From 3981312ae65e314c88b38e128b0b5268cbda0126 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Cunha?= Date: Mon, 11 Apr 2022 15:39:27 -0300 Subject: [PATCH] Enable KAS by default - sets global.kas.enabled to true - updates docs - fix specs for kas --- charts/gitlab/charts/kas/values.yaml | 2 +- doc/charts/gitlab/kas/index.md | 14 ++++++-------- scripts/ci/autodevops.sh | 11 +---------- spec/configuration/certificates_spec.rb | 1 + spec/configuration/kas_spec.rb | 11 ++++++----- spec/fixtures/local-image-config.yaml | 5 +++++ values.yaml | 2 +- 7 files changed, 21 insertions(+), 25 deletions(-) diff --git a/charts/gitlab/charts/kas/values.yaml b/charts/gitlab/charts/kas/values.yaml index fc3fc32d45..7de8237c7d 100644 --- a/charts/gitlab/charts/kas/values.yaml +++ b/charts/gitlab/charts/kas/values.yaml @@ -6,7 +6,7 @@ annotations: {} global: ingress: {} kas: - enabled: false + enabled: true redis: # host: '0.0.0.0' password: {} diff --git a/doc/charts/gitlab/kas/index.md b/doc/charts/gitlab/kas/index.md index 5f1c20f742..ed6bb3ca3f 100644 --- a/doc/charts/gitlab/kas/index.md +++ b/doc/charts/gitlab/kas/index.md @@ -26,15 +26,15 @@ The route to access the service depends on your [Ingress configuration](#specify For more information, see the [GitLab agent for Kubernetes architecture](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md). -## Enable the agent server +## Disable the agent server -The GitLab agent server (`kas`) is disabled by default. -To enable it on your GitLab instance, set the Helm property `global.kas.enabled` to `true`. +The GitLab agent server (`kas`) is enabled by default. +To disable it on your GitLab instance, set the Helm property `global.kas.enabled` to `false`. For example: ```shell -helm upgrade --install kas --set global.kas.enabled=true +helm upgrade --install kas --set global.kas.enabled=false ``` ### Specify an Ingress @@ -113,16 +113,14 @@ To install the chart: 1. Create your own Kubernetes cluster. 1. Check out the merge request's working branch. -1. Install (or upgrade) GitLab with `kas` enabled from your local chart branch, - using `--set global.kas.enabled=true`, for example: +1. Install (or upgrade) GitLab with `kas` enabled by default from your local chart branch: ```shell helm upgrade --force --install gitlab . \ --timeout 600s \ --set global.hosts.domain=your.domain.com \ --set global.hosts.externalIP=XYZ.XYZ.XYZ.XYZ \ - --set certmanager-issuer.email=your@email.com \ - --set global.kas.enabled=true + --set certmanager-issuer.email=your@email.com ``` 1. Use the GDK to run the process to configure and use the diff --git a/scripts/ci/autodevops.sh b/scripts/ci/autodevops.sh index 4f22c9567e..c7b2580fbd 100644 --- a/scripts/ci/autodevops.sh +++ b/scripts/ci/autodevops.sh @@ -43,12 +43,6 @@ function previousDeployFailed() { } function deploy() { - # Enable / disable KAS based on environment - local enable_kas=() - if [[ -n "$KAS_ENABLED" ]]; then - enable_kas=("--set" "global.kas.enabled=true") - fi - # Use the gitlab version from the environment or use stable images when on the stable branch gitlab_app_version=$(grep 'appVersion:' Chart.yaml | awk '{ print $2}') if [[ -n "${GITLAB_VERSION}" ]]; then @@ -166,7 +160,6 @@ CIYAML --set prometheus.install=$PROMETHEUS_INSTALL \ --set prometheus.server.retention="4d" \ --set global.gitlab.license.secret="$RELEASE_NAME-gitlab-license" \ - "${enable_kas[@]}" \ --namespace="$NAMESPACE" \ "${gitlab_version_args[@]}" \ --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ @@ -209,9 +202,7 @@ function wait_for_deploy { sleep 5; done - if [[ -n "$KAS_ENABLED" ]]; then - check_kas_status - fi + check_kas_status echo "" } diff --git a/spec/configuration/certificates_spec.rb b/spec/configuration/certificates_spec.rb index f93c51a14b..2fabde33a6 100644 --- a/spec/configuration/certificates_spec.rb +++ b/spec/configuration/certificates_spec.rb @@ -9,6 +9,7 @@ describe 'Certificates configuration' do [ 'minio', 'nginx', 'postgresql', 'redis', 'gitlab-runner', + 'test-kas', # cert-manager Pods (2) 'cainjector', 'cert-manager', 'certmanager', diff --git a/spec/configuration/kas_spec.rb b/spec/configuration/kas_spec.rb index 660fc7a30d..4c95d0df2b 100644 --- a/spec/configuration/kas_spec.rb +++ b/spec/configuration/kas_spec.rb @@ -20,11 +20,8 @@ describe 'kas configuration' do YAML.safe_load(%( gitlab: kas: - enabled: true customConfig: #{custom_config.to_json} global: - kas: - enabled: true image: pullPolicy: Always appConfig: @@ -40,9 +37,13 @@ describe 'kas configuration' do %w[Deployment ConfigMap Ingress Service HorizontalPodAutoscaler PodDisruptionBudget] end - describe 'kas is disabled by default' do + context 'when kas is disabled' do + let(:disable_kas) do + { 'global' => { 'kas' => { 'enabled' => false } } } + end + it 'does not create any kas related resource' do - template = HelmTemplate.new(default_values) + template = HelmTemplate.new(default_values.merge!(disable_kas)) required_resources.each do |resource| resource_name = "#{resource}/test-kas" diff --git a/spec/fixtures/local-image-config.yaml b/spec/fixtures/local-image-config.yaml index 3e7869bd2c..196e8b171c 100644 --- a/spec/fixtures/local-image-config.yaml +++ b/spec/fixtures/local-image-config.yaml @@ -76,6 +76,11 @@ gitlab: init: image: pullPolicy: Never-init + kas: + image: + pullPolicy: pp-kas + pullSecrets: + - name: ps-kas mailroom: image: pullPolicy: pp-mailroom diff --git a/values.yaml b/values.yaml index 349d0eabaf..5361b18a15 100644 --- a/values.yaml +++ b/values.yaml @@ -491,7 +491,7 @@ global: ## https://docs.gitlab.com/charts/charts/gitlab/kas/ kas: - enabled: false + enabled: true service: apiExternalPort: 8153 # port for connections from the GitLab backend -- GitLab