Skip to content

Registry: Add middleware.storage config ability

Jason Plum requested to merge 3057-registry-middleware-storage into master

What does this MR do?

Add the ability to configure the middleware.storage block of registry configuration.

  • Implements walk of List.
  • Template privatekey: from privatekeySecret & index in List.
  • Does not validate any keys presence or required formats.
  • Does not validate driver names.

TODO: Documentation

Related Issues

Related to gitlab-org/omnibus-gitlab!5807 (merged)

Related to https://gitlab.com/gitlab-org/container-registry/-/issues/535

Closes #3057 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

  • Merge Request Title and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Tests added
  • Integration tests added to GitLab QA
  • Equivalent MR/issue for omnibus-gitlab opened

Testing

  1. Create sample values file (myvalues.yaml):
registry:
  middleware:
    storage:
    - name: cloudfront
      options:
        baseurl: cdn.registry.example.com
        privatekeySecret:
          secret: cdn-private-key
          key: private.pem
        keypairid: GIBBERISH
certmanager-issuer:
  email: test@example.com
global: {}
gitlab:
  migrations:
    networkpolicy:
      enabled: true
    serviceAccount:
      enabled: true
      create: true
  1. generate k8s manifest:
helm template -f myvalues.yaml test . > gitlab.yaml
  1. locate ConfigMap for test-registry in gitlab.yaml:
yq eval '. | select(.metadata.name == "test-registry" and .kind == "ConfigMap" ) | .data["config.yml"] ' gitlab.yaml \
  | yq eval '.middleware' -

and confirm presence of block:

storage:
  - name: cloudfront
    options:
      baseurl: cdn.registry.example.com
      keypairid: GIBBERISH
      privatekey: /etc/docker/registry/middleware.storage/0/private.pem
  1. run rspec tests:
docker run --rm -it -v $(pwd):/src -w /src \
  registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.7.patched-golang-1.14-git-2.31-lfs-2.9-chrome-89-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
./scripts/ci/install_spec_dependencies
bundle exec rspec -c -f d spec/configuration/middleware_spec.rb
Edited by Dmytro Makovey

Merge request reports