Skip to content

Instance level SSL and custom domain support

This is the first step of Instance / group / project level serverless domains with SSL (&2136 (closed))

First Iteration Proposal

Provide a way for the user to manage the cluster at the instance level. We are not adding the ability to utilize Let's Encrypt in this first iteration. This means that at the instance level, the user needs to be able to add a domain, a certificate, and a key.

Domain setting

We'll create a new settings area under Admin > Settings > Operations and provide the following fields:

Screen_Shot_2019-12-06_at_11.09.45_AM

All fields are required. We throw a validation if the field is not filled out.

Verifying a domain

Once the domain is added, we provide a CNAME record and verification key. We also show whether the domain is verified in a badge and allow the user to refresh the verification status.

Screen_Shot_2019-12-20_at_12.02.54_PM

Removing a certificate

We also show the certificate, and the user has the ability to remove the certificate. If they do remove it, then the UI remains the same, but the certificate section show the Cert and Key fields instead (same as pages).

If the user removes the certificate, the Save changes button becomes enabled. The user must add the new cert + key. If it remains blank and they try to save, we throw a validation. If a new cert is not added and they navigate away, then the old cert remains.

Selecting a domain at the cluster level

On the cluster page, we will provide an option to either select the existing domain or utilize a new one. This mimics the pattern we are using for protected branches.

Screen_Shot_2019-11-25_at_12.07.35_PM

Screen_Shot_2019-11-25_at_12.07.20_PM

If the user chooses to utilize a new domain, SSL is not provided because it was decided that was out of scope.

Deleting an instance domain

The user is able to delete the domain. A modal confirmation should appear as this could be a breaking change. Modal copy:

Delete serverless domain?

You are about to delete domain.com from your instance. This domain will no longer be available to any Knative application.

[Cancel] [Delete]

If a cluster was utilizing an instance domain that was deleted, we remove it from the UI and show a validation saying a new domain needs to be chosen.

Screen_Shot_2019-12-20_at_12.21.20_PM

Tasks

Frontend

  • UI for creating domain in instance
  • UI for choosing domain at cluster level

Backend

Backend details defined below in #35591 (comment 250505939)

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited by 🤖 GitLab Bot 🤖