Skip to content

Registry storage configuration: default `delete` enabled

Summary

From discussion following https://gitlab.com/charts/gitlab/issues/785

Even with the changes made in !535 (merged) for #785 (closed), it is possible that deleting repositories will still fail unless users ensure that their storage config includes delete.enabled: true.

The default when using Minio is true. The default within the Omnibus is true. We should align these charts to ensure that a value is present, or add true out of the box.

Steps to reproduce

See this comment: https://gitlab.com/charts/gitlab/issues/785#note_109062819

Current behavior

It is expected that the user provide the following, at the end of their registry storage secret. If not present, deleting a project will fail.

delete:
    enabled: true

Expected behavior

A user can configure a minimal set of driver constraints, specifically the driver (gcs/aws/etc). If the user explicitly sets delete.enabled, we then respect that value.

Versions

  • Chart: master
  • Platform: N/A
  • Kubernetes: N/A
  • Helm: N/A

Suggested approach

The only time we can know for sure if the delete key is present within the storage secret is during the initContainer of the registry pod. My suggestion is to add to the registry's init script.

If we add in a match case for ^delete:\s*\n\s{2,4}enabled:, we should be able to tell if this is present. If it is not present, we can then append to /registry/storage/config prior to indentation.

cc @vaibhav_chug @liangrog @fahr