Add service accounts for Google Cloud Profiler
Details
- Point of contact for this request:
@alipniagov
@rzwambag
- If a call is needed, what is the proposed date and time of the call: -
SRE Support Needed
- We work on enabling Google Cloud Profiler for our GitLab Rails app.
- To create, update, and list profiles, we need a service account according to https://github.com/googleapis/google-cloud-ruby/blob/main/google-cloud-profiler-v2/AUTHENTICATION.md#environment-variables
- Permissions needed: https://cloud.google.com/profiler/docs/iam
- We are going to test it on
staging
first, so we need a service account forgitlab-staging
(which ID isgitlab-staging-1
?). - After the service account is created, we need to set an ENV variable with the path to the service account credentials JSON file. We could name
GITLAB_GOOGLE_CLOUD_PROFILER_KEY_PATH
or something in the line with it. (Please note thatGITLAB_GCP_KEY_PATH
is taken by our diagnostic reports uploader, so please avoid it). This ENV var and file should be accessible from the GitLab Rails app.