GitLab KAS breaks cron backups
Summary
Enabling the GitLab Kubernetes Agent Server breaks cron
backups.
Steps to reproduce
-
Enable both GitLab Kubernetes Agent Server and
cron
backups. -
cron
backup fails withtask-runner-backup Errno::ENOENT: No such file or directory @ rb_sysopen - /etc/gitlab/kas/.gitlab_kas_secret
from thetask-runner-backup
pod.
Configuration used
global:
hosts:
domain: example.com
kas:
enabled: true
gitlab:
task-runner:
backups:
cron:
enabled: true
schedule: "0 * * * *"
Current behavior
The backups fail from the task-runner-backup
pod with task-runner-backup Errno::ENOENT: No such file or directory @ rb_sysopen - /etc/gitlab/kas/.gitlab_kas_secret
. Running the backup from the task-runner
pod directly works.
We see /etc/gitlab/kas/.gitlab_kas_secret
created on the task-runner
pod when using global.kas.enabled=true
. However, we do not see /etc/gitlab/kas/.gitlab_kas_secret
does not exist on the task-runner-backup
pod.
Expected behavior
The /etc/gitlab/kas/.gitlab_kas_secret
should be created on the task-runner-backup
pod when using global.kas.enabled=true
to allow backups to succeed.
Versions
I reproduced this on:
- Chart: 4.7.4
- Platform:
- Cloud: GKE
Customer:
- Chart: 4.7.3
- Platform:
- Cloud: EKS
Customer ticket: https://gitlab-federal-support.zendesk.com/agent/tickets/509 (internal use)