Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Add links to clarify AWS and docker credentials requirements and clarification on image: tag

Review changes
Download
Patches
Plain diff

DarwinJS requested to merge DarwinJS-aws-and-registry-permissions-clarification into main Mar 09, 2022

Overview 9
Commits 8
Pipelines 9
Changes 1

What does this MR do?

Adds an AWS documentation link to explain the permissions the ECS service needs to launch fargate containers from an AWS ECR.
Adds an AWS documentation link to explain how to enable an ECS task to use docker registry authentication credentials for task launches.
Adds an Important Considerations section discussing how key pass-through limitations of AWS ECS Fargate may affect the decision to implement this solution versus the GitLab Kubernetes runner on EKS.

Why was this MR needed?

Without indications on what permissions the ECS service needs to an ECR, implementers will fail to get the results shown in the practical steps.
It may appear to customers that the Fargate runner solution not able to handle private registries outside of ECR - including private registries on a GitLab instance.

What's the best way to test this MR?

Configure the GitLab Fargate runner with a private registry outside of AWS.
Configure the GitLab Fargate runner with least permissions for the ECS service.

Related issues

Author's checklist

Consider taking the GitLab Technical Writing Fundamentals course
Follow the:
Ensure that the product tier badge is added to topic's h1.
Request a review based on:
- The documentation page's metadata.
- The associated Technical Writer.

Review checklist

Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.

If the content requires it, ensure the information is reviewed by a subject matter expert.
Technical writer review items:
- Ensure docs metadata is present and up-to-date.
- Ensure the appropriate labels are added to this MR.
- If relevant to this MR, ensure content topic type principles are in use, including:
  - The headings should be something you'd do a Google search for. Instead of Default behavior, say something like Default behavior when you close an issue.
  - The headings (other than the page title) should be active. Instead of Configuring GDK, say something like Configure GDK.
  - Any task steps should be written as a numbered list.
  - If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
Ensure a release milestone is set.

Edited Mar 10, 2022 by DarwinJS

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking