diff --git a/pkg/gitlab/internal/v1beta1/adapter_test.go b/pkg/gitlab/internal/v1beta1/adapter_test.go index ad382cfe47b843fa1b86a00ed4aa2f048d176503..11ffd7b813591ba094c403abc66f1b2d3168ac71 100644 --- a/pkg/gitlab/internal/v1beta1/adapter_test.go +++ b/pkg/gitlab/internal/v1beta1/adapter_test.go @@ -98,8 +98,6 @@ var _ = Describe("GitLab Adapter [v1beta1]", func() { _ = values.SetValue("global.hosts.domain", "greatexpectations.com") /* Operator overrides these */ - _ = values.SetValue("global.serviceAccount.enabled", false) - _ = values.SetValue("global.ingress.apiVersion", "networking.k8s.io/v1beta1") _ = values.SetValue("gitlab-runner.install", true) _ = values.SetValue("certmanager.install", true) @@ -127,7 +125,9 @@ var _ = Describe("GitLab Adapter [v1beta1]", func() { It("uses user-defined values over operator default values", func() { values := support.Values{} + _ = values.SetValue("global.serviceAccount.enabled", false) _ = values.SetValue("gitlab.webservice.serviceAccount.name", "great-service-account") + _ = values.SetValue("global.ingress.apiVersion", "networking.k8s.io/v1beta1") a, err := NewAdapter(context.TODO(), newGitLabResource(getChartVersion(), values)) @@ -136,6 +136,8 @@ var _ = Describe("GitLab Adapter [v1beta1]", func() { Expect(a).NotTo(BeNil()) Expect(a.values.GetValue("gitlab.webservice.serviceAccount.name")).To(Equal("great-service-account")) + Expect(a.values.GetValue("global.ingress.apiVersion")).To(Equal("networking.k8s.io/v1beta1")) + Expect(a.values.GetValue("global.serviceAccount.enabled")).To(BeFalse()) }) It("wants default components and features when not specified otherwise", func() { @@ -248,21 +250,20 @@ func addChartDefaultExamples(examples support.Values) { } func addOperatorDefaultExamples(examples support.Values) { - examples["certmanager-issuer.email"] = "admin@example.com" - examples["gitlab.webservice.serviceAccount.name"] = settings.AppNonRootServiceAccount -} - -func addOperatorOverrideExamples(examples support.Values) { examples["global.serviceAccount.name"] = settings.AppNonRootServiceAccount examples["global.ingress.apiVersion"] = "networking.k8s.io/v1" // "" examples["global.serviceAccount.enabled"] = true // false - examples["certmanager.install"] = false // true - examples["gitlab-runner.install"] = false // true - examples["shared-secrets.securityContext.runAsUser"] = "" // 1000 - examples["shared-secrets.securityContext.fsGroup"] = "" // 1000 + examples["certmanager-issuer.email"] = "admin@example.com" + examples["shared-secrets.securityContext.runAsUser"] = "" // 1000 + examples["shared-secrets.securityContext.fsGroup"] = "" // 1000 examples["shared-secrets.serviceAccount.name"] = settings.ManagerServiceAccount } +func addOperatorOverrideExamples(examples support.Values) { + examples["certmanager.install"] = false // true + examples["gitlab-runner.install"] = false // true +} + func addUserDefinedExamples(examples, values support.Values) { for key, val := range values { examples[key] = val diff --git a/pkg/gitlab/internal/v1beta1/default-values.tpl b/pkg/gitlab/internal/v1beta1/default-values.tpl index 3866c0aed0c37ae436fd85439b2b118aaff74f69..c0ed67220498ee2c5a18ad71cd7d2eca6827e6f6 100644 --- a/pkg/gitlab/internal/v1beta1/default-values.tpl +++ b/pkg/gitlab/internal/v1beta1/default-values.tpl @@ -1,11 +1,68 @@ +global: + image: + pullPolicy: IfNotPresent + + ingress: + apiVersion: networking.k8s.io/v1 + {{ if .UseCertManager }} + annotations: + cert-manager.io/issuer: {{ .ReleaseName }}-issuer + acme.cert-manager.io/http01-edit-in-place: true + {{ end }} + + serviceAccount: + enabled: true + create: false + name: {{ .Settings.AppNonRootServiceAccount }} + certmanager-issuer: email: {{ .Settings.CertmanagerIssuerEmail }} -gitlab: - webservice: - serviceAccount: +postgresql: + serviceAccount: + enabled: true + create: false + name: {{ .Settings.AppNonRootServiceAccount }} + securityContext: + fsGroup: 1000 + runAsUser: 1000 + +redis: + serviceAccount: + name: {{ .Settings.AppNonRootServiceAccount }} + securityContext: + fsGroup: 1000 + runAsUser: 1000 + +shared-secrets: + serviceAccount: + create: false + name: {{ .Settings.ManagerServiceAccount }} + securityContext: + runAsUser: '' + fsGroup: '' + +prometheus: + rbac: + create: false + serviceAccounts: + server: + create: false + name: {{ .Settings.PrometheusServiceAccount }} + alertmanager: + create: false + name: {{ .Settings.AppNonRootServiceAccount }} + nodeExporter: + create: false + name: {{ .Settings.AppNonRootServiceAccount }} + pushgateway: + create: false name: {{ .Settings.AppNonRootServiceAccount }} +gitlab-zoekt: + serviceAccount: + create: false + name: {{ .Settings.AppNonRootServiceAccount }} nginx-ingress: labels: diff --git a/pkg/gitlab/internal/v1beta1/override-values.tpl b/pkg/gitlab/internal/v1beta1/override-values.tpl index 859d1268c4d1240b4ecdc7c26e36c31004bccf33..83aed92ae50eb71d57b4bf020217419366d9ce9e 100644 --- a/pkg/gitlab/internal/v1beta1/override-values.tpl +++ b/pkg/gitlab/internal/v1beta1/override-values.tpl @@ -4,6 +4,13 @@ certmanager: gitlab-runner: install: false +global: + common: + labels: + app.kubernetes.io/name: {{ .ReleaseName }} + app.kubernetes.io/part-of: gitlab + app.kubernetes.io/managed-by: gitlab-operator + gitlab: gitaly: common: @@ -71,29 +78,6 @@ gitlab: app.kubernetes.io/component: webservice app.kubernetes.io/instance: {{ .ReleaseName }}-webservice -global: - common: - labels: - app.kubernetes.io/name: {{ .ReleaseName }} - app.kubernetes.io/part-of: gitlab - app.kubernetes.io/managed-by: gitlab-operator - - image: - pullPolicy: IfNotPresent - - ingress: - apiVersion: networking.k8s.io/v1 - {{ if .UseCertManager }} - annotations: - cert-manager.io/issuer: {{ .ReleaseName }}-issuer - acme.cert-manager.io/http01-edit-in-place: true - {{ end }} - - serviceAccount: - enabled: true - create: false - name: {{ .Settings.AppNonRootServiceAccount }} - minio: common: labels: @@ -103,22 +87,10 @@ minio: postgresql: commonLabels: gitlab.io/component: postgresql - serviceAccount: - enabled: true - create: false - name: {{ .Settings.AppNonRootServiceAccount }} - securityContext: - fsGroup: 1000 - runAsUser: 1000 redis: commonLabels: gitlab.io/component: redis - serviceAccount: - name: {{ .Settings.AppNonRootServiceAccount }} - securityContext: - fsGroup: 1000 - runAsUser: 1000 registry: common: @@ -126,32 +98,3 @@ registry: app.kubernetes.io/component: registry app.kubernetes.io/instance: {{ .ReleaseName }}-registry -shared-secrets: - serviceAccount: - create: false - name: {{ .Settings.ManagerServiceAccount }} - securityContext: - runAsUser: '' - fsGroup: '' - -prometheus: - rbac: - create: false - serviceAccounts: - server: - create: false - name: {{ .Settings.PrometheusServiceAccount }} - alertmanager: - create: false - name: {{ .Settings.AppNonRootServiceAccount }} - nodeExporter: - create: false - name: {{ .Settings.AppNonRootServiceAccount }} - pushgateway: - create: false - name: {{ .Settings.AppNonRootServiceAccount }} - -gitlab-zoekt: - serviceAccount: - create: false - name: {{ .Settings.AppNonRootServiceAccount }}