AutoDevOps: Make final values.yaml available as a CI job artifact when customizing values for Helm Chart
Release notes
Get more information about what AutoDevOps is doing behind the scenes. When using AutoDevOps, you can ask GitLab CI to make the customized values.yaml
file available as a job artifact.
Problem to solve
When using AutoDevOps, it's possible to customize values for the default Helm chart by adding content to .gitlab/auto-deploy-values.yaml
.
Proposal
Extend AutoDevOps to permit the user to request to have the values.yaml
that AutoDevOps will deploy made available as a job artifact. To start, we may choose to make this functionality off by default. Imagine a .gitlab-ci.yml
like this:
include:
- template: Auto-DevOps.gitlab-ci.yml
variables:
CUSTOMIZED_VALUES_YAML_ARTIFACT: "true"
The CUSTOMIZED_VALUES_YAML_ARTIFACT
variable would be false
by default. When set to true, the job that performs the deploy will have an artifact. The artifact will contain the values.yaml
file that is deployed. This will be the default chart with the user-supplied customizations from .gitlab/auto-deploy-values.yaml
.
User experience goal
The user should be able to review a final copy of the values.yaml
that is deployed and that includes the customizations they supplied for use in .gitlab/auto-deploy-values.yaml
.
Further details
This feature would give the user the ability to confirm that the changes that they supplied were added into values.yaml
properly.
Permissions and Security
Any user who can modify .gitlab-ci.yml
should be able to set the CUSTOMIZED_VALUES_YAML_ARTIFACT
value. Any user who can access job artifacts should be able to view the values.yaml
.
This file can contain sensitive information, so the artifact should at the very least use artifacts:public
(added in %13.8), set to false
Documentation
The docs on how to customize values for Helm chart would need to be updated to describe how to set CUSTOMIZED_VALUES_YAML_ARTIFACT
to true.