Support setting global.ingress.tls.secretName (!144) · Merge requests · GitLab.org / Cloud Native / GitLab Operator

Mitchell Nielsen requested to merge ci-use-certmanager into master Apr 19, 2021

Respects the CR's value for global.ingress.tls.secretName. If set, it will configure MinIO, Registry, and Webservice ingresses with the given secret name. If not set, it will use the default name for the self-signed wildcard certificate.

Implementation instructions

To enable in our CI, set TLSSECRETNAME in .gitlab-ci.yml or in the Projects CI variables.

Testing instructions

TLSSECRETNAME=your-tls-secret-name TAG=ci-use-certmanager \
  DOMAIN=yourdomain.com CLEANUP=no \
  ./scripts/test.sh

Wait until ingresses are deployed, and confirm that the specified secret is set correctly:

❯ kubectl describe ingress -n gitlab-system gitlab-webservice-default | grep -A1 TLS
TLS:
  your-tls-secret-name terminates yourdomain.com

Edited Apr 19, 2021 by Mitchell Nielsen

Support setting global.ingress.tls.secretName

Implementation instructions

Testing instructions

Merge request reports