From f083171087e9907ec29886a1f86f35dbbd4a3202 Mon Sep 17 00:00:00 2001 From: Craig Miskell Date: Tue, 13 Apr 2021 16:43:39 +1200 Subject: [PATCH 1/2] Adds support for configuring External Pipeline Validation Depends on https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59101 for these configuration items to have any useful effect --- .../charts/sidekiq/templates/configmap.yaml | 1 + .../charts/webservice/templates/configmap.yml | 1 + .../templates/_pipelineValidationService.tpl | 18 ++++++++++++++ doc/charts/globals.md | 24 +++++++++++++++++++ values.yaml | 5 ++++ 5 files changed, 49 insertions(+) create mode 100644 charts/gitlab/templates/_pipelineValidationService.tpl diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index d018c43852..6147a57ad8 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -123,6 +123,7 @@ data: {{- end }} sidekiq: log_format: {{ .Values.logging.format }} + {{- include "gitlab.appConfig.pipelineValidationService.configuration" . | nindent 6 }} configure: | {{- include "gitlab.scripts.configure.secrets" (dict "required" "gitaly registry rails-secrets") | nindent 4 -}} {{- include "gitlab.psql.ssl.initScript" . | nindent 4 }} diff --git a/charts/gitlab/charts/webservice/templates/configmap.yml b/charts/gitlab/charts/webservice/templates/configmap.yml index a000ab55f9..75c5ecf0dd 100644 --- a/charts/gitlab/charts/webservice/templates/configmap.yml +++ b/charts/gitlab/charts/webservice/templates/configmap.yml @@ -139,6 +139,7 @@ data: ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} {{- include "gitlab.appConfig.smartcard.configuration" $ | nindent 6 }} + {{- include "gitlab.appConfig.pipelineValidationService.configuration" . | nindent 6 }} configure: | {{- include "gitlab.scripts.configure.secrets" (dict) | nindent 4 -}} {{- include "gitlab.psql.ssl.initScript" . | nindent 4 }} diff --git a/charts/gitlab/templates/_pipelineValidationService.tpl b/charts/gitlab/templates/_pipelineValidationService.tpl new file mode 100644 index 0000000000..b2a3a22686 --- /dev/null +++ b/charts/gitlab/templates/_pipelineValidationService.tpl @@ -0,0 +1,18 @@ +{{/* +Generates Pipeline Validation Service (PVS) configuration. + +Usage: +{{ include "gitlab.appConfig.pipelineValidationService.configuration" . }} +*/}} +{{- define "gitlab.appConfig.pipelineValidationService.configuration" -}} +pipeline_validation_service: + {{- if .Values.global.appConfig.pipelineValidationService.url }} + url: {{ $.Values.global.appConfig.pipelineValidationService.url }} + {{- end }} + {{- if .Values.global.appConfig.pipelineValidationService.token }} + token: {{ $.Values.global.appConfig.pipelineValidationService.token }} + {{- end }} + {{- if .Values.global.appConfig.pipelineValidationService.timeout }} + timeout: {{ $.Values.global.appConfig.pipelineValidationService.timeout }} + {{- end }} +{{- end -}}{{/* "gitlab.appConfig.pipelineValidationService.configuration" */}} diff --git a/doc/charts/globals.md b/doc/charts/globals.md index 73c040abd6..c909c1717b 100644 --- a/doc/charts/globals.md +++ b/doc/charts/globals.md @@ -824,6 +824,10 @@ global: enabled: false CASecret: clientCertificateRequiredHost: + pipelineValidationService: + url: + token: + timeout: ``` ### General application settings @@ -1444,6 +1448,26 @@ global: | `sanExtensions` | Boolean | `false` | Enable the use of SAN extensions to match users with certificates. | | `requiredForGitAccess` | Boolean | `false` | Require browser session with smartcard sign-in for Git access. | +### Pipeline Validation Service settings + +These settings relate to the [External Pipeline Validation service](https://docs.gitlab.com/ee/administration/external_pipeline_validation.html) + +```yaml +global: + appConfig: + pipelineValidationService: + token: + url: + token: + timeout: +``` + +| Name | Type | Default | Description | +| :---------| :-----: | :------ | :----------------------------------------------- | +| `url` | String | | The URL to query for permission/validation to start new pipelines | +| `token` | String | | An optional token to pass as a header, to the validation service URL | +| `timeout` | Integer | | How long (in seconds) to wait for a response from the service. GitLab itself defaults to 5 seconds | + ## Configure Rails settings A large portion of the GitLab suite is based upon Rails. As such, many containers within this project operate with this stack. These settings apply to all of those containers, and provide an easy access method to setting them globally versus individually. diff --git a/values.yaml b/values.yaml index 1458957952..b77a48dd01 100644 --- a/values.yaml +++ b/values.yaml @@ -417,6 +417,11 @@ global: sanExtensions: false requiredForGitAccess: false + pipelineValidationService: {} + # url: + # token: + # timeout: + # Config that only applies to the defaults on initial install initialDefaults: {} # signupEnabled: -- GitLab From b2551ef8f76b9886bea97395bf82db624ffeabb9 Mon Sep 17 00:00:00 2001 From: Craig Miskell Date: Tue, 13 Apr 2021 17:16:40 +1200 Subject: [PATCH 2/2] Fix docs spacing --- doc/charts/globals.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/charts/globals.md b/doc/charts/globals.md index c909c1717b..2eac53bea3 100644 --- a/doc/charts/globals.md +++ b/doc/charts/globals.md @@ -1466,7 +1466,7 @@ global: | :---------| :-----: | :------ | :----------------------------------------------- | | `url` | String | | The URL to query for permission/validation to start new pipelines | | `token` | String | | An optional token to pass as a header, to the validation service URL | -| `timeout` | Integer | | How long (in seconds) to wait for a response from the service. GitLab itself defaults to 5 seconds | +| `timeout` | Integer | | How long (in seconds) to wait for a response from the service. GitLab itself defaults to 5 seconds | ## Configure Rails settings -- GitLab