Skip to content
Snippets Groups Projects

Support Vault EE namespaces

Merged Aleksander Zak requested to merge aleksanderzak/gitlab-runner:vault_namespaces into main
4 unresolved threads

Currently the vault integration does not support Vault EE namespaces. Only the vault server URL, role name and auth path can be configured with the variables. It is possible to just prefix the engine's path with the namespace, but it is not possible to specify the namespace for the authentication.

This change makes the namespace configurable wiht the VAULT_NAMESPACE variable (similar to how VAULT_SERVER_URL, VAULT_AUTH_ROLE and VAULT_AUTH_PATH are being used already). API operations performed under a namespace are done by providing the namespace name in X-Vault-Namespace header.

related MR: gitlab!80590 (merged)

ref gitlab#255619 ref https://gitlab.com/ubs-group1/ubs/ubs-global/-/issues/92

Edited by Aleksander Zak

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Tomasz Maczukin
  • Aleksander Zak added 37 commits

    added 37 commits

    • 73239246 - Support Vault EE namespaces
    • 69e8ea64 - Fix Azure caching example config
    • f0501e2a - Encourage use of K8s secrets
    • d777e186 - Add integration test for artifacts redirection
    • 0bb92cc9 - Add test for network/client redirections with 307/308
    • e3ac8ce8 - Retry artifacts upload with changed URL on 307/308 responses
    • 6d15d619 - Update the integration test
    • e4cfe2e9 - Fix artifacts upload redirection handling
    • 630fb1d6 - Update docs/executors/shell.md
    • 458c186f - Clarify that listed limitations are specific to Windows
    • cb657d91 - Fix typo
    • 87030865 - Bump version of Go for project to 1.17.6
    • d17c3718 - update docs/shells/index.md: shell descriptions
    • ede37f11 - Use latest docs linting image for Markdown
    • caae7266 - Add debian/bullseye to packagecloud DEB_PLATFORMS
    • d2b500d5 - Update docs/configuration/autoscale.md
    • 5d2f9dba - Remove vendor/ directory
    • 2ab4c4d3 - Ensure proper assumptions
    • 96c01bfb - Divide packages buildling jobs in the pipeline even more
    • 72d312c1 - Cleanup cache proxy pattern
    • 018b047b - Add darwin arm64
    • e52b8720 - Update OSX installation documentation for Apple Silicon
    • 001c999e - Install supported Go version for Windows prior to testing
    • 1b5ac344 - Make use of build requests/limits for build permission init container.
    • ed02c977 - Use helper (instead of build) limits/requests for init container
    • 92b207ee - Upgrade minio to v7.0.21
    • e11659f1 - Upgrade Go to 1.17.7
    • aa67ddf1 - Docs: Add more common -machine-machine-options
    • 645d3f89 - Added support for Variables in Services for Docker/Kubernetes
    • e3e04cff - Exposed ServiceVariables as a new feature for both Docker and Kubernetes
    • 79c4926f - Ensure shell writers terminate with newline flush
    • cc7b2fae - Add details to docs on CI_SERVER_TLS_CA_FILE
    • 16ddae56 - Update CHANGELOG for v14.8.0
    • 6afdca7c - Bump version to v14.8.0
    • 5d5c8ffa - Updated agent for Kubernetes
    • 0d4757c2 - Align debian releases for stable and Bleeding Edge versions
    • 223cbe90 - Support Vault EE namespaces

    Compare with previous version

  • Aleksander Zak added 62 commits

    added 62 commits

    Compare with previous version

  • Matija Čupić changed milestone to %14.9

    changed milestone to %14.9

  • Tomasz Maczukin approved this merge request

    approved this merge request

  • This looks good to me. Thank you @aleksanderzak for your contribution!

    I've started a pipeline to go through the trigger runner-incept tests and enabled automatic merge train when this pipeline will succeed.

  • Tomasz Maczukin enabled automatic add to merge train when the pipeline for 43d493f3 succeeds

    enabled automatic add to merge train when the pipeline for 43d493f3 succeeds

  • Tomasz Maczukin added this merge request to the merge train at position 3

    added this merge request to the merge train at position 3

  • Tomasz Maczukin mentioned in commit c223c362

    mentioned in commit c223c362

  • Hi @aleksanderzak,

    We would love to know how you found your code review experience in this merge request! Please leave a :thumbsup: or a :thumbsdown: on this comment to describe your experience.

    Once done, please comment @gitlab-bot feedback below and feel free to leave any additional feedback you have in the same comment.

    Thanks for your help! :heart:

  • Stan Hu mentioned in issue #29972

    mentioned in issue #29972

  • Please register or sign in to reply
    Loading