Change ciSecureFiles to type-specific storage form
What does this MR do?
Change ciSecureFiles to type-specific storage form
ciSecureFiles currently does not support consolidated storage form
This allows it to be used in a type-specific manner
Changelog: fixed Signed-off-by: Jason Young jyoung@gitlab.com
Related issues
Partially addresses #4789 (closed)
Test Plan
The simplest test for this is to specify:
global:
appConfig:
object_store:
enabled: true
proxy_download: true
connection:
secret: gitlab-rails-storage
key: connection
ciSecureFiles:
enabled: true
bucket: your-gitlab-ci-secure-files
connection:
secret: gitlab-cisecurefiles-storage
key: connection
artifacts:
bucket: jayo-gitlab-artifacts
lfs:
bucket: your-gitlab-lfs
packages:
bucket: your-gitlab-packages
uploads:
bucket: your-gitlab-uploads
minio:
enabled: false
template it out, and observe that the gitlab.yml.erb
data section in the sidekiq, toolbox, and webservice configmaps has a connection specification itself, and is not listed in object_store.objects
.
I have tested this with GCS-based external object storage setup per our documentation - and observed that a secure file was uploaded to the specified bucket.
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion.
Required
-
Merge Request Title and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com -
When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA -
Equivalent MR/issue for omnibus-gitlab opened -
Validate potential values for new configuration settings. Formats such as integer 10
, duration10s
, URIscheme://user:passwd@host:port
may require quotation or other special handling when rendered in a template and written to a configuration file.