Enable opting-out managed resources in environment options

Taka Nishidarequested to merge
support-k8s-dashbaord-without-managed-resource-with-new-format into master

What does this MR do and why?

Resolves project-specific opt-out conflicts with global agent configurations.

This MR addresses a critical issue where projects using a global, instance-wide agent with managed resources enabled cannot selectively opt-out of managed resources feature while still using the Kubernetes dashboard.

Previously, when a project wanted to enable the Kubernetes dashboard for environments (via environment.kubernetes.agent in CI config), it would automatically inherit the global agent's managed resources configuration, forcing unwanted resource management onto the project. The only workaround required requesting the agent owner to create a separate project-specific agent configuration without managed resources enabled.

With this change, projects can now explicitly disable managed resources using managed_resources.enabled: false while still accessing the dashboard functionality, eliminating the need for additional agent configurations and reducing administrative overhead for both project teams and agent administrators.

Changelog: added

References

Part of #515854 (closed).

  1. Run GDK.
  2. Enable GitLab-managed Kubernetes resources.
  3. Make sure the existing config works as expected. Confirm the pipeline runs without error, and the managed resources was executed. Execute k get ns and new namespace should be created.
deploy:
  image:
    name: bitnami/kubectl:latest
    entrypoint: ['']
  environment:
    name: env1
    deployment_tier: staging
    kubernetes:
      agent: sandbox/simple-rails:local-cluster-2
      namespace: my-namespace
      flux_resource_path: helm.toolkit.fluxcd.io/v2/namespaces/flux-system/helmreleases/helm-release-resource-v1
  script:
    - kubectl get ns
  1. Change the ci config to allow the agent only for K8s dashboard. Make sure it runs without error, and the managed resources was not triggered. And also, the environment's namespace and flux_resource_path are updated to the given value.
deploy:
  image:
    name: bitnami/kubectl:latest
    entrypoint: ['']
  environment:
    name: env1
    deployment_tier: staging
    kubernetes:
      agent: sandbox/simple-rails:local-cluster-2
      managed_resources:
        enabled: false
      dashboard:
        namespace: my-namespace-v2
        flux_resource_path: helm.toolkit.fluxcd.io/v2/namespaces/flux-system/helmreleases/helm-release-resource-v2
  script:
    - kubectl get ns

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Taka Nishida

Merge request reports