From a822bd9b5ad962d9b12e08118752c9f62629480c Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Mon, 31 Dec 2018 14:43:26 +0200 Subject: [PATCH 1/6] Move gitlab_shell part of gitlab.yml to a template --- charts/gitlab/charts/sidekiq/templates/configmap.yaml | 5 +---- charts/gitlab/charts/task-runner/templates/configmap.yaml | 6 +----- charts/gitlab/charts/unicorn/templates/configmap.yml | 7 +------ charts/gitlab/templates/_gitlab-shell.tpl | 8 ++++++++ 4 files changed, 11 insertions(+), 15 deletions(-) create mode 100644 charts/gitlab/templates/_gitlab-shell.tpl diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index 59f73cedf6..3082c92a25 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -101,10 +101,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: - path: /home/git/gitlab-shell/ - hooks_path: /home/git/gitlab-shell/hooks/ - upload_pack: true - receive_pack: true +{{ include "gitlab.shellConfig" . | indent 8 }} workhorse: git: bin_path: /usr/bin/git diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index ace328ad2f..fa920daf16 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -56,11 +56,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: - path: /home/git/gitlab-shell/ - hooks_path: /home/git/gitlab-shell/hooks/ - secret_file: /etc/gitlab/shell/.gitlab_shell_secret - upload_pack: true - receive_pack: true +{{ include "gitlab.shellConfig" . | indent 8 }} workhorse: git: bin_path: /usr/bin/git diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 72ce655824..58b25f4c64 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -123,12 +123,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: - path: /home/git/gitlab-shell/ - hooks_path: /home/git/gitlab-shell/hooks/ - secret_file: /etc/gitlab/shell/.gitlab_shell_secret - upload_pack: true - receive_pack: true - ssh_port: {{ include "gitlab.shell.port" . | int }} +{{ include "gitlab.shellConfig" . | indent 8 }} workhorse: secret_file: /etc/gitlab/gitlab-workhorse/secret git: diff --git a/charts/gitlab/templates/_gitlab-shell.tpl b/charts/gitlab/templates/_gitlab-shell.tpl new file mode 100644 index 0000000000..a09afb4f16 --- /dev/null +++ b/charts/gitlab/templates/_gitlab-shell.tpl @@ -0,0 +1,8 @@ +{{- define "gitlab.shellConfig" -}} +path: /home/git/gitlab-shell/ +hooks_path: /home/git/gitlab-shell/hooks/ +secret_file: /etc/gitlab/shell/.gitlab_shell_secret +upload_pack: true +receive_pack: true +ssh_port: {{ include "gitlab.shell.port" . | int }} +{{- end -}} -- GitLab From 1639945d13b93140bf73e6e2325d70b02df6f6c1 Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Mon, 31 Dec 2018 15:23:56 +0200 Subject: [PATCH 2/6] Move rackAttack to templates --- .../charts/sidekiq/templates/configmap.yaml | 7 ++----- .../charts/task-runner/templates/configmap.yaml | 7 ++----- .../charts/unicorn/templates/configmap.yml | 7 ++----- charts/gitlab/templates/_gitlab-shell.tpl | 8 -------- charts/gitlab/templates/_gitlab.yaml.tpl | 17 +++++++++++++++++ 5 files changed, 23 insertions(+), 23 deletions(-) delete mode 100644 charts/gitlab/templates/_gitlab-shell.tpl create mode 100644 charts/gitlab/templates/_gitlab.yaml.tpl diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index 3082c92a25..42de4fb717 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -101,7 +101,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: -{{ include "gitlab.shellConfig" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 8 }} workhorse: git: bin_path: /usr/bin/git @@ -120,10 +120,7 @@ data: {{ toYaml .Values.extra | indent 8 }} {{- end }} rack_attack: - git_basic_auth: - {{- if .Values.rack_attack.git_basic_auth.enabled }} -{{ toYaml .Values.rack_attack.git_basic_auth | indent 10 }} - {{- end }} +{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} configure: | set -e config_dir="/init-secrets" diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index fa920daf16..d414d823b5 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -56,7 +56,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: -{{ include "gitlab.shellConfig" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 8 }} workhorse: git: bin_path: /usr/bin/git @@ -70,10 +70,7 @@ data: {{ toYaml .Values.extra | indent 8 }} {{- end }} rack_attack: - git_basic_auth: - {{- if .Values.rack_attack.git_basic_auth.enabled }} -{{ toYaml .Values.rack_attack.git_basic_auth | indent 10 }} - {{- end }} +{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} configure: | diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 58b25f4c64..f437ed3068 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -123,7 +123,7 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: -{{ include "gitlab.shellConfig" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 8 }} workhorse: secret_file: /etc/gitlab/gitlab-workhorse/secret git: @@ -138,10 +138,7 @@ data: {{ toYaml .Values.extra | indent 8 }} {{- end }} rack_attack: - git_basic_auth: - {{- if .Values.rack_attack.git_basic_auth.enabled }} -{{ toYaml .Values.rack_attack.git_basic_auth | indent 10 }} - {{- end }} +{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} configure: | diff --git a/charts/gitlab/templates/_gitlab-shell.tpl b/charts/gitlab/templates/_gitlab-shell.tpl deleted file mode 100644 index a09afb4f16..0000000000 --- a/charts/gitlab/templates/_gitlab-shell.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "gitlab.shellConfig" -}} -path: /home/git/gitlab-shell/ -hooks_path: /home/git/gitlab-shell/hooks/ -secret_file: /etc/gitlab/shell/.gitlab_shell_secret -upload_pack: true -receive_pack: true -ssh_port: {{ include "gitlab.shell.port" . | int }} -{{- end -}} diff --git a/charts/gitlab/templates/_gitlab.yaml.tpl b/charts/gitlab/templates/_gitlab.yaml.tpl new file mode 100644 index 0000000000..47e6cf9594 --- /dev/null +++ b/charts/gitlab/templates/_gitlab.yaml.tpl @@ -0,0 +1,17 @@ +{{- define "gitlab.configYaml.shell" -}} +path: /home/git/gitlab-shell/ +hooks_path: /home/git/gitlab-shell/hooks/ +secret_file: /etc/gitlab/shell/.gitlab_shell_secret +upload_pack: true +receive_pack: true +ssh_port: {{ include "gitlab.shell.port" . | int }} +{{- end -}} + +{{- define "gitlab.configYaml.rackAttack" . }} +git_basic_auth: + {{- if .Values.rack_attack.git_basic_auth.enabled }} +{{ toYaml .Values.rack_attack.git_basic_auth | indent 2 }} + {{- end }} +## Registry Integration +{{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} +{{- end -}} -- GitLab From b7941e11dff9aacbcb4835bdbe6e2164764882fa Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Mon, 31 Dec 2018 15:48:22 +0200 Subject: [PATCH 3/6] Move extra to templates --- .../charts/sidekiq/templates/configmap.yaml | 4 +- .../task-runner/templates/configmap.yaml | 49 +++++++++++++++---- .../charts/unicorn/templates/configmap.yml | 4 +- charts/gitlab/templates/_gitlab.yaml.tpl | 8 ++- 4 files changed, 48 insertions(+), 17 deletions(-) diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index 42de4fb717..62d90f47c7 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -66,9 +66,7 @@ data: plain_url: {{ .gravatar.plainUrl }} ssl_url: {{ .gravatar.sslUrl }} extra: - google_analytics_id: {{ .extra.googleAnalyticsId | quote }} - piwik_url: {{ .extra.piwikUrl | quote }} - piwik_site_id: {{ .extra.piwikSiteId | quote }} +{{ include "gitlab.configYaml.extra" . | indent 8 }} {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index d414d823b5..0cc43c3722 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -26,27 +26,55 @@ data: gitlab: host: {{ template "gitlab.gitlab.hostname" . }} https: {{ hasPrefix "https://" (include "gitlab.gitlab.url" .) }} + {{- with .Values.global.hosts.ssh }} + ssh_host: {{ . | quote }} + {{- end }} + {{- with .Values.global.appConfig }} + impersonation_enabled: {{ .enableImpersonation }} + usage_ping_enabled: {{ eq .enableUsagePing true }} + default_can_create_group: {{ eq .defaultCanCreateGroup true }} + username_changing_enabled: {{ eq .usernameChangingEnabled true }} + issue_closing_pattern: {{ .issueClosingPattern | quote }} + default_theme: {{ .defaultTheme }} + {{- include "gitlab.appConfig.defaultProjectsFeatures.configuration" $ | nindent 8 }} + webhook_timeout: {{ .webhookTimeout }} + {{- end }} trusted_proxies: {{- if .Values.trusted_proxies }} {{ toYaml .Values.trusted_proxies | indent 10 }} {{- end }} time_zone: {{ .Values.global.time_zone | quote }} - email_from: example@example.com - email_display_name: GitLab - email_reply_to: noreply@example.com - email_subject_suffix: '' - {{- include "gitlab.appConfig.defaultProjectsFeatures.configuration" $ | nindent 8 }} + email_from: {{ template "gitlab.email.from" . }} + email_display_name: {{ .Values.global.email.display_name | quote }} + email_reply_to: {{ template "gitlab.email.reply_to" . }} + email_subject_suffix: {{ .Values.global.email.subject_suffix | quote }} + {{- with .Values.global.appConfig }} + {{- if eq .incomingEmail.enabled true }} incoming_email: - enabled: false - artifacts: - enabled: true + enabled: {{ eq .incomingEmail.enabled true }} + address: {{ .incomingEmail.address | quote }} + {{- end }} + gravatar: + plain_url: {{ .gravatar.plainUrl }} + ssl_url: {{ .gravatar.sslUrl }} + extra: +{{ include "gitlab.configYaml.extra" . | indent 8 }} + {{- end }} + {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} + {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "uploads" "config" $.Values.global.appConfig.uploads "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "packages" "config" $.Values.global.appConfig.packages "context" $) | nindent 6 }} - {{- include "gitlab.appConfig.pseudonymizer.configuration" $ | nindent 6 }} pages: enabled: false + mattermost: + enabled: false + gravatar: + gitlab_ci: {{- include "gitlab.appConfig.ldap.configuration" $ | nindent 6 }} {{- include "gitlab.appConfig.omniauth.configuration" $ | nindent 6 }} + kerberos: + enabled: false + shared: gitaly: client_path: /home/git/gitaly/bin token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" @@ -58,12 +86,13 @@ data: gitlab_shell: {{ include "gitlab.configYaml.shell" . | indent 8 }} workhorse: + secret_file: /etc/gitlab/gitlab-workhorse/secret git: bin_path: /usr/bin/git webpack: monitoring: ip_whitelist: - - 127.0.0.0/8 + - 0.0.0.0/0 sidekiq_exporter: extra: {{- if .Values.extra }} diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index f437ed3068..b999147f46 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -95,9 +95,7 @@ data: plain_url: {{ .gravatar.plainUrl }} ssl_url: {{ .gravatar.sslUrl }} extra: - google_analytics_id: {{ .extra.googleAnalyticsId | quote }} - piwik_url: {{ .extra.piwikUrl | quote }} - piwik_site_id: {{ .extra.piwikSiteId | quote }} +{{ include "gitlab.configYaml.extra" . | indent 8 }} {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} diff --git a/charts/gitlab/templates/_gitlab.yaml.tpl b/charts/gitlab/templates/_gitlab.yaml.tpl index 47e6cf9594..43f0844d2f 100644 --- a/charts/gitlab/templates/_gitlab.yaml.tpl +++ b/charts/gitlab/templates/_gitlab.yaml.tpl @@ -7,7 +7,7 @@ receive_pack: true ssh_port: {{ include "gitlab.shell.port" . | int }} {{- end -}} -{{- define "gitlab.configYaml.rackAttack" . }} +{{- define "gitlab.configYaml.rackAttack" -}} git_basic_auth: {{- if .Values.rack_attack.git_basic_auth.enabled }} {{ toYaml .Values.rack_attack.git_basic_auth | indent 2 }} @@ -15,3 +15,9 @@ git_basic_auth: ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} {{- end -}} + +{{- define "gitlab.configYaml.extra" -}} +google_analytics_id: {{ .extra.googleAnalyticsId | quote }} +piwik_url: {{ .extra.piwikUrl | quote }} +piwik_site_id: {{ .extra.piwikSiteId | quote }} +{{- end -}} -- GitLab From e57ff2aac389a4e44e3bfb30b337b668a4c8a7f7 Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Mon, 31 Dec 2018 19:28:15 +0200 Subject: [PATCH 4/6] Move gitaly and repositories to templates --- charts/gitlab/charts/sidekiq/templates/configmap.yaml | 7 +++---- .../gitlab/charts/task-runner/templates/configmap.yaml | 6 ++---- charts/gitlab/charts/unicorn/templates/configmap.yml | 6 ++---- charts/gitlab/templates/_gitlab.yaml.tpl | 10 ++++++++++ 4 files changed, 17 insertions(+), 12 deletions(-) diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index 62d90f47c7..f7d81caddb 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -91,11 +91,10 @@ data: enabled: false shared: gitaly: - client_path: /home/git/gitaly/bin - token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" + gitaly: +{{ include "gitlab.configYaml.gitaly" . | indent 8 }} repositories: - storages: # You must have at least a `default` storage path. -{{ include "gitlab.gitaly.storages" . | indent 10 }} +{{ include "gitlab.configYaml.repositories" . | indent 8 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index 0cc43c3722..7318448187 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -76,11 +76,9 @@ data: enabled: false shared: gitaly: - client_path: /home/git/gitaly/bin - token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" +{{ include "gitlab.configYaml.gitaly" . | indent 8 }} repositories: - storages: # You must have at least a `default` storage path. -{{ include "gitlab.gitaly.storages" . | indent 10 }} +{{ include "gitlab.configYaml.repositories" . | indent 8 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index b999147f46..8641d7b901 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -113,11 +113,9 @@ data: enabled: false shared: gitaly: - client_path: /home/git/gitaly/bin - token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" +{{ include "gitlab.configYaml.gitaly" . | indent 8 }} repositories: - storages: # You must have at least a `default` storage path. -{{ include "gitlab.gitaly.storages" . | indent 10 }} +{{ include "gitlab.configYaml.repositories" . | indent 8 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) gitlab_shell: diff --git a/charts/gitlab/templates/_gitlab.yaml.tpl b/charts/gitlab/templates/_gitlab.yaml.tpl index 43f0844d2f..88a9b83cc5 100644 --- a/charts/gitlab/templates/_gitlab.yaml.tpl +++ b/charts/gitlab/templates/_gitlab.yaml.tpl @@ -21,3 +21,13 @@ google_analytics_id: {{ .extra.googleAnalyticsId | quote }} piwik_url: {{ .extra.piwikUrl | quote }} piwik_site_id: {{ .extra.piwikSiteId | quote }} {{- end -}} + +{{- define "gitlab.configYaml.gitaly" -}} +client_path: /home/git/gitaly/bin +token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" +{{- end -}} + +{{- define "gitlab.configYaml.repositories" -}} + storages: # You must have at least a `default` storage path. +{{ include "gitlab.gitaly.storages" . | indent 2 }} +{{- end -}} -- GitLab From 3eb1241b65ea0a0d193e03354799f84094b9d8e8 Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Wed, 2 Jan 2019 12:07:48 +0200 Subject: [PATCH 5/6] Move incoming_email to templates --- .../charts/sidekiq/templates/configmap.yaml | 18 ++----- .../task-runner/templates/configmap.yaml | 19 +++----- .../charts/unicorn/templates/configmap.yml | 19 +++----- charts/gitlab/templates/_gitlab.yaml.tpl | 47 +++++++++++-------- 4 files changed, 45 insertions(+), 58 deletions(-) diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index f7d81caddb..c34968fc15 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -58,15 +58,12 @@ data: email_subject_suffix: {{ .Values.global.email.subject_suffix | quote }} {{- with .Values.global.appConfig }} {{- if eq .incomingEmail.enabled true }} - incoming_email: - enabled: {{ eq .incomingEmail.enabled true }} - address: {{ .incomingEmail.address | quote }} +{{ include "gitlab.configYaml.incoming_email" . | indent 6 }} {{- end }} gravatar: plain_url: {{ .gravatar.plainUrl }} ssl_url: {{ .gravatar.sslUrl }} - extra: -{{ include "gitlab.configYaml.extra" . | indent 8 }} +{{ include "gitlab.configYaml.extra" . | indent 6 }} {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} @@ -90,15 +87,11 @@ data: kerberos: enabled: false shared: - gitaly: - gitaly: -{{ include "gitlab.configYaml.gitaly" . | indent 8 }} - repositories: -{{ include "gitlab.configYaml.repositories" . | indent 8 }} +{{ include "gitlab.configYaml.gitaly" . | indent 6 }} +{{ include "gitlab.configYaml.repositories" . | indent 6 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - gitlab_shell: -{{ include "gitlab.configYaml.shell" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 6 }} workhorse: git: bin_path: /usr/bin/git @@ -116,7 +109,6 @@ data: {{- if .Values.extra }} {{ toYaml .Values.extra | indent 8 }} {{- end }} - rack_attack: {{ include "gitlab.configYaml.rackAttack" . | indent 8 }} configure: | set -e diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index 7318448187..4164ffaed9 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -50,15 +50,12 @@ data: email_subject_suffix: {{ .Values.global.email.subject_suffix | quote }} {{- with .Values.global.appConfig }} {{- if eq .incomingEmail.enabled true }} - incoming_email: - enabled: {{ eq .incomingEmail.enabled true }} - address: {{ .incomingEmail.address | quote }} +{{ include "gitlab.configYaml.incoming_email" . | indent 6 }} {{- end }} gravatar: plain_url: {{ .gravatar.plainUrl }} ssl_url: {{ .gravatar.sslUrl }} - extra: -{{ include "gitlab.configYaml.extra" . | indent 8 }} +{{ include "gitlab.configYaml.extra" . | indent 6 }} {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} @@ -75,14 +72,11 @@ data: kerberos: enabled: false shared: - gitaly: -{{ include "gitlab.configYaml.gitaly" . | indent 8 }} - repositories: -{{ include "gitlab.configYaml.repositories" . | indent 8 }} +{{ include "gitlab.configYaml.gitaly" . | indent 6 }} +{{ include "gitlab.configYaml.repositories" . | indent 6 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - gitlab_shell: -{{ include "gitlab.configYaml.shell" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 6 }} workhorse: secret_file: /etc/gitlab/gitlab-workhorse/secret git: @@ -96,8 +90,7 @@ data: {{- if .Values.extra }} {{ toYaml .Values.extra | indent 8 }} {{- end }} - rack_attack: -{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} +{{ include "gitlab.configYaml.rackAttack" . | indent 6 }} ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} configure: | diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 8641d7b901..03b370f7a3 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -87,15 +87,12 @@ data: email_subject_suffix: {{ .Values.global.email.subject_suffix | quote }} {{- with .Values.global.appConfig }} {{- if eq .incomingEmail.enabled true }} - incoming_email: - enabled: {{ eq .incomingEmail.enabled true }} - address: {{ .incomingEmail.address | quote }} +{{ include "gitlab.configYaml.incoming_email" . | indent 6 }} {{- end }} gravatar: plain_url: {{ .gravatar.plainUrl }} ssl_url: {{ .gravatar.sslUrl }} - extra: -{{ include "gitlab.configYaml.extra" . | indent 8 }} +{{ include "gitlab.configYaml.extra" . | indent 6 }} {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} @@ -112,14 +109,11 @@ data: kerberos: enabled: false shared: - gitaly: -{{ include "gitlab.configYaml.gitaly" . | indent 8 }} - repositories: -{{ include "gitlab.configYaml.repositories" . | indent 8 }} +{{ include "gitlab.configYaml.gitaly" . | indent 6 }} +{{ include "gitlab.configYaml.repositories" . | indent 6 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - gitlab_shell: -{{ include "gitlab.configYaml.shell" . | indent 8 }} +{{ include "gitlab.configYaml.shell" . | indent 6 }} workhorse: secret_file: /etc/gitlab/gitlab-workhorse/secret git: @@ -133,8 +127,7 @@ data: {{- if .Values.extra }} {{ toYaml .Values.extra | indent 8 }} {{- end }} - rack_attack: -{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} +{{ include "gitlab.configYaml.rackAttack" . | indent 6 }} ## Registry Integration {{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} configure: | diff --git a/charts/gitlab/templates/_gitlab.yaml.tpl b/charts/gitlab/templates/_gitlab.yaml.tpl index 88a9b83cc5..22f38c8f14 100644 --- a/charts/gitlab/templates/_gitlab.yaml.tpl +++ b/charts/gitlab/templates/_gitlab.yaml.tpl @@ -1,33 +1,42 @@ {{- define "gitlab.configYaml.shell" -}} -path: /home/git/gitlab-shell/ -hooks_path: /home/git/gitlab-shell/hooks/ -secret_file: /etc/gitlab/shell/.gitlab_shell_secret -upload_pack: true -receive_pack: true -ssh_port: {{ include "gitlab.shell.port" . | int }} +gitlab_shell: + path: /home/git/gitlab-shell/ + hooks_path: /home/git/gitlab-shell/hooks/ + secret_file: /etc/gitlab/shell/.gitlab_shell_secret + upload_pack: true + receive_pack: true + ssh_port: {{ include "gitlab.shell.port" . | int }} {{- end -}} {{- define "gitlab.configYaml.rackAttack" -}} -git_basic_auth: - {{- if .Values.rack_attack.git_basic_auth.enabled }} -{{ toYaml .Values.rack_attack.git_basic_auth | indent 2 }} - {{- end }} -## Registry Integration -{{- include "gitlab.appConfig.registry.configuration" $ | nindent 6 }} +rack_attack: + git_basic_auth: + {{- if .Values.rack_attack.git_basic_auth.enabled }} + {{ toYaml .Values.rack_attack.git_basic_auth | indent 2 }} + {{- end }} {{- end -}} {{- define "gitlab.configYaml.extra" -}} -google_analytics_id: {{ .extra.googleAnalyticsId | quote }} -piwik_url: {{ .extra.piwikUrl | quote }} -piwik_site_id: {{ .extra.piwikSiteId | quote }} +extra: + google_analytics_id: {{ .extra.googleAnalyticsId | quote }} + piwik_url: {{ .extra.piwikUrl | quote }} + piwik_site_id: {{ .extra.piwikSiteId | quote }} {{- end -}} {{- define "gitlab.configYaml.gitaly" -}} -client_path: /home/git/gitaly/bin -token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" +gitaly: + client_path: /home/git/gitaly/bin + token: "<%= File.read('/etc/gitlab/gitaly/gitaly_token') %>" {{- end -}} {{- define "gitlab.configYaml.repositories" -}} - storages: # You must have at least a `default` storage path. -{{ include "gitlab.gitaly.storages" . | indent 2 }} +repositories: + storages: # You must have at least a `default` storage path. + {{ include "gitlab.gitaly.storages" . | indent 2 }} +{{- end -}} + +{{- define "gitlab.configYaml.incoming_email" -}} +incoming_email: + enabled: {{ eq .incomingEmail.enabled true }} + address: {{ .incomingEmail.address | quote }} {{- end -}} -- GitLab From 83a07da19620a3f7680078d7fc378d906aa1ee50 Mon Sep 17 00:00:00 2001 From: Ahmad Hassan Date: Wed, 2 Jan 2019 14:31:00 +0200 Subject: [PATCH 6/6] Fix indentation bug --- .../charts/sidekiq/templates/configmap.yaml | 2 +- .../task-runner/templates/configmap.yaml | 37 ++++--------------- .../charts/unicorn/templates/configmap.yml | 2 + charts/gitlab/templates/_gitlab.yaml.tpl | 12 ++++-- 4 files changed, 19 insertions(+), 34 deletions(-) diff --git a/charts/gitlab/charts/sidekiq/templates/configmap.yaml b/charts/gitlab/charts/sidekiq/templates/configmap.yaml index c34968fc15..6d37d1400e 100644 --- a/charts/gitlab/charts/sidekiq/templates/configmap.yaml +++ b/charts/gitlab/charts/sidekiq/templates/configmap.yaml @@ -109,7 +109,7 @@ data: {{- if .Values.extra }} {{ toYaml .Values.extra | indent 8 }} {{- end }} -{{ include "gitlab.configYaml.rackAttack" . | indent 8 }} +{{ include "gitlab.configYaml.rackAttack" . | indent 6 }} configure: | set -e config_dir="/init-secrets" diff --git a/charts/gitlab/charts/task-runner/templates/configmap.yaml b/charts/gitlab/charts/task-runner/templates/configmap.yaml index 4164ffaed9..9d1825f058 100644 --- a/charts/gitlab/charts/task-runner/templates/configmap.yaml +++ b/charts/gitlab/charts/task-runner/templates/configmap.yaml @@ -26,19 +26,6 @@ data: gitlab: host: {{ template "gitlab.gitlab.hostname" . }} https: {{ hasPrefix "https://" (include "gitlab.gitlab.url" .) }} - {{- with .Values.global.hosts.ssh }} - ssh_host: {{ . | quote }} - {{- end }} - {{- with .Values.global.appConfig }} - impersonation_enabled: {{ .enableImpersonation }} - usage_ping_enabled: {{ eq .enableUsagePing true }} - default_can_create_group: {{ eq .defaultCanCreateGroup true }} - username_changing_enabled: {{ eq .usernameChangingEnabled true }} - issue_closing_pattern: {{ .issueClosingPattern | quote }} - default_theme: {{ .defaultTheme }} - {{- include "gitlab.appConfig.defaultProjectsFeatures.configuration" $ | nindent 8 }} - webhook_timeout: {{ .webhookTimeout }} - {{- end }} trusted_proxies: {{- if .Values.trusted_proxies }} {{ toYaml .Values.trusted_proxies | indent 10 }} @@ -48,43 +35,33 @@ data: email_display_name: {{ .Values.global.email.display_name | quote }} email_reply_to: {{ template "gitlab.email.reply_to" . }} email_subject_suffix: {{ .Values.global.email.subject_suffix | quote }} - {{- with .Values.global.appConfig }} - {{- if eq .incomingEmail.enabled true }} -{{ include "gitlab.configYaml.incoming_email" . | indent 6 }} - {{- end }} - gravatar: - plain_url: {{ .gravatar.plainUrl }} - ssl_url: {{ .gravatar.sslUrl }} + incoming_email: + enabled: false + {{- with .Values.global.appConfig }} {{ include "gitlab.configYaml.extra" . | indent 6 }} - {{- end }} + {{- end }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "artifacts" "config" $.Values.global.appConfig.artifacts "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "lfs" "config" $.Values.global.appConfig.lfs "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "uploads" "config" $.Values.global.appConfig.uploads "context" $) | nindent 6 }} {{- include "gitlab.appConfig.objectStorage.configuration" (dict "name" "packages" "config" $.Values.global.appConfig.packages "context" $) | nindent 6 }} + {{- include "gitlab.appConfig.pseudonymizer.configuration" $ | nindent 6 }} pages: enabled: false - mattermost: - enabled: false - gravatar: - gitlab_ci: {{- include "gitlab.appConfig.ldap.configuration" $ | nindent 6 }} {{- include "gitlab.appConfig.omniauth.configuration" $ | nindent 6 }} - kerberos: - enabled: false - shared: {{ include "gitlab.configYaml.gitaly" . | indent 6 }} {{ include "gitlab.configYaml.repositories" . | indent 6 }} backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) {{ include "gitlab.configYaml.shell" . | indent 6 }} +{{ include "gitlab.configYaml.shell.secret_file" . | indent 8 }} workhorse: - secret_file: /etc/gitlab/gitlab-workhorse/secret git: bin_path: /usr/bin/git webpack: monitoring: ip_whitelist: - - 0.0.0.0/0 + - 127.0.0.0/8 sidekiq_exporter: extra: {{- if .Values.extra }} diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 03b370f7a3..17d76dd54f 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -114,6 +114,8 @@ data: backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) {{ include "gitlab.configYaml.shell" . | indent 6 }} +{{ include "gitlab.configYaml.shell.ssh_port" . | indent 8 }} +{{ include "gitlab.configYaml.shell.secret_file" . | indent 8 }} workhorse: secret_file: /etc/gitlab/gitlab-workhorse/secret git: diff --git a/charts/gitlab/templates/_gitlab.yaml.tpl b/charts/gitlab/templates/_gitlab.yaml.tpl index 22f38c8f14..6e0182678d 100644 --- a/charts/gitlab/templates/_gitlab.yaml.tpl +++ b/charts/gitlab/templates/_gitlab.yaml.tpl @@ -2,10 +2,16 @@ gitlab_shell: path: /home/git/gitlab-shell/ hooks_path: /home/git/gitlab-shell/hooks/ - secret_file: /etc/gitlab/shell/.gitlab_shell_secret upload_pack: true receive_pack: true - ssh_port: {{ include "gitlab.shell.port" . | int }} +{{- end -}} + +{{- define "gitlab.configYaml.shell.ssh_port" -}} +ssh_port: {{ include "gitlab.shell.port" . | int }} +{{- end -}} + +{{- define "gitlab.configYaml.shell.secret_file" -}} +secret_file: /etc/gitlab/shell/.gitlab_shell_secret {{- end -}} {{- define "gitlab.configYaml.rackAttack" -}} @@ -32,7 +38,7 @@ gitaly: {{- define "gitlab.configYaml.repositories" -}} repositories: storages: # You must have at least a `default` storage path. - {{ include "gitlab.gitaly.storages" . | indent 2 }} +{{ include "gitlab.gitaly.storages" . | indent 4 }} {{- end -}} {{- define "gitlab.configYaml.incoming_email" -}} -- GitLab