Unverified Commit 8ab996fe authored by Varac's avatar Varac
Browse files

Install gitlab-k8s-agent with flux

parent 7f1ac487
Pipeline #15221 failed with stage
in 2 minutes and 55 seconds
# https://github.com/thoughtworks/talisman#ignoring-files
fileignoreconfig:
- filename: README.md
checksum: fe845c79d2bb67563c2c9429465a29d7819c05b3013576fc5c8f8bb1b174f3df
version: ""
# Gitlab kubernetes agent config
# Stackspin Gitlab kubernetes cluster config
## Documentation and resources
This repo consists of two parts:
* Flux resources to run the Gitlab kubernetes agent
* The Gitlab kubernetes agent config
## Flux resources to run the Gitlab kubernetes agent
Initial setup:
Follow [Register the agent with GitLab](https://docs.gitlab.com/ee/user/clusters/agent/install/index.html#register-the-agent-with-gitlab)
Create a `gitlab` namespace:
kubectl create namespace gitlab
Create a secret for the Gitlab kubernetes agent:
cat flux/gitlab-k8s-agent-secret.yml.tmpl| token=TOKEN_IN_PLAINTEXT envsubst | kubectl apply -f -
Run
./flux/install-custom-flux-config.sh
## Gitlab kubernetes agent config
See `./.gitlab/agents/stackspin-k8s-agent/config.yaml`
### Documentation and resources
* [Connecting a Kubernetes cluster with GitLab](https://docs.gitlab.com/ee/user/clusters/agent/)
* [Agent registration](https://docs.gitlab.com/ee/user/clusters/agent/install/index.html#register-the-agent-with-gitlab)
* [Agent authorization](https://docs.gitlab.com/ee/user/clusters/agent/ci_cd_tunnel.html#authorize-the-agent-to-access-your-projects)
* [Review apps](https://docs.gitlab.com/ee/ci/review_apps/index.html#review-apps-examples)
* [gitlab-agent repo and helm chart](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent)
### Epics
* [CI/CD tunnel](https://gitlab.com/groups/gitlab-org/-/epics/5528)
* [GitLab Agent for Kubernetes](https://gitlab.com/groups/gitlab-org/-/epics/3329)
* [gitlab-agent repo](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent)
* [gitlab-agent helm chart](https://gitlab.com/gitlab-org/charts/gitlab-agent)
* [CI/CD tunnel epic](https://gitlab.com/groups/gitlab-org/-/epics/5528)
* [GitLab Agent for Kubernetes epic](https://gitlab.com/groups/gitlab-org/-/epics/3329)
apiVersion: v1
kind: Secret
metadata:
name: gitlab-agent-token
namespace: gitlab
labels:
app.kubernetes.io/name: gitlab-agent
app: gitlab-agent
stringData:
token: $token
type: Opaque
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: gitlab
namespace: flux-system
spec:
interval: 24h
url: https://charts.gitlab.io
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: gitlab-k8s-agent
namespace: gitlab
spec:
releaseName: gitlab-k8s-agent
chart:
spec:
# https://artifacthub.io/packages/helm/gitlab/gitlab-agent
chart: gitlab-agent
version: 0.6.0
sourceRef:
kind: HelmRepository
name: gitlab
namespace: flux-system
interval: 24h
values:
# https://gitlab.com/gitlab-org/charts/gitlab-agent/-/blob/main/values.yaml
config:
kasAddress: 'wss://kas.open.greenhost.net'
# https://docs.gitlab.com/ee/user/clusters/agent/repository.html#debug-the-agent
observability:
logging:
level: debug
#!/usr/bin/env bash
set -euo pipefail
echo "Creating / updating gitRepository kubernetes-agent-setup in namespace flux-system"
flux create source git kubernetes-agent-setup \
--namespace=flux-system \
--url=https://open.greenhost.net/stackspin/kubernetes-agent-setup \
--branch=main \
--interval=1h
echo "Creating / updating kustomization gitlab-k8s-agent in namespace flux-system"
flux create kustomization kubernetes-agent-setup \
--namespace=flux-system \
--source=GitRepository/kubernetes-agent-setup \
--path="./flux/kustomizations" \
--prune=true \
--interval=1h
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: gitlab-k8s-agent
namespace: gitlab
spec:
interval: 24h
sourceRef:
kind: GitRepository
name: kubernetes-agent-setup
path: ./flux/gitlab
prune: true
validation: client
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment