Product discovery for running Auto DevOps on air gapped networks
Problem to solve
Auto DevOps depends on internet access for quite a few stages. Some customers run GitLab on airgapped networks, and are therefore unable to use many of the stages.
Intended users
Developers
Further details
There are a few areas where we download things:
- We download the ADO helm chart on demand
- We download quite a few docker images on demand, and in some cases our docker images download other things inside of them
- We use apt to install packages. It's worth noting that apt also does not respect the proxy environment variables.
- ... and more.
- All the users we've interviewed (links in comments) confirmed that all the relevant elements in play (GitLab, k8s cluster, and artifact management tool) are part of the same network and can communicate with one another.
Proposal
- Research and document all the places where Auto DevOps depends on internet access
1.1 Provide a list of dependencies (ideally per stage) along with current version - Figure out best strategy and next steps to solve this problem
2.1 Customers we've interviewed thus far are usingArtifactory
andNexus SonarType
to host dependencies internally
sectionsec moved their images to be defined in variables: https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml#L10 @stkerr
might be able to provide more info.
What does success look like, and how can we measure that?
Links / references
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.