Add support for Google Cloud Storage in gitlab-task-runner
Summary
The task runner currently uses s3cmd to make and restore backups. This means that users that want to leverage Google Cloud Storage (GCS) can only use interoperability mode to authenticate which ties authentication to a human user rather than a service account causing much greater access than needed for the task runner.
I'd like to implement native support for GCS in the task runner.
The following is the approach I would take, feedback appreciated:
- Add gsutil to the task-runner Docker image
- Add logic to the task-runner scripts and library to use gsutil instead of s3cmd when appropriate
- Add the flag
gitlab.task-runner.backups.objectStorage.backendType
to the chart which defaults tos3
but can be set togcs
Steps to reproduce
Setup an s3cfg with GCS interop keys for task-runner to use.
Current behavior
S3cmd is used to upload and download backup files with interop keys.
Expected behavior
gsutil is used to upload and download backup files with service account credentials.
Versions
- Chart: master
- Platform:
- Cloud: GKE
- Kubernetes: (
kubectl version
)- Client: 1.11.x
- Server: 1.11.x
- Helm: (
helm version
)- Client: 2.12.x
- Server: 2.12.x