Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- apiVersion: extensions/v1beta1
- kind: Deployment
- metadata:
- name: gitlab
- namespace: gitlab
- spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: gitlab
- app: gitlab
- annotations:
- scheduler.alpha.kubernetes.io/affinity: >
- {
- "nodeAffinity": {
- "requiredDuringSchedulingIgnoredDuringExecution": {
- "nodeSelectorTerms": [
- {
- "matchExpressions": [
- {
- "key": "cloud.google.com/gke-preemptible",
- "operator": "DoesNotExist"
- }
- ]
- }
- ]
- }
- }
- }
- spec:
- containers:
- - name: gitlab
- image: gitlab/gitlab-ce:8.16.2-ce.0
- imagePullPolicy: IfNotPresent
- command: ["/bin/bash","-c"]
- args: ["apt-get update &&
- apt-get install -y make libmysqlclient-dev build-essential g++ &&
- echo 'ABOUT TO INSTALL mysql2 gem...' &&
- cd /opt/gitlab/embedded/bin/ &&
- ./gem install mysql2 -- --with-mysql-lib=/usr/lib64/mysql &&
- echo 'ABOUT TO ECHO...' &&
- echo '---
- BUNDLE_RETRY: \"5\"
- BUNDLE_PATH: \"/opt/gitlab/embedded/service/gem\"
- BUNDLE_JOBS: \"9\"
- BUNDLE_WITHOUT: \"development:test:postgres\"
- BUNDLE_DISABLE_SHARED_GEMS: \"true\"' >
- /opt/gitlab/embedded/service/gitlab-rails/.bundle/config &&
- echo 'ABOUT TO INSTALL BUNDLE...' &&
- cd /opt/gitlab/embedded/service/gitlab-rails &&
- /opt/gitlab/embedded/bin/bundle install &&
- echo 'ABOUT TO PATCH..' &&
- patch -p1 -d /opt/gitlab/embedded/service/gitlab-rails < /patches/fix-git-hooks.patch && sed -i \"s/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password }) if initial_root_password/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password, 'GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN' => node['gitlab']['gitlab-rails']['initial_shared_runners_registration_token'] })/g\" /opt/gitlab/embedded/cookbooks/gitlab/recipes/database_migrations.rb && exec /assets/wrapper"]
- env:
- - name: GITLAB_EXTERNAL_SCHEME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: external_scheme
- - name: GITLAB_EXTERNAL_HOSTNAME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: external_hostname
- - name: GITLAB_REGISTRY_EXTERNAL_SCHEME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: registry_external_scheme
- - name: GITLAB_REGISTRY_EXTERNAL_HOSTNAME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: registry_external_hostname
- - name: GITLAB_MATTERMOST_EXTERNAL_SCHEME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: mattermost_external_scheme
- - name: GITLAB_MATTERMOST_EXTERNAL_HOSTNAME
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: mattermost_external_hostname
- - name: MYSQL_USER
- valueFrom:
- secretKeyRef:
- name: cloudsql
- key: username
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: cloudsql
- key: password
- - name: MYSQL_DB
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: mysql_db
- - name: MYSQL_IP
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: mysql_ip
- - name: GITLAB_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN
- valueFrom:
- secretKeyRef:
- name: gitlab-secrets
- key: initial_shared_runners_registration_token
- - name: MATTERMOST_APP_UID
- valueFrom:
- configMapKeyRef:
- name: gitlab-config
- key: mattermost_app_uid
- - name: MATTERMOST_APP_SECRET
- valueFrom:
- secretKeyRef:
- name: gitlab-secrets
- key: mattermost_app_secret
- - name: GITLAB_OMNIBUS_CONFIG
- value: |
- external_url "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}"
- registry_external_url "#{ENV['GITLAB_REGISTRY_EXTERNAL_SCHEME']}://#{ENV['GITLAB_REGISTRY_EXTERNAL_HOSTNAME']}"
- mattermost_external_url "#{ENV['GITLAB_MATTERMOST_EXTERNAL_SCHEME']}://#{ENV['GITLAB_MATTERMOST_EXTERNAL_HOSTNAME']}"
- gitlab_rails['initial_shared_runners_registration_token'] = ENV['GITLAB_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN']
- nginx['enable'] = false
- registry_nginx['enable'] = false
- mattermost_nginx['enable'] = false
- gitlab_workhorse['listen_network'] = 'tcp'
- gitlab_workhorse['listen_addr'] = '0.0.0.0:8005'
- mattermost['service_address'] = '0.0.0.0'
- mattermost['service_port'] = '8065'
- registry['registry_http_addr'] = '0.0.0.0:8105'
- postgresql['enable'] = false
- gitlab_rails['db_adapter'] = 'mysql2'
- gitlab_rails['db_host'] = ENV['MYSQL_IP']
- gitlab_rails['db_port'] = '3306'
- gitlab_rails['db_encoding'] = 'utf8'
- gitlab_rails['db_password'] = ENV['MYSQL_PASSWORD']
- gitlab_rails['db_username'] = ENV['MYSQL_USER']
- gitlab_rails['db_database'] = ENV['MYSQL_DB']
- redis['enable'] = false
- gitlab_rails['redis_host'] = 'gitlab-redis'
- mattermost['file_directory'] = '/gitlab-data/mattermost';
- mattermost['sql_driver_name'] = 'mysql';
- mattermost['sql_data_source'] = "user=#{ENV['MYSQL_USER']} host=#{ENV['MYSQL_IP']} port=3306 dbname=mattermost_production password=#{ENV['MYSQL_PASSWORD']} sslmode=disable";
- mattermost['gitlab_enable'] = true;
- mattermost['gitlab_secret'] = ENV['MATTERMOST_APP_SECRET'];
- mattermost['gitlab_id'] = ENV['MATTERMOST_APP_UID'];
- mattermost['gitlab_scope'] = '';
- mattermost['gitlab_auth_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/oauth/authorize";
- mattermost['gitlab_token_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/oauth/token";
- mattermost['gitlab_user_api_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/api/v3/user"
- manage_accounts['enable'] = true
- manage_storage_directories['manage_etc'] = false
- gitlab_shell['auth_file'] = '/gitlab-data/ssh/authorized_keys'
- git_data_dir '/gitlab-data/git-data'
- gitlab_rails['shared_path'] = '/gitlab-data/shared'
- gitlab_rails['uploads_directory'] = '/gitlab-data/uploads'
- gitlab_ci['builds_directory'] = '/gitlab-data/builds'
- gitlab_rails['registry_path'] = '/gitlab-registry'
- prometheus['enable'] = true
- node_exporter['enable'] = true
- - name: GITLAB_POST_RECONFIGURE_SCRIPT
- value: |
- /opt/gitlab/bin/gitlab-rails runner -e production 'Doorkeeper::Application.where(uid: ENV["MATTERMOST_APP_UID"], secret: ENV["MATTERMOST_APP_SECRET"], redirect_uri: "#{ENV["GITLAB_MATTERMOST_EXTERNAL_SCHEME"]}://#{ENV["GITLAB_MATTERMOST_EXTERNAL_HOSTNAME"]}/signup/gitlab/complete\r\n#{ENV["GITLAB_MATTERMOST_EXTERNAL_SCHEME"]}://#{ENV["GITLAB_MATTERMOST_EXTERNAL_HOSTNAME"]}/login/gitlab/complete", name: "GitLab Mattermost").first_or_create;'
- ports:
- - name: registry
- containerPort: 8105
- - name: mattermost
- containerPort: 8065
- - name: workhorse
- containerPort: 8005
- - name: ssh
- containerPort: 22
- - name: prometheus
- containerPort: 9090
- - name: node-exporter
- containerPort: 9100
- volumeMounts:
- - name: config
- mountPath: /etc/gitlab
- - name: data
- mountPath: /gitlab-data
- - name: registry
- mountPath: /gitlab-registry
- - name: patches
- mountPath: /patches
- readOnly: true
- - name: cloudsql-oauth-credentials
- mountPath: /secrets/cloudsql
- readOnly: true
- - name: gitlab-secrets
- mountPath: /gitlab-secrets
- readOnly: true
- - name: ssl-certs
- mountPath: /etc/ssl/certs
- - name: cloudsql
- mountPath: /cloudsql
- livenessProbe:
- httpGet:
- path: /help
- port: 8005
- initialDelaySeconds: 1800 #180
- timeoutSeconds: 1500 # 15
- readinessProbe:
- httpGet:
- path: /help
- port: 8005
- initialDelaySeconds: 1500 # 15
- timeoutSeconds: 1
- - image: b.gcr.io/cloudsql-docker/gce-proxy:1.06
- name: cloudsql-proxy
- command: ["/cloud_sql_proxy", "--dir=/cloudsql",
- "-instances=[INSTANCE_CONNECTION_NAME]=tcp:3306",
- "-credential_file=/secrets/cloudsql/credentials.json"]
- volumes:
- - name: data
- persistentVolumeClaim:
- claimName: gitlab-rails-storage
- - name: registry
- persistentVolumeClaim:
- claimName: gitlab-registry-storage
- - name: config
- persistentVolumeClaim:
- claimName: gitlab-config-storage
- - name: patches
- configMap:
- name: gitlab-patches
- - name: cloudsql-oauth-credentials
- secret:
- secretName: cloudsql-oauth-credentials
- - name: ssl-certs
- hostPath:
- path: /etc/ssl/certs
- - name: cloudsql
- emptyDir:
- - name: gitlab-secrets
- secret:
- secretName: gitlab-secrets
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement