Skip to content

Resolve "Make User and Group IDs configurable"

Scott Hensonrequested to merge
1153-make-user-and-group-ids-configurable into main

What does this MR do?

This change makes the user and group ID settings for GitLab more flexible and configurable. Previously, the system was hardcoded to use specific ID numbers (9000 and 9001) for the GitLab user and web server. Now, these ID numbers are defined as variables that can be customized, while still defaulting to the same values. The code also adds safety checks to only apply these settings when the variables are actually provided, making the configuration more robust and allowing different environments to use different ID numbers if needed.

  1. Added Configurable Variables Added four new variables to ansible/roles/common_vars/defaults/main.yml:
  • gitlab_user_uid: 9000 - User ID for the main GitLab user
  • gitlab_user_gid: 9000 - Group ID for the main GitLab user
  • web_server_uid: 9001 - User ID for the web server process
  • web_server_gid: 9001 - Group ID for the web server process
  1. Updated Template Files
  • Modified ansible/roles/gitlab_rails/templates/gitlab-rails.gitlab.rb.j2 to use the new variables instead of hardcoded values
  • Modified ansible/roles/sidekiq/templates/sidekiq.gitlab.rb.j2 to use the new variables instead of hardcoded values
  • Both templates now use Jinja2 variable substitution: {{ gitlab_user_uid }}, {{ gitlab_user_gid }}, {{ web_server_uid }}, {{ web_server_gid }}

Documentation was not updated as I do not know if this would be considered as "Notable". The documentation points to the common variables file for configuration options which I think should suffice.

Related issues

Author's checklist

When ready for review, the Author applies the workflowready for review label and mention @gitlab-org/software-delivery/get-maintainers:

  • Merge request:
    • Corresponding Issue raised and reviewed by the GET maintainers team.
    • Merge Request Title and Description are up-to-date, accurate, and descriptive
    • MR targeting the appropriate branch
    • MR has a green pipeline
    • MR has no new security alerts in the widget from the Secret Detection and IaC Scan (SAST) jobs.
  • Code:
    • Check the area changed works as expected across all expected permutations.
    • Check that the changes work across upgrades.
    • Documentation created/updated in the same MR if applicable

@gitlab-org/software-delivery/get-maintainers Please review the milestone

Closes #1153 (closed)

Edited by Scott Henson

Merge request reports