GitLab Chart issueshttps://gitlab.com/gitlab-org/charts/gitlab/-/issues2023-01-23T19:57:36Zhttps://gitlab.com/gitlab-org/charts/gitlab/-/issues/1366Doc: provide sample config for Task Runner with GCS2023-01-23T19:57:36ZJason PlumDoc: provide sample config for Task Runner with GCSThe following discussion from !707 should be addressed:
- [ ] @WarheadsSE started a [discussion](https://gitlab.com/charts/gitlab/merge_requests/707#note_170685816):
> Not an immediate requirement, but seeing as this is a large nu...The following discussion from !707 should be addressed:
- [ ] @WarheadsSE started a [discussion](https://gitlab.com/charts/gitlab/merge_requests/707#note_170685816):
> Not an immediate requirement, but seeing as this is a large number of settings, and entry in `/examples/values-backups-gcs.yaml` would be of additional benefit.Backloghttps://gitlab.com/gitlab-org/charts/gitlab/-/issues/1300Docs feedback: using the Gitlab Cloud Native Helm Chart2020-08-14T15:36:09ZElijah SnyderDocs feedback: using the Gitlab Cloud Native Helm ChartI created a quick terraform project around this chart. Overall, I thought it worked great.
Unfortunately, even the Gitlab Implementation Engineering team seemed to not understand it. Some of the hiccups around using it included misunder...I created a quick terraform project around this chart. Overall, I thought it worked great.
Unfortunately, even the Gitlab Implementation Engineering team seemed to not understand it. Some of the hiccups around using it included misunderstandings around GCP, but there was also a significant problem in understanding how the LetsEncrypt/certmanager process worked.
It might be worth stressing that users will have to wait for the certmanager process to complete. The easiest way to monitor this on first-time installs is to look for services with ACME or `well-known` paths - they seem to live until the challenge is completed and then disappear. Once that happens you should have working automatic certificates! :)
If you complete this process and then later reinstall the chart _you will_ end up at an HSTS error (enabled by the nginx ingress controller) and _will not be able to visit the new installation until this process completes_. Even a Gitlab engineer got confused here - they argued you could "just push proceed" or "visit the installation on port 80" but that simply isn't how HSTS works! The job of the browser is to stop you from being subject to a downgrade attack and/or an attacker playing man-in-the-middle with a different configuration.
https://gitlab.com/e_snyder/gitlab-setuphttps://gitlab.com/gitlab-org/charts/gitlab/-/issues/924Improvement: Template out shared parts of the gitlab.yml.erb in unicorn, task...2020-08-14T15:45:12ZMatthias van de MeentImprovement: Template out shared parts of the gitlab.yml.erb in unicorn, task-runner and sidekiq## Summary
Currently, 90+% of the gitlab.yml.erb is copy-pasteable shared between the three charts. This is suboptimal, because this enhances the chances on subtle bugs and inconsistent/inexplanatory behaviour when comparing to omnibus ...## Summary
Currently, 90+% of the gitlab.yml.erb is copy-pasteable shared between the three charts. This is suboptimal, because this enhances the chances on subtle bugs and inconsistent/inexplanatory behaviour when comparing to omnibus edition (e.g. #921, #845).
## Current behavior
Most of gitlab.yml.erb is written specifically for sidekiq, task-runner and unicorn each.
## Expected behavior
Most of gitlab.yml.erb is included from shared templates.
## Versions
- Chart: master @ 94d083e
- Platform: N/A
- Kubernetes: N/A
- Helm: N/A