diff --git a/changelogs/unreleased/658-add-gitlab-operator.yml b/changelogs/unreleased/658-add-gitlab-operator.yml new file mode 100644 index 0000000000000000000000000000000000000000..294ee7bcd948dccd18312bbba7f3e5b9d2749a84 --- /dev/null +++ b/changelogs/unreleased/658-add-gitlab-operator.yml @@ -0,0 +1,5 @@ +--- +title: Add Gitlab operator to run upgrades of Gitlab +merge_request: 435 +author: +type: added diff --git a/charts/gitlab/charts/migrations/templates/_jobspec.yaml b/charts/gitlab/charts/migrations/templates/_jobspec.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e6d1078ab8031a0c6cb2a77ff7e132fb49a2bc38 --- /dev/null +++ b/charts/gitlab/charts/migrations/templates/_jobspec.yaml @@ -0,0 +1,108 @@ +{{- if .Values.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "migrations.jobname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + template: + metadata: + labels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + spec: + securityContext: + runAsUser: 1000 + fsGroup: 1000 + initContainers: +{{ include "gitlab.certificates.initContainer" . | indent 8 }} + - name: configure + command: ['sh', '/config/configure'] + image: {{ .Values.init.image }}:{{ .Values.init.tag }} + volumeMounts: + - name: migrations-config + mountPath: /config + readOnly: true + - name: init-migrations-secrets + mountPath: /init-config + readOnly: true + - name: migrations-secrets + mountPath: /init-secrets + readOnly: false + resources: +{{ toYaml .Values.init.resources | indent 12 }} + restartPolicy: OnFailure +{{- include "pullsecrets" .Values.image | indent 6}} + containers: + - name: {{ .Chart.Name }} + image: "{{ coalesce .Values.image.repository (include "image.repository" .) }}:{{ coalesce .Values.image.tag (include "gitlab.versionTag" . ) }}" + args: + - /scripts/wait-for-deps + - /scripts/db-migrate + {{ template "gitlab.imagePullPolicy" . }} + env: + - name: GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN + valueFrom: + secretKeyRef: + name: {{ template "gitlab.gitlab-runner.registrationToken.secret" . }} + key: runner-registration-token + - name: CONFIG_TEMPLATE_DIRECTORY + value: '/var/opt/gitlab/templates' + - name: CONFIG_DIRECTORY + value: '/var/opt/gitlab/config/gitlab/' + - name: BYPASS_SCHEMA_VERSION + value: 'true' + volumeMounts: + - name: migrations-config + mountPath: '/var/opt/gitlab/templates' + - name: migrations-secrets + mountPath: '/etc/gitlab' + readOnly: true + - name: migrations-secrets + mountPath: /srv/gitlab/config/secrets.yml + subPath: rails-secrets/secrets.yml + - name: migrations-secrets + mountPath: /srv/gitlab/config/initial_root_password + subPath: migrations/initial_root_password +{{ include "gitlab.certificates.volumeMount" . | indent 12 }} + resources: +{{ toYaml .Values.resources | indent 12 }} + volumes: + - name: migrations-config + configMap: + name: {{ template "fullname" . }} + - name: init-migrations-secrets + projected: + defaultMode: 0400 + sources: + - secret: + name: {{ template "gitlab.rails-secrets.secret" . }} + items: + - key: secrets.yml + path: rails-secrets/secrets.yml + - secret: + name: {{ template "gitlab.redis.password.secret" . }} + items: + - key: {{ template "gitlab.redis.password.key" . }} + path: redis/password + - secret: + name: {{ template "gitlab.psql.password.secret" . }} + items: + - key: {{ template "gitlab.psql.password.key" . }} + path: postgres/psql-password + - secret: + name: {{ template "gitlab.migrations.initialRootPassword.secret" . }} + items: + - key: {{ template "gitlab.migrations.initialRootPassword.key" . }} + path: migrations/initial_root_password + - name: migrations-secrets + emptyDir: + medium: "Memory" +{{ include "gitlab.certificates.volumes" . | indent 6 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} +{{- end }} diff --git a/charts/gitlab/charts/migrations/templates/configmap.yaml b/charts/gitlab/charts/migrations/templates/configmap.yaml index b49e4f9a6ee692549c62d9356c7fc519d8053f87..352f514319a31bfd0c25fbbc80e99219d6fa5f1b 100644 --- a/charts/gitlab/charts/migrations/templates/configmap.yaml +++ b/charts/gitlab/charts/migrations/templates/configmap.yaml @@ -40,5 +40,17 @@ data: cp /init-config/postgres/psql-password /init-secrets/postgres/psql-password cp /init-config/rails-secrets/secrets.yml /init-secrets/rails-secrets/secrets.yml cp /init-config/migrations/initial_root_password /init-secrets/migrations/initial_root_password +{{- if .Values.global.operator.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-migrations-jobspec + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +data: + template: |- +{{ include (print $.Template.BasePath "/_jobspec.yaml") . | indent 4 }} +{{- end }} # Leave this here - This line denotes end of block to the parser. {{- end }} diff --git a/charts/gitlab/charts/migrations/templates/job.yaml b/charts/gitlab/charts/migrations/templates/job.yaml index e6d1078ab8031a0c6cb2a77ff7e132fb49a2bc38..7a5d804888658daa8bda9a7ee1fbfc246414db44 100644 --- a/charts/gitlab/charts/migrations/templates/job.yaml +++ b/charts/gitlab/charts/migrations/templates/job.yaml @@ -1,108 +1,3 @@ -{{- if .Values.enabled }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ template "migrations.jobname" . }} - namespace: {{ $.Release.Namespace }} - labels: -{{ include "gitlab.standardLabels" . | indent 4 }} -spec: - template: - metadata: - labels: - app: {{ template "name" . }} - release: {{ .Release.Name }} - spec: - securityContext: - runAsUser: 1000 - fsGroup: 1000 - initContainers: -{{ include "gitlab.certificates.initContainer" . | indent 8 }} - - name: configure - command: ['sh', '/config/configure'] - image: {{ .Values.init.image }}:{{ .Values.init.tag }} - volumeMounts: - - name: migrations-config - mountPath: /config - readOnly: true - - name: init-migrations-secrets - mountPath: /init-config - readOnly: true - - name: migrations-secrets - mountPath: /init-secrets - readOnly: false - resources: -{{ toYaml .Values.init.resources | indent 12 }} - restartPolicy: OnFailure -{{- include "pullsecrets" .Values.image | indent 6}} - containers: - - name: {{ .Chart.Name }} - image: "{{ coalesce .Values.image.repository (include "image.repository" .) }}:{{ coalesce .Values.image.tag (include "gitlab.versionTag" . ) }}" - args: - - /scripts/wait-for-deps - - /scripts/db-migrate - {{ template "gitlab.imagePullPolicy" . }} - env: - - name: GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN - valueFrom: - secretKeyRef: - name: {{ template "gitlab.gitlab-runner.registrationToken.secret" . }} - key: runner-registration-token - - name: CONFIG_TEMPLATE_DIRECTORY - value: '/var/opt/gitlab/templates' - - name: CONFIG_DIRECTORY - value: '/var/opt/gitlab/config/gitlab/' - - name: BYPASS_SCHEMA_VERSION - value: 'true' - volumeMounts: - - name: migrations-config - mountPath: '/var/opt/gitlab/templates' - - name: migrations-secrets - mountPath: '/etc/gitlab' - readOnly: true - - name: migrations-secrets - mountPath: /srv/gitlab/config/secrets.yml - subPath: rails-secrets/secrets.yml - - name: migrations-secrets - mountPath: /srv/gitlab/config/initial_root_password - subPath: migrations/initial_root_password -{{ include "gitlab.certificates.volumeMount" . | indent 12 }} - resources: -{{ toYaml .Values.resources | indent 12 }} - volumes: - - name: migrations-config - configMap: - name: {{ template "fullname" . }} - - name: init-migrations-secrets - projected: - defaultMode: 0400 - sources: - - secret: - name: {{ template "gitlab.rails-secrets.secret" . }} - items: - - key: secrets.yml - path: rails-secrets/secrets.yml - - secret: - name: {{ template "gitlab.redis.password.secret" . }} - items: - - key: {{ template "gitlab.redis.password.key" . }} - path: redis/password - - secret: - name: {{ template "gitlab.psql.password.secret" . }} - items: - - key: {{ template "gitlab.psql.password.key" . }} - path: postgres/psql-password - - secret: - name: {{ template "gitlab.migrations.initialRootPassword.secret" . }} - items: - - key: {{ template "gitlab.migrations.initialRootPassword.key" . }} - path: migrations/initial_root_password - - name: migrations-secrets - emptyDir: - medium: "Memory" -{{ include "gitlab.certificates.volumes" . | indent 6 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} +{{- if and .Values.enabled (not .Values.global.operator.enabled) }} +{{ include (print $.Template.BasePath "/_jobspec.yaml") . }} {{- end }} diff --git a/charts/gitlab/charts/operator/.helmignore b/charts/gitlab/charts/operator/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..f0c13194444163d1cba5c67d9e79231a62bc8f44 --- /dev/null +++ b/charts/gitlab/charts/operator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/gitlab/charts/operator/Chart.yaml b/charts/gitlab/charts/operator/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f0163c37c7025e08df181b6a2861a1d9f18f0ed2 --- /dev/null +++ b/charts/gitlab/charts/operator/Chart.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +name: operator +version: 0.0.1 +appVersion: master +description: Gitlab operator for managing upgrades +keywords: +- gitlab +- operator +home: https://about.gitlab.com/ +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg +sources: +- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/operator +- https://gitlab.com/gitlab-org/distribution/gitlab-operator +maintainers: +- name: GitLab Inc. + email: support@gitlab.com diff --git a/charts/gitlab/charts/operator/templates/crd-configmap.yaml b/charts/gitlab/charts/operator/templates/crd-configmap.yaml new file mode 100644 index 0000000000000000000000000000000000000000..703d2dadc4f6ac709fc35e19ec14b94f49c7b67a --- /dev/null +++ b/charts/gitlab/charts/operator/templates/crd-configmap.yaml @@ -0,0 +1,170 @@ +{{- if and .Values.global.operator.enabled .Values.install.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }}-crd-installer + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-4" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +data: + crd.yaml: | + apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + controller-tools.k8s.io: "1.0" + name: gitlabs.gitlab.com + spec: + group: gitlab.com + names: + kind: GitLab + plural: gitlabs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + helmRelease: + type: string + migrationsTemplate: + type: object + properties: + configMapName: + type: string + configMapKey: + type: string + required: + - configMapName + - configMapKey + version: + type: string + required: + - version + - migrationsTemplate + - helmRelease + type: object + status: + type: object + version: v1beta1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: {{ template "fullname" . }} + labels: +{{ include "gitlab.standardLabels" $ | indent 8 }} + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + creationTimestamp: null + name: {{ template "fullname" . }} + labels: +{{ include "gitlab.standardLabels" $ | indent 8 }} + rules: + - apiGroups: + - apps + resources: + - deployments + - statefulsets + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - pods + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - batch + resources: + - jobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - gitlab.com + resources: + - gitlabs + verbs: + - "*" + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + creationTimestamp: null + name: {{ template "fullname" . }} + labels: +{{ include "gitlab.standardLabels" $ | indent 8 }} + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "fullname" . }} + subjects: + - kind: ServiceAccount + name: {{ template "fullname" . }} + namespace: {{ .Release.Namespace | quote }} + --- + apiVersion: apps/v1beta2 + kind: Deployment + metadata: + name: {{ template "fullname" . }} + labels: +{{ include "gitlab.standardLabels" . | indent 8 }} + spec: + replicas: 1 + selector: + matchLabels: + component: operator +{{ include "gitlab.standardLabels" . | indent 10 }} + template: + metadata: + labels: + component: operator +{{ include "gitlab.standardLabels" . | indent 12 }} + spec: + serviceAccountName: {{ template "fullname" . }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ coalesce .Values.image.tag (include "gitlab.versionTag" . ) }}" + {{ template "gitlab.imagePullPolicy" . }} + resources: +{{ toYaml .Values.resources | indent 16 }} +{{- end }} diff --git a/charts/gitlab/charts/operator/templates/crd-job.yaml b/charts/gitlab/charts/operator/templates/crd-job.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a7f61e1cef18d415c7b13ef3fe8b1a6ebc828c09 --- /dev/null +++ b/charts/gitlab/charts/operator/templates/crd-job.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.global.operator.enabled .Values.install.enabled }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "fullname" . }}-crd-installer + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-3" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ include "gitlab.standardLabels" $ | indent 8 }} + spec: + serviceAccount: {{ template "fullname" . }}-crd-installer + restartPolicy: Never +{{- include "pullsecrets" $.Values.image | indent 6}} + containers: + - name: kubectl + image: "{{ .Values.install.image.repository }}:{{ .Values.install.image.tag }}" + {{ template "gitlab.imagePullPolicy" . }} + command: + - kubectl + - apply + - -f + - /crd/crd.yaml + volumeMounts: + - name: crd + mountPath: /crd + volumes: + - name: crd + configMap: + name: {{ template "fullname" . }}-crd-installer +{{- end }} diff --git a/charts/gitlab/charts/operator/templates/crd-rbac.yaml b/charts/gitlab/charts/operator/templates/crd-rbac.yaml new file mode 100644 index 0000000000000000000000000000000000000000..3053e0393248da09afccb0271d8e11402a0e876e --- /dev/null +++ b/charts/gitlab/charts/operator/templates/crd-rbac.yaml @@ -0,0 +1,87 @@ +{{- if and .Values.global.operator.enabled .Values.install.enabled }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "fullname" . }}-crd-installer + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-4" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "fullname" . }}-crd-installer + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-4" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" +- apiGroups: + - gitlab.com + resources: + - gitlabs + verbs: + - "*" +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - "*" +- apiGroups: + - "" + resources: + - serviceaccounts + - pods + - configmaps + verbs: + - "*" +- apiGroups: + - apps + resources: + - deployments + - statefulsets + - daemonsets + verbs: + - "*" +- apiGroups: + - batch + resources: + - jobs + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "fullname" . }}-crd-installer + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-4" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "fullname" . }}-crd-installer +subjects: + - kind: ServiceAccount + name: {{ template "fullname" . }}-crd-installer + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/charts/gitlab/charts/operator/templates/gitlab-configmap.yaml b/charts/gitlab/charts/operator/templates/gitlab-configmap.yaml new file mode 100644 index 0000000000000000000000000000000000000000..8abc3fcd2aa54209af2109b401be707d90b7ab66 --- /dev/null +++ b/charts/gitlab/charts/operator/templates/gitlab-configmap.yaml @@ -0,0 +1,30 @@ +{{- if .Values.global.operator.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-2" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +data: + gitlab.yaml: | + apiVersion: gitlab.com/v1beta1 + kind: GitLab + metadata: + labels: + controller-tools.k8s.io: "1.0" + revision: "{{ .Release.Revision }}" +{{ include "gitlab.standardLabels" $ | indent 8 }} + name: gitlab-{{ .Release.Name }} + spec: + version: {{ include "gitlab.operator.gitlabVersion" . | quote }} + helmRelease: {{ .Release.Name }} + migrationsTemplate: + configMapName: {{ .Release.Name }}-migrations-jobspec + configMapKey: template +{{- end }} diff --git a/charts/gitlab/charts/operator/templates/gitlab-job.yaml b/charts/gitlab/charts/operator/templates/gitlab-job.yaml new file mode 100644 index 0000000000000000000000000000000000000000..bc0518e528db3db53e741bebfe2618d434319c90 --- /dev/null +++ b/charts/gitlab/charts/operator/templates/gitlab-job.yaml @@ -0,0 +1,39 @@ +{{- if .Values.global.operator.enabled }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-1" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ include "gitlab.standardLabels" $ | indent 8 }} + spec: + serviceAccount: {{ template "fullname" . }}-set-gitlab + restartPolicy: Never +{{- include "pullsecrets" $.Values.image | indent 6}} + containers: + - name: kubectl + image: "{{ .Values.install.image.repository }}:{{ .Values.install.image.tag }}" + {{ template "gitlab.imagePullPolicy" . }} + command: + - kubectl + - apply + - -f + - /gitlab/gitlab.yaml + volumeMounts: + - name: gitlab + mountPath: /gitlab + volumes: + - name: gitlab + configMap: + name: {{ template "fullname" . }}-set-gitlab +{{- end }} diff --git a/charts/gitlab/charts/operator/templates/gitlab-rbac.yaml b/charts/gitlab/charts/operator/templates/gitlab-rbac.yaml new file mode 100644 index 0000000000000000000000000000000000000000..c1d3be453f3c1a49a9fa1f49a24a8766d7b51b79 --- /dev/null +++ b/charts/gitlab/charts/operator/templates/gitlab-rbac.yaml @@ -0,0 +1,53 @@ +{{- if .Values.global.operator.enabled }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-2" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-2" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +rules: +- apiGroups: + - gitlab.com + resources: + - gitlabs + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" $ | indent 4 }} + annotations: + "helm.sh/hook-weight": "-2" + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "fullname" . }}-set-gitlab +subjects: + - kind: ServiceAccount + name: {{ template "fullname" . }}-set-gitlab + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/charts/gitlab/charts/operator/values.yaml b/charts/gitlab/charts/operator/values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..6672bd446ba8a47f779efb5ade5071184f073924 --- /dev/null +++ b/charts/gitlab/charts/operator/values.yaml @@ -0,0 +1,31 @@ +# Default values for the gitlab operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: registry.gitlab.com/gitlab-org/distribution/gitlab-operator + tag: latest + pullSecrets: [] + pullPolicy: Always + +init: + resources: + requests: + cpu: 50m + memory: 64M + +install: + # Install the operator as well + enabled: true + image: + repository: registry.gitlab.com/gitlab-org/build/cng/kubectl + tag: 1f8690f03f7aeef27e727396927ab3cc96ac89e7 + pullSecrets: [] + #pullPolicy: IfNotPresent + +resources: + # limits: + # cpu: 1 + # memory: 2G + requests: + cpu: 100m + memory: 64M diff --git a/charts/gitlab/charts/sidekiq/templates/deployment.yaml b/charts/gitlab/charts/sidekiq/templates/deployment.yaml index dde1a5f5822a68f4a497afea28fca2e4ff5c63d1..1a25c0fa9596294c26c2ea922ba3b3ba81e7bc16 100644 --- a/charts/gitlab/charts/sidekiq/templates/deployment.yaml +++ b/charts/gitlab/charts/sidekiq/templates/deployment.yaml @@ -116,6 +116,10 @@ spec: value: {{ default $concurrency .concurrency | quote }} - name: SIDEKIQ_TIMEOUT value: {{ default $timeout .timeout | quote }} +{{- if $.Values.global.operator.enabled }} + - name: BYPASS_SCHEMA_VERSION + value: 'true' +{{- end }} volumeMounts: - name: sidekiq-config mountPath: '/var/opt/gitlab/templates' diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index cc7e92766e42880221dfc5c040152f5076fa3578..ec43abd02e3c9d517785176f87763e107745674a 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -6,6 +6,10 @@ metadata: namespace: {{ $.Release.Namespace }} labels: {{ include "gitlab.standardLabels" . | indent 4 }} + {{- if .Values.global.operator.enabled }} + annotations: + gitlab.com/version: {{ include "gitlab.operator.gitlabVersion" . }} + {{- end }} spec: replicas: {{ .Values.replicaCount }} selector: @@ -18,6 +22,9 @@ spec: app: {{ template "name" . }} release: {{ .Release.Name }} annotations: + {{- if .Values.global.operator.enabled }} + gitlab.com/version: {{ include "gitlab.operator.gitlabVersion" . }} + {{- end }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yml") . | sha256sum }} {{- if .Values.metrics.enabled }} {{ toYaml .Values.metrics.annotations | indent 8 }} @@ -85,6 +92,10 @@ spec: value: '/var/opt/gitlab/config/gitlab/' - name: WORKHORSE_ARCHIVE_CACHE_DISABLED value: "1" +{{- if .Values.global.operator.enabled }} + - name: BYPASS_SCHEMA_VERSION + value: 'true' +{{- end }} volumeMounts: - name: unicorn-config mountPath: '/var/opt/gitlab/templates' diff --git a/charts/gitlab/templates/_operator.tpl b/charts/gitlab/templates/_operator.tpl new file mode 100644 index 0000000000000000000000000000000000000000..4d14937b1458b6d68489122db2d01ab8e18062a6 --- /dev/null +++ b/charts/gitlab/templates/_operator.tpl @@ -0,0 +1,8 @@ +{{/* +Return the version used of Gitlab +Defaults to using the information from the chart appVersion field, but can be +overridden using the global.gitlabVersion field in values. +*/}} +{{- define "gitlab.operator.gitlabVersion" -}} +{{- coalesce .Values.global.gitlabVersion .Chart.AppVersion -}} +{{- end -}} diff --git a/charts/shared-secrets/templates/job.yaml b/charts/shared-secrets/templates/job.yaml index e2057d754362add5694ff9cb05605c2435579bb7..a53fe164aaa6d989b1dbc400de73324b87bec8c6 100644 --- a/charts/shared-secrets/templates/job.yaml +++ b/charts/shared-secrets/templates/job.yaml @@ -9,6 +9,9 @@ metadata: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-delete-policy": hook-succeeded spec: + {{- if .Values.global.operator.enabled }} + parallelism: 0 + {{- end }} template: metadata: labels: diff --git a/values.yaml b/values.yaml index 0cada2ac6886ca0047425bc1d16fda2eede25d39..7eda10abe6a7a001f53a432adc18e74f267ea2ce 100644 --- a/values.yaml +++ b/values.yaml @@ -3,6 +3,8 @@ global: # gitlabVersion: master + operator: + enabled: false application: create: false links: [] @@ -245,4 +247,3 @@ gitlab-runner: # enabled: false # gitlab-shell: # enabled: false -