registry: move httpSecret to a global k8s secret (!485) · Merge requests · GitLab.org / charts / GitLab Chart

Jason Plum requested to merge 664-move-registry-httpsecret-to-secret into master Sep 04, 2018

registry.httpSecret being auto-generated was causing all registry pods to restart every helm upgrade because this would result in an alteration to the template's signature, as the vale was randomly generated on every run.

To get around this, we move this to gitlab-registry-httpsecret, mount this in, and sed the value into place, as we do with the minio access/secret keys.

Summary of changes:

templates/_registry.tpl: gitlab.registry.httpSecret.*
generation of the secret to shared-secrets generation script
deprecation notice, in the event a user ever provided registry.httpSecret as a string property
Updates to documentation regarding this change
Small updates to other broken documentation links in the affected files.

Relates to #664 (closed)

registry: move httpSecret to a global k8s secret

Merge request reports