice.workhorse.image" => "#{IMAGE_REPOSITORY}/gitlab-workhorse-ee",
+ "webservice.workhorse.tag" => commit_sha
+ }
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/installation.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/installation.rb
index 3cced0fb48d107ada9bed213c0493c80874bdb2f..bfa0d5b139e56cec4fcaf3b39ed06dd047ecbfa4 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/installation.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/deployment/installation.rb
@@ -1,21 +1,27 @@
# frozen_string_literal: true
+require "socket"
+require "yaml"
+require "active_support/core_ext/hash"
+
module Gitlab
module Cng
module Deployment
+ # Class handling all the pre and post deployment setup steps and gitlab helm chart installation
+ #
class Installation
include Helpers::Output
include Helpers::Shell
LICENSE_SECRET = "gitlab-license"
- def initialize(name, configuration:, namespace:, ci:, set: [])
+ def initialize(name, configuration:, namespace:, ci:, gitlab_domain: nil, set: [])
@name = name
@configuration = configuration
@namespace = namespace
@ci = ci
+ @gitlab_domain = gitlab_domain
@set = set
- @kubeclient = Kubectl::Client.new(namespace)
end
# Perform deployment with all the additional setup
@@ -24,20 +30,69 @@ def initialize(name, configuration:, namespace:, ci:, set: [])
def create
log("Creating CNG deployment '#{name}' using '#{configuration}' configuration", :info, bright: true)
run_pre_deploy_setup
+ run_deploy
+ run_post_deploy_setup
rescue Helpers::Shell::CommandFailure
exit(1)
end
private
- attr_reader :name, :configuration, :namespace, :ci, :set, :kubeclient
+ attr_reader :name, :configuration, :namespace, :ci, :set
alias_method :cli_values, :set
+ # Kubectl client instance
+ #
+ # @return [Kubectl::Client]
+ def kubeclient
+ @kubeclient ||= Kubectl::Client.new(namespace)
+ end
+
+ # Gitlab app domain
+ #
+ # @return [String]
+ def gitlab_domain
+ @gitlab_domain ||= "#{Socket.ip_address_list.detect(&:ipv4_private?).ip_address}.nip.io"
+ end
+
# Configuration class instance
#
# @return [Configuration::Base]
def config_instance
- @config_instance ||= Configurations.const_get(configuration.capitalize, false).new(namespace, kubeclient)
+ @config_instance ||= Configurations.const_get(configuration.capitalize, false).new(
+ namespace,
+ kubeclient,
+ ci,
+ gitlab_domain
+ )
+ end
+
+ # Gitlab license
+ #
+ # @return [String]
+ def license
+ @license ||= ENV["QA_EE_LICENSE"] || ENV["EE_LICENSE"]
+ end
+
+ # Helm values for license secret
+ #
+ # @return [Hash]
+ def license_values
+ return {} unless license
+
+ {
+ global: {
+ extraEnv: {
+ GITLAB_LICENSE_MODE: "test",
+ CUSTOMER_PORTAL_URL: "https://customers.staging.gitlab.com"
+ }
+ },
+ gitlab: {
+ license: {
+ secret: LICENSE_SECRET
+ }
+ }
+ }
end
# Execute pre-deployment setup
@@ -54,13 +109,34 @@ def run_pre_deploy_setup
end
end
+ # Run helm deployment
+ #
+ # @return [void]
+ def run_deploy
+ cmd = [
+ "upgrade",
+ "--install", name, "gitlab/gitlab",
+ "--namespace", namespace,
+ "--timeout", "5m",
+ "--wait"
+ ]
+ cmd.push(*DefaultValues.component_ci_versions.flat_map { |k, v| ["--set", "gitlab.#{k}=#{v}"] }) if ci
+ cmd.push(*cli_values.flat_map { |v| ["--set", v] })
+ cmd.push("--values", "-")
+ values = DefaultValues.common_values(gitlab_domain)
+ .deep_merge(license_values)
+ .deep_merge(config_instance.values)
+ .deep_stringify_keys
+
+ Helpers::Spinner.spin("running helm deployment") { puts run_helm_cmd(cmd, values.to_yaml) }
+ log("Deployment successfull and app is available via: #{config_instance.gitlab_url}", :success, bright: true)
+ end
+
# Execute post-deployment setup
#
# @return [void]
def run_post_deploy_setup
- Helpers::Spinner.spin("running post-deployment setup") do
- config_instance.run_pre_deployment_setup
- end
+ Helpers::Spinner.spin("running post-deployment setup") { config_instance.run_post_deployment_setup }
end
# Add helm chart repo
@@ -99,12 +175,10 @@ def create_namespace
#
# @return [void]
def create_license
- license = ENV["QA_EE_LICENSE"]
-
log("Creating gitlab license secret", :info)
- return log("`QA_EE_LICENSE` variable is not set, skipping", :warn) unless license
+ return log("`QA_EE_LICENSE|EE_LICENSE` variable is not set, skipping", :warn) unless license
- secret = Kubectl::Resources::Secret.new(LICENSE_SECRET, "license", ENV["QA_EE_LICENSE"])
+ secret = Kubectl::Resources::Secret.new(LICENSE_SECRET, "license", license)
puts mask_secrets(kubeclient.create_resource(secret), [license, Base64.encode64(license)])
end
@@ -112,8 +186,8 @@ def create_license
#
# @param [Array] cmd
# @return [String]
- def run_helm_cmd(cmd)
- execute_shell(["helm", *cmd])
+ def run_helm_cmd(cmd, stdin = nil)
+ execute_shell(["helm", *cmd], stdin_data: stdin)
end
end
end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/helpers/ci.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/helpers/ci.rb
new file mode 100644
index 0000000000000000000000000000000000000000..8529682767953caf2851e69998fe6438a49c41a6
--- /dev/null
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/helpers/ci.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Gitlab
+ module Cng
+ module Helpers
+ # Helper functions for fetching CI related information
+ #
+ module CI
+ extend self
+
+ def commit_sha
+ @commit_sha ||= ENV["CI_COMMIT_SHA"] || raise("CI_COMMIT_SHA is not set")
+ end
+
+ def commit_short_sha
+ @commit_short_sha ||= ENV["CI_COMMIT_SHORT_SHA"] || raise("CI_COMMIT_SHORT_SHA is not set")
+ end
+
+ def gitaly_version
+ @gitaly_version ||= File.read(File.join(ci_project_dir, "GITALY_SERVER_VERSION")).strip
+ end
+
+ def gitlab_shell_version
+ @gitlab_shell_version ||= File.read(File.join(ci_project_dir, "GITLAB_SHELL_VERSION")).strip
+ end
+
+ def ci_project_dir
+ @ci_project_dir ||= ENV["CI_PROJECT_DIR"] || raise("CI_PROJECT_DIR is not set")
+ end
+ end
+ end
+ end
+end
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/kind/cluster.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/kind/cluster.rb
index ffc0bb4343782fc9ab1aec14be634a3dcccad46b..41bc8bb1148a21d9f83b328c45de0549065dbf78 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/lib/kind/cluster.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/kind/cluster.rb
@@ -21,12 +21,12 @@ def initialize(ci:, name:, docker_hostname: nil)
end
def create
- log "Creating cluster '#{name}'", :info
- return log " cluster '#{name}' already exists, skipping!" if cluster_exists?
+ log("Creating cluster '#{name}'", :info, bright: true)
+ return log(" cluster '#{name}' already exists, skipping!", :warn) if cluster_exists?
create_cluster
update_server_url
- log "Cluster '#{name}' created", :success
+ log("Cluster '#{name}' created", :success)
rescue Helpers::Shell::CommandFailure
# Exit cleanly without stacktrace if shell command fails
exit(1)
diff --git a/gems/gitlab-cng/lib/gitlab/cng/lib/kubectl/client.rb b/gems/gitlab-cng/lib/gitlab/cng/lib/kubectl/client.rb
index be812a4a6f262e290c6cb72f481fdd37c47f36eb..3a252b850e4a25217fdf33957fdd68600cbe9e22 100644
--- a/gems/gitlab-cng/lib/gitlab/cng/lib/kubectl/client.rb
+++ b/gems/gitlab-cng/lib/gitlab/cng/lib/kubectl/client.rb
@@ -8,6 +8,9 @@ module Kubectl
class Client
include Helpers::Shell
+ # Error raised by kubectl client class
+ Error = Class.new(StandardError)
+
def initialize(namespace)
@namespace = namespace
end
@@ -24,12 +27,48 @@ def create_namespace
# @param [Resources::Base] resource
# @return [String] command output
def create_resource(resource)
- execute_shell(["kubectl", "apply", "-n", namespace, "-f", "-"], stdin_data: resource.json)
+ run_in_namespace("apply", args: ["-f", "-"], stdin_data: resource.json)
+ end
+
+ # Execute command in a pod
+ #
+ # @param [String] pod full or part of pod name
+ # @param [Array] command
+ # @param [String] container
+ # @return [String]
+ def execute(pod, command, container: nil)
+ args = ["--", *command]
+ args.unshift("-c", container) if container
+
+ run_in_namespace("exec", get_pod_name(pod), args: args)
end
private
attr_reader :namespace
+
+ # Get full pod name
+ #
+ # @param [String] name
+ # @return [String]
+ def get_pod_name(name)
+ pod = run_in_namespace("get", "pods", args: ["--output", "jsonpath={.items[*].metadata.name}"])
+ .split(" ")
+ .find { |pod| pod.include?(name) }
+ raise Error, "Pod '#{name}' not found" unless pod
+
+ pod
+ end
+
+ # Run kubectl command in namespace
+ #
+ # @param [Array] *action
+ # @param [Array] args
+ # @param [String] stdin_data
+ # @return [String]
+ def run_in_namespace(*action, args:, stdin_data: nil)
+ execute_shell(["kubectl", *action, "-n", namespace, *args], stdin_data: stdin_data)
+ end
end
end
end
diff --git a/gems/gitlab-cng/spec/fixture/GITALY_SERVER_VERSION b/gems/gitlab-cng/spec/fixture/GITALY_SERVER_VERSION
new file mode 100644
index 0000000000000000000000000000000000000000..4d8daed28d96af25100dcd942ce5756c9d88f331
--- /dev/null
+++ b/gems/gitlab-cng/spec/fixture/GITALY_SERVER_VERSION
@@ -0,0 +1 @@
+7aa06a578d76bdc294ee8e9acb4f063e7d9f1d5f
diff --git a/gems/gitlab-cng/spec/fixture/GITLAB_SHELL_VERSION b/gems/gitlab-cng/spec/fixture/GITLAB_SHELL_VERSION
new file mode 100644
index 0000000000000000000000000000000000000000..aab9f5577020bce2bbdaace89dc7c1cf4f7c69a0
--- /dev/null
+++ b/gems/gitlab-cng/spec/fixture/GITLAB_SHELL_VERSION
@@ -0,0 +1 @@
+14.35.0
diff --git a/gems/gitlab-cng/spec/unit/gitlab/cng/commands/create_spec.rb b/gems/gitlab-cng/spec/unit/gitlab/cng/commands/create_spec.rb
index dc10917b986597aaea2d293541e7dd1212dac5e1..e5e6a1267907c47d94474013c05d7f9ace2c77ae 100644
--- a/gems/gitlab-cng/spec/unit/gitlab/cng/commands/create_spec.rb
+++ b/gems/gitlab-cng/spec/unit/gitlab/cng/commands/create_spec.rb
@@ -3,13 +3,14 @@
RSpec.describe Gitlab::Cng::Commands::Create do
include_context "with command testing helper"
+ let(:kind_cluster) { instance_double(Gitlab::Cng::Kind::Cluster, create: nil) }
+
+ before do
+ allow(Gitlab::Cng::Kind::Cluster).to receive(:new).and_return(kind_cluster)
+ end
+
describe "cluster command" do
let(:command_name) { "cluster" }
- let(:kind_cluster) { instance_double(Gitlab::Cng::Kind::Cluster, create: nil) }
-
- before do
- allow(Gitlab::Cng::Kind::Cluster).to receive(:new).and_return(kind_cluster)
- end
it "defines cluster command" do
expect_command_to_include_attributes(command_name, {
@@ -38,7 +39,7 @@
allow(Gitlab::Cng::Deployment::Installation).to receive(:new).and_return(deployment_install)
end
- it "defines cluster command" do
+ it "defines deployment command" do
expect_command_to_include_attributes(command_name, {
description: "Create CNG deployment from official GitLab Helm chart",
name: command_name,
@@ -47,15 +48,36 @@
end
it "invokes kind cluster creation with correct arguments" do
- invoke_command(command_name, [], { configuration: "kind", ci: true, namespace: "gitlab" })
+ invoke_command(command_name, [], {
+ configuration: "kind",
+ ci: true,
+ namespace: "gitlab",
+ gitlab_domain: "127.0.0.1.nip.io"
+ })
expect(deployment_install).to have_received(:create)
expect(Gitlab::Cng::Deployment::Installation).to have_received(:new).with(
"gitlab",
configuration: "kind",
ci: true,
- namespace: "gitlab"
+ namespace: "gitlab",
+ gitlab_domain: "127.0.0.1.nip.io"
)
end
+
+ it "invokes kind cluster creation when --with-cluster argument is passed" do
+ invoke_command(command_name, [], {
+ configuration: "kind",
+ ci: true,
+ with_cluster: true
+ })
+
+ expect(kind_cluster).to have_received(:create)
+ expect(Gitlab::Cng::Kind::Cluster).to have_received(:new).with({
+ ci: true,
+ name: "gitlab"
+ })
+ expect(deployment_install).to have_received(:create)
+ end
end
end
diff --git a/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/base_spec.rb b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/base_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..ae0271e6d0ec2bffc5c6c283c1098abdc639acad
--- /dev/null
+++ b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/base_spec.rb
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+RSpec.describe Gitlab::Cng::Deployment::Configurations::Base do
+ subject(:configuration) { Class.new(described_class) }
+
+ let(:config) do
+ configuration.new("gitlab", Gitlab::Cng::Kubectl::Client.new("gitlab"), false, "domain")
+ end
+
+ it "returns empty values by default" do
+ expect(config.values).to eq({})
+ end
+
+ it "returns correct default gitlab_url" do
+ expect(config.gitlab_url).to eq("http://gitlab.domain")
+ end
+
+ it "has setup hooks enabled by default", :aggregate_failures do
+ expect { config.run_pre_deployment_setup }.to raise_error(
+ NoMethodError,
+ "run_pre_deployment_setup not implemented"
+ )
+ expect { config.run_post_deployment_setup }.to raise_error(
+ NoMethodError,
+ "run_post_deployment_setup not implemented"
+ )
+ end
+
+ context "with disabled setup hooks" do
+ subject(:configuration) do
+ Class.new(described_class) do
+ skip_pre_deployment_setup!
+ skip_post_deployment_setup!
+ end
+ end
+
+ it "does not run setup hooks" do
+ expect(config.run_pre_deployment_setup).to be_nil
+ expect(config.run_post_deployment_setup).to be_nil
+ end
+ end
+end
diff --git a/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/kind_spec.rb b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/kind_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..d9c052488f0a9dd4d8dda80ce498947d3d8affbb
--- /dev/null
+++ b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/configurations/kind_spec.rb
@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+RSpec.describe Gitlab::Cng::Deployment::Configurations::Kind do
+ subject(:configuration) { described_class.new("gitlab", kubeclient, true, "127.0.0.1.nip.io") }
+
+ let(:kubeclient) { instance_double(Gitlab::Cng::Kubectl::Client, create_resource: "", execute: "") }
+
+ let(:env) do
+ {
+ "GITLAB_ADMIN_PASSWORD" => "password",
+ "GITLAB_ADMIN_ACCESS_TOKEN" => "token"
+ }
+ end
+
+ around do |example|
+ ClimateControl.modify(env) { example.run }
+ end
+
+ it "runs pre-deployment setup", :aggregate_failures do
+ expect { configuration.run_pre_deployment_setup }.to output(/Creating admin user initial password secret/).to_stdout
+
+ expect(kubeclient).to have_received(:create_resource).with(
+ Gitlab::Cng::Kubectl::Resources::Secret.new("gitlab-initial-root-password", "password", "password")
+ )
+ expect(kubeclient).to have_received(:create_resource).with(
+ Gitlab::Cng::Kubectl::Resources::Configmap.new(
+ "pre-receive-hook",
+ "hook.sh",
+ <<~SH
+ #!/usr/bin/env bash
+
+ if [[ $GL_PROJECT_PATH =~ 'reject-prereceive' ]]; then
+ echo 'GL-HOOK-ERR: Custom error message rejecting prereceive hook for projects with GL_PROJECT_PATH matching pattern reject-prereceive'
+ exit 1
+ fi
+ SH
+ ))
+ end
+
+ it "runs post-deployment setup", :aggregate_failures do
+ expect { configuration.run_post_deployment_setup }.to output(/Creating admin user personal access token/).to_stdout
+
+ expect(kubeclient).to have_received(:execute).with(
+ "toolbox",
+ [
+ "gitlab-rails",
+ "runner",
+ <<~RUBY
+ Gitlab::Seeder.quiet do
+ User.find_by(username: 'root').tap do |user|
+ params = {
+ scopes: Gitlab::Auth.all_available_scopes.map(&:to_s),
+ name: 'seeded-api-token'
+ }
+
+ user.personal_access_tokens.build(params).tap do |pat|
+ pat.expires_at = 365.days.from_now
+ pat.set_token("token")
+ pat.save!
+ end
+ end
+ end
+ RUBY
+ ],
+ container: "toolbox"
+ )
+ end
+
+ it "returns configuration specific values" do
+ expect(configuration.values).to eq({
+ global: {
+ initialRootPassword: {
+ secret: "gitlab-initial-root-password"
+ },
+ gitaly: {
+ hooks: {
+ preReceive: {
+ configmap: "pre-receive-hook"
+ }
+ }
+ }
+ },
+ "nginx-ingress": {
+ controller: {
+ replicaCount: 1,
+ minAavailable: 1,
+ service: {
+ type: "NodePort",
+ nodePorts: {
+ "gitlab-shell": 32022,
+ http: 32080
+ }
+ }
+ }
+ }
+ })
+ end
+
+ it "returns correct gitlab url" do
+ expect(configuration.gitlab_url).to eq("http://gitlab.127.0.0.1.nip.io")
+ end
+end
diff --git a/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/installation_spec.rb b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/installation_spec.rb
index f5451d0fa48c9e47509b64a0cda35fbeb266c1ff..9974af29ae53e9f045366cedbd35ead7c021aee3 100644
--- a/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/installation_spec.rb
+++ b/gems/gitlab-cng/spec/unit/gitlab/cng/deployment/installation_spec.rb
@@ -1,58 +1,167 @@
# frozen_string_literal: true
-RSpec.describe Gitlab::Cng::Deployment::Installation do
+RSpec.describe Gitlab::Cng::Deployment::Installation, :aggregate_failures do
subject(:installation) do
described_class.new(
"gitlab",
configuration: "kind",
namespace: "gitlab",
- ci: false
+ ci: ci
)
end
- let(:command_status) { instance_double(Process::Status, success?: true) }
- let(:kubeclient) { instance_double(Gitlab::Cng::Kubectl::Client, create_namespace: "", create_resource: "") }
- let(:license_secret) { Gitlab::Cng::Kubectl::Resources::Secret.new("gitlab-license", "license", "test") }
+ let(:stdin) { StringIO.new }
+ let(:config_values) { { configuration_specific: true } }
- let(:password_secret) do
- Gitlab::Cng::Kubectl::Resources::Secret.new("gitlab-initial-root-password", "password", "test")
- end
+ let(:ip) { instance_double(Addrinfo, ipv4_private?: true, ip_address: "127.0.0.1") }
- let(:hook_configmap) do
- Gitlab::Cng::Kubectl::Resources::Configmap.new(
- "pre-receive-hook",
- "hook.sh",
- <<~SH
- #!/usr/bin/env bash
+ let(:kubeclient) do
+ instance_double(Gitlab::Cng::Kubectl::Client, create_namespace: "", create_resource: "", execute: "")
+ end
- if [[ $GL_PROJECT_PATH =~ 'reject-prereceive' ]]; then
- echo 'GL-HOOK-ERR: Custom error message rejecting prereceive hook for projects with GL_PROJECT_PATH matching pattern reject-prereceive'
- exit 1
- fi
- SH
+ let(:configuration) do
+ instance_double(
+ Gitlab::Cng::Deployment::Configurations::Kind,
+ run_pre_deployment_setup: nil,
+ run_post_deployment_setup: nil,
+ values: config_values,
+ gitlab_url: "http://gitlab.#{ip.ip_address}.nip.io"
)
end
+ let(:env) do
+ {
+ "QA_EE_LICENSE" => "license",
+ "CI_PROJECT_DIR" => File.expand_path("../../../../fixture", __dir__),
+ "CI_COMMIT_SHA" => "0acb5ee6db0860436fafc2c31a2cd87849c51aa3",
+ "CI_COMMIT_SHORT_SHA" => "0acb5ee6db08"
+ }
+ end
+
+ let(:values_yml) do
+ {
+ global: {
+ hosts: {
+ domain: "#{ip.ip_address}.nip.io",
+ https: false
+ },
+ ingress: {
+ configureCertmanager: false,
+ tls: {
+ enabled: false
+ }
+ },
+ appConfig: {
+ applicationSettingsCacheSeconds: 0
+ },
+ extraEnv: {
+ GITLAB_LICENSE_MODE: "test",
+ CUSTOMER_PORTAL_URL: "https://customers.staging.gitlab.com"
+ }
+ },
+ gitlab: {
+ "gitlab-exporter": { enabled: false },
+ license: { secret: "gitlab-license" }
+ },
+ redis: { metrics: { enabled: false } },
+ prometheus: { install: false },
+ certmanager: { install: false },
+ "gitlab-runner": { install: false },
+ **config_values
+ }.deep_stringify_keys.to_yaml
+ end
+
before do
allow(Gitlab::Cng::Helpers::Spinner).to receive(:spin).and_yield
allow(Gitlab::Cng::Kubectl::Client).to receive(:new).with("gitlab").and_return(kubeclient)
+ allow(Gitlab::Cng::Deployment::Configurations::Kind).to receive(:new).and_return(configuration)
- allow(Open3).to receive(:popen2e).and_return(["", command_status])
+ allow(installation).to receive(:execute_shell)
+ allow(Socket).to receive(:ip_address_list).and_return([ip])
end
around do |example|
- ClimateControl.modify({ "QA_EE_LICENSE" => "test", "GITLAB_ADMIN_PASSWORD" => "test" }) { example.run }
+ ClimateControl.modify(env) { example.run }
+ end
+
+ context "without ci" do
+ let(:ci) { false }
+
+ it "runs setup and helm deployment" do
+ expect { installation.create }.to output(/Creating CNG deployment 'gitlab' using 'kind' configuration/).to_stdout
+
+ expect(Gitlab::Cng::Deployment::Configurations::Kind).to have_received(:new).with(
+ "gitlab",
+ kubeclient,
+ ci,
+ "#{ip.ip_address}.nip.io"
+ )
+ expect(installation).to have_received(:execute_shell).with(
+ %w[helm repo add gitlab https://charts.gitlab.io],
+ stdin_data: nil
+ )
+ expect(installation).to have_received(:execute_shell).with(
+ %w[helm repo add gitlab https://charts.gitlab.io],
+ stdin_data: nil
+ )
+ expect(installation).to have_received(:execute_shell).with(
+ %w[helm repo update gitlab],
+ stdin_data: nil
+ )
+ expect(installation).to have_received(:execute_shell).with(
+ %w[
+ helm upgrade
+ --install gitlab gitlab/gitlab
+ --namespace gitlab
+ --timeout 5m
+ --wait
+ --values -
+ ],
+ stdin_data: values_yml
+ )
+
+ expect(kubeclient).to have_received(:create_namespace)
+ expect(kubeclient).to have_received(:create_resource).with(
+ Gitlab::Cng::Kubectl::Resources::Secret.new("gitlab-license", "license", "license")
+ )
+ expect(configuration).to have_received(:run_pre_deployment_setup)
+ expect(configuration).to have_received(:run_post_deployment_setup)
+ end
end
- it "runs setup and helm deployment", :aggregate_failures do
- expect { installation.create }.to output(/Creating CNG deployment 'gitlab' using 'kind' configuration/).to_stdout
+ context "with ci" do
+ let(:ci) { true }
- expect(Open3).to have_received(:popen2e).with({}, *%w[helm repo add gitlab https://charts.gitlab.io])
- expect(Open3).to have_received(:popen2e).with({}, *%w[helm repo update gitlab])
+ it "runs helm install with correctly merged values and component versions" do
+ expect { installation.create }.to output(/Creating CNG deployment 'gitlab' using 'kind' configuration/).to_stdout
- expect(kubeclient).to have_received(:create_namespace)
- expect(kubeclient).to have_received(:create_resource).with(license_secret)
- expect(kubeclient).to have_received(:create_resource).with(password_secret)
- expect(kubeclient).to have_received(:create_resource).with(hook_configmap)
+ expect(installation).to have_received(:execute_shell).with(
+ %W[
+ helm upgrade
+ --install gitlab gitlab/gitlab
+ --namespace gitlab
+ --timeout 5m
+ --wait
+ --set gitlab.gitaly.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitaly
+ --set gitlab.gitaly.image.tag=7aa06a578d76bdc294ee8e9acb4f063e7d9f1d5f
+ --set gitlab.gitlab-shell.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-shell
+ --set gitlab.gitlab-shell.image.tag=v14.35.0
+ --set gitlab.migrations.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-toolbox-ee
+ --set gitlab.migrations.image.tag=#{env['CI_COMMIT_SHA']}
+ --set gitlab.toolbox.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-toolbox-ee
+ --set gitlab.toolbox.image.tag=#{env['CI_COMMIT_SHA']}
+ --set gitlab.sidekiq.annotations.commit=#{env['CI_COMMIT_SHORT_SHA']}
+ --set gitlab.sidekiq.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-sidekiq-ee
+ --set gitlab.sidekiq.image.tag=#{env['CI_COMMIT_SHA']}
+ --set gitlab.webservice.annotations.commit=#{env['CI_COMMIT_SHORT_SHA']}
+ --set gitlab.webservice.image.repository=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-webservice-ee
+ --set gitlab.webservice.image.tag=#{env['CI_COMMIT_SHA']}
+ --set gitlab.webservice.workhorse.image=registry.gitlab.com/gitlab-org/build/cng-mirror/gitlab-workhorse-ee
+ --set gitlab.webservice.workhorse.tag=#{env['CI_COMMIT_SHA']}
+ --values -
+ ],
+ stdin_data: values_yml
+ )
+ end
end
end
diff --git a/gems/gitlab-cng/spec/unit/gitlab/cng/kubectl/client_spec.rb b/gems/gitlab-cng/spec/unit/gitlab/cng/kubectl/client_spec.rb
index b657e94bfe2ef653479f4985a6ea8ec9182c6afe..a3ca54b1e5a6c63dc4ff1f1b2df901a5592261cd 100644
--- a/gems/gitlab-cng/spec/unit/gitlab/cng/kubectl/client_spec.rb
+++ b/gems/gitlab-cng/spec/unit/gitlab/cng/kubectl/client_spec.rb
@@ -19,4 +19,15 @@
expect(client.create_resource(resource)).to eq("cmd-output")
expect(Open3).to have_received(:popen2e).with({}, *%w[kubectl apply -n gitlab -f -])
end
+
+ it "executes custom command in pod" do
+ allow(Open3).to receive(:popen2e).with({}, *%w[
+ kubectl get pods -n gitlab --output jsonpath={.items[*].metadata.name}
+ ]).and_return(["some-pod-123 test-pod-123", command_status])
+
+ expect(client.execute("test-pod", ["ls"], container: "toolbox")).to eq("cmd-output")
+ expect(Open3).to have_received(:popen2e).with({}, *%w[
+ kubectl exec test-pod-123 -n gitlab -c toolbox -- ls
+ ])
+ end
end
diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock
index e9d72ea74b428c61d6b7f3c6f0f805ff55f73ee9..f3e3e72edad7adac3263200a772dd2f45c7dcea9 100644
--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@@ -2,6 +2,7 @@ PATH
remote: ../gems/gitlab-cng
specs:
gitlab-cng (0.0.1)
+ activesupport (>= 7)
rainbow (~> 3.1)
require_all (~> 3.0)
thor (~> 1.3)
diff --git a/scripts/qa/cng_deploy/cng-kind.sh b/scripts/qa/cng_deploy/cng-kind.sh
index f1fb8af265f2f8fd9fa87a4dc0588ca0cac4db3f..9271cd13923dce5fdadf81a6bf55b0e92c1b8559 100644
--- a/scripts/qa/cng_deploy/cng-kind.sh
+++ b/scripts/qa/cng_deploy/cng-kind.sh
@@ -25,163 +25,6 @@ function log_with_header() {
log_info "$delimiter"
}
-#
-# Deploy functions
-#
-function get_redis_version() {
- # version number is fetched from constant definition in redis_version_check.rb
- local version_type=${1:-RECOMMENDED_REDIS_VERSION}
-
- awk -F "=" "/${version_type} =/ {print \$2}" $CI_PROJECT_DIR/lib/system_check/app/redis_version_check.rb | sed "s/['\" ]//g"
-}
-
-function chart_values() {
- local domain=$1
- local values_file="cng-deploy-values.yml"
-
- local gitlab_image_repository="registry.gitlab.com/gitlab-org/build/cng-mirror"
- local gitlab_toolbox_image_repository="${gitlab_image_repository}/gitlab-toolbox-ee"
- local gitlab_sidekiq_image_repository="${gitlab_image_repository}/gitlab-sidekiq-ee"
- local gitlab_webservice_image_repository="${gitlab_image_repository}/gitlab-webservice-ee"
- local gitlab_workhorse_image_repository="${gitlab_image_repository}/gitlab-workhorse-ee"
- local gitlab_shell_image_repository="${gitlab_image_repository}/gitlab-shell"
- local gitlab_shell_image_tag="$(cat $CI_PROJECT_DIR/GITLAB_SHELL_VERSION)"
- local gitlab_gitaly_image_repository="${gitlab_image_repository}/gitaly"
- local gitaly_image_tag="$(cat $CI_PROJECT_DIR/GITALY_SERVER_VERSION)"
- local redis_version="$(get_redis_version $REDIS_VERSION_TYPE)"
-
- cat > $values_file <<EOF
-global:
- hosts:
- domain: $domain
- https: false
- ingress:
- configureCertmanager: false
- tls:
- enabled: false
- extraEnv:
- GITLAB_LICENSE_MODE: test
- CUSTOMER_PORTAL_URL: https://customers.staging.gitlab.com
- initialRootPassword:
- secret: gitlab-initial-root-password
- gitlab:
- license:
- secret: gitlab-license
- gitaly:
- hooks:
- preReceive:
- configmap: pre-receive-hook
- appConfig:
- applicationSettingsCacheSeconds: 0
-
-gitlab:
- gitaly:
- image:
- repository: "${gitlab_gitaly_image_repository}"
- tag: "${gitaly_image_tag}"
- gitlab-shell:
- image:
- repository: "${gitlab_shell_image_repository}"
- tag: "v${gitlab_shell_image_tag}"
- migrations:
- image:
- repository: "${gitlab_toolbox_image_repository}"
- tag: "${CI_COMMIT_SHA}"
- sidekiq:
- annotations:
- commit: "${CI_COMMIT_SHORT_SHA}"
- image:
- repository: "${gitlab_sidekiq_image_repository}"
- tag: "${CI_COMMIT_SHA}"
- toolbox:
- image:
- repository: "${gitlab_toolbox_image_repository}"
- tag: "${CI_COMMIT_SHA}"
- webservice:
- annotations:
- commit: "${CI_COMMIT_SHORT_SHA}"
- image:
- repository: "${gitlab_webservice_image_repository}"
- tag: "${CI_COMMIT_SHA}"
- workhorse:
- image: "${gitlab_workhorse_image_repository}"
- tag: "${CI_COMMIT_SHA}"
- gitlab-exporter:
- enabled: false
-
-# Provision specific version of redis (either recommended or minimum supported)
-redis:
- metrics:
- enabled: false
- image:
- tag: "${redis_version%.*}"
-
-# Don't use certmanager, we'll self-sign or use http
-certmanager:
- install: false
-
-# Specify NodePorts for NGINX and reduce replicas to 1
-nginx-ingress:
- controller:
- replicaCount: 1
- minAavailable: 1
- service:
- type: NodePort
- nodePorts:
- # gitlab-shell port value below must match the KinD config file:
- # nodes[0].extraPortMappings[1].containerPort
- gitlab-shell: 32022
- # http port value below must match the KinD config file:
- # nodes[0].extraPortMappings[0].containerPort
- http: 32080
-
-# Each test creates it's own runner, skip preinstalling runners
-gitlab-runner:
- install: false
-
-# Disable metrics
-prometheus:
- install: false
-EOF
-
-echo $values_file
-}
-
-function add_root_token() {
- cmd=$(
- cat <<EOF
-user = User.find_by_username('root');
-abort 'Error: Could not find root user. Check that the database was properly seeded' unless user;
-token = user.personal_access_tokens.create(scopes: [:api], name: 'Token to disable sign-ups', expires_at: 30.days.from_now);
-token.set_token('${GITLAB_QA_ADMIN_ACCESS_TOKEN}');
-token.save!;
-EOF
- )
-
- log_info "Add root user PAT"
- local toolbox_pod=$(kubectl get pods --namespace ${NAMESPACE} -lapp=toolbox --no-headers -o=custom-columns=NAME:.metadata.name | tail -n 1)
- kubectl exec --namespace "${NAMESPACE}" --container toolbox "${toolbox_pod}" -- gitlab-rails runner "${cmd}"
- log "success!"
-}
-
-function deploy() {
- local domain=$1
- local values=$(chart_values $domain)
-
- log_with_header "Install GitLab"
- log_info "Using following values.yml"
- cat $values
-
- log_info "Running helm install"
- helm install gitlab gitlab/gitlab \
- --namespace "$NAMESPACE" \
- --values $values \
- --timeout 5m \
- --wait
-
- add_root_token
-}
-
function save_install_logs() {
log_with_header "Events of namespace ${NAMESPACE}"
kubectl get events --output wide --namespace ${NAMESPACE}
diff --git a/scripts/qa/cng_deploy/config/hook.sh b/scripts/qa/cng_deploy/config/hook.sh
deleted file mode 100755
index de39f247bfb261247e29169f9db873b2e7fdf322..0000000000000000000000000000000000000000
--- a/scripts/qa/cng_deploy/config/hook.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-
-if [[ $GL_PROJECT_PATH =~ 'reject-prereceive' ]]; then
- echo 'GL-HOOK-ERR: Custom error message rejecting prereceive hook for projects with GL_PROJECT_PATH matching pattern reject-prereceive'
- exit 1
-fi
diff --git a/scripts/qa/cng_deploy/config/kind-config.yml b/scripts/qa/cng_deploy/config/kind-config.yml
deleted file mode 100644
index fa568522b5359c997e17ea9a369789f7db45fa1c..0000000000000000000000000000000000000000
--- a/scripts/qa/cng_deploy/config/kind-config.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: kind.x-k8s.io/v1alpha4
-kind: Cluster
-networking:
- apiServerAddress: "0.0.0.0"
-nodes:
- - role: control-plane
- kubeadmConfigPatches:
- - |
- kind: InitConfiguration
- nodeRegistration:
- kubeletExtraArgs:
- node-labels: "ingress-ready=true"
- - |
- kind: ClusterConfiguration
- apiServer:
- certSANs:
- - "docker"
- extraPortMappings:
- # containerPort below must match the values file:
- # nginx-ingress.controller.service.nodePorts.http
- - containerPort: 32080
- hostPort: 80
- listenAddress: "0.0.0.0"
- # containerPort below must match the values file:
- # nginx-ingress.controller.service.nodePorts.gitlab-shell
- - containerPort: 32022
- hostPort: 22
- listenAddress: "0.0.0.0"