Skip to content

G
gitlab-ce
Commit 8baad3c7 authored by Rémy Coutable's avatar Rémy Coutable
Browse files
Options

Merge branch 'alberts-sync-review-apps-tls' into 'master' 

Sync review app TLS to namespaces

See merge request gitlab-org/gitlab!63721
parents 6e24c5d2 14c8036e
Show whitespace changes
Inline Side-by-side
Showing with 12 additions and 5 deletions
scripts/review_apps/base-config.yaml
View file @ 8baad3c7
...@@ -5,9 +5,9 @@ global: ...@@ -5,9 +5,9 @@ global:
ingress: ingress:
annotations: annotations:
external-dns.alpha.kubernetes.io/ttl: 10 external-dns.alpha.kubernetes.io/ttl: 10
cert-manager.io/cluster-issuer: review-apps-route53-dns01-wildcard-cluster-issuer
kubernetes.io/tls-acme: true
configureCertmanager: false configureCertmanager: false
tls:
secretName: review-apps-tls
initialRootPassword: initialRootPassword:
secret: shared-gitlab-initial-root-password secret: shared-gitlab-initial-root-password
certmanager: certmanager:
......
scripts/review_apps/review-apps.sh
View file @ 8baad3c7
...@@ -161,6 +161,15 @@ function ensure_namespace() { ...@@ -161,6 +161,15 @@ function ensure_namespace() {
kubectl describe namespace "${namespace}" || kubectl create namespace "${namespace}" kubectl describe namespace "${namespace}" || kubectl create namespace "${namespace}"
} }
function label_namespace() {
local namespace="${1}"
local label="${2}"
echoinfo "Labeling the ${namespace} namespace with ${label}" true
kubectl label namespace "${namespace}" "${label}"
}
function install_external_dns() { function install_external_dns() {
local namespace="${KUBE_NAMESPACE}" local namespace="${KUBE_NAMESPACE}"
local release="dns-gitlab-review-app-helm3" local release="dns-gitlab-review-app-helm3"
...@@ -302,6 +311,7 @@ function deploy() { ...@@ -302,6 +311,7 @@ function deploy() {
gitlab_workhorse_image_repository="${IMAGE_REPOSITORY}/gitlab-workhorse-ee" gitlab_workhorse_image_repository="${IMAGE_REPOSITORY}/gitlab-workhorse-ee"
ensure_namespace "${namespace}" ensure_namespace "${namespace}"
label_namespace "${namespace}" "tls=review-apps-tls" # label namespace for kubed to sync tls
create_application_secret create_application_secret
...@@ -319,9 +329,6 @@ HELM_CMD=$(cat << EOF ...@@ -319,9 +329,6 @@ HELM_CMD=$(cat << EOF
--set releaseOverride="${release}" \ --set releaseOverride="${release}" \
--set global.hosts.hostSuffix="${HOST_SUFFIX}" \ --set global.hosts.hostSuffix="${HOST_SUFFIX}" \
--set global.hosts.domain="${REVIEW_APPS_DOMAIN}" \ --set global.hosts.domain="${REVIEW_APPS_DOMAIN}" \
--set gitlab.webservice.ingress.tls.secretName="${release}-gitlab-tls" \
--set registry.ingress.tls.secretName="${release}-registry-tls" \
--set minio.ingress.tls.secretName="${release}-minio-tls" \
--set gitlab.migrations.image.repository="${gitlab_migrations_image_repository}" \ --set gitlab.migrations.image.repository="${gitlab_migrations_image_repository}" \
--set gitlab.migrations.image.tag="${CI_COMMIT_REF_SLUG}" \ --set gitlab.migrations.image.tag="${CI_COMMIT_REF_SLUG}" \
--set gitlab.gitaly.image.repository="${gitlab_gitaly_image_repository}" \ --set gitlab.gitaly.image.repository="${gitlab_gitaly_image_repository}" \
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7