Skip to content

Force copy files in `configure` initContainer

Mitchell Nielsen requested to merge 3227-sidekiq-initcontainer into master

What does this MR do?

Force copy files in `configure` initContainer

Force copies the files in the shared 'configure' initContainer's script
to ensure the command does not fail in case the files still exist
in the volume when created from the previous container.

Closes https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3227

Changelog: fixed

From the suggestion in #3227 (comment 918273163), I started with the less invasive approach of adding -f to cp (avoiding rm -rf if at all possible). This solution seems to work, so that's what is proposed in this MR.

Related issues

Closes #1310 (closed)

Testing

# ./mr.yaml
# configure lower Sidekiq memory limits to initiate Pod restarts
gitlab:
  sidekiq:
    memoryKiller:
      maxRss: 10000  # default is 2000000
      hardLimitRss: 20000  # default is none
  1. Install the Helm chart from this branch with the values above.
  2. Watch the logs from the Sidekiq Pod: stern -n gitlab -lapp=sidekiq
  3. Ensure that there are no failures in the configure initContainer: kubectl -n gitlab logs <container name> -c configure
$ kubectl logs -n gitlab gitlab-sidekiq-all-in-1-v2-686b49f7c6-zt4jf -c configure
'/init-config/gitaly/./gitaly_token' -> '/init-secrets/gitaly/./gitaly_token'
'/init-config/gitaly/.' -> '/init-secrets/gitaly/.'
'/init-config/registry/./notificationSecret' -> '/init-secrets/registry/./notificationSecret'
'/init-config/registry/./gitlab-registry.key' -> '/init-secrets/registry/./gitlab-registry.key'
'/init-config/registry/.' -> '/init-secrets/registry/.'
'/init-config/rails-secrets/./secrets.yml' -> '/init-secrets/rails-secrets/./secrets.yml'
'/init-config/rails-secrets/.' -> '/init-secrets/rails-secrets/.'
'/init-config/redis/./redis-password' -> '/init-secrets/redis/./redis-password'
'/init-config/redis/.' -> '/init-secrets/redis/.'
'/init-config/minio/./secretkey' -> '/init-secrets/minio/./secretkey'
'/init-config/minio/./accesskey' -> '/init-secrets/minio/./accesskey'
'/init-config/minio/.' -> '/init-secrets/minio/.'
'/init-config/postgres/./psql-password-main' -> '/init-secrets/postgres/./psql-password-main'
'/init-config/postgres/.' -> '/init-secrets/postgres/.'
'/init-config/kas/./.gitlab_kas_secret' -> '/init-secrets/kas/./.gitlab_kas_secret'
'/init-config/kas/.' -> '/init-secrets/kas/.'
'/init-config/suggested_reviewers/./.gitlab_suggested_reviewers_secret' -> '/init-secrets/suggested_reviewers/./.gitlab_suggested_reviewers_secret'
'/init-config/suggested_reviewers/.' -> '/init-secrets/suggested_reviewers/.'

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

  • Merge Request Title and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com
  • When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • [ ] Documentation created/updated (internal tooling-related change)
  • [ ] Tests added (this requires manual testing as far as I can tell)
  • [ ] Integration tests added to GitLab QA (internal tooling-related change)
  • [ ] Equivalent MR/issue for omnibus-gitlab opened (internal tooling-related change specific to Charts)
  • [ ] Validate potential values for new configuration settings. Formats such as integer 10, duration 10s, URI scheme://user:passwd@host:port may require quotation or other special handling when rendered in a template and written to a configuration file.
Edited by Mitchell Nielsen

Merge request reports