gitlab-org/gitlab-environment-toolkit 3.1.0

on GitLab

ℹ  The GitLab Environment Toolkit is a collection of opinionated Terraform and Ansible scripts to assist with the deployment of a self managed GitLab environment. It's recommended that users review the Before You Start section before use. Users should have a good working knowledge of Infrastructure management, Terraform, Ansible and GitLab administration as well as be aware that ultimately self managed environments are the responsibility of the user. As such, it's strongly recommended that you independently review the Toolkit in full to ensure it meets your requirements, especially around security or data integrity.

• New Key Features
  • Pages support (Cloud Native Hybrid)
  • Amazon Linux 2023 support
  • Migration support via Geo
  • GKE Private Cluster support
  • Custom GitLab Secrets support
• Further Updates and Improvements
• Upgrade Notes
  • Expected Terraform Changes
• Feedback

New Key Features

Pages support (Cloud Native Hybrid)

• Merge Request(s): !1102

Support for setting up GitLab Pages has been added for Cloud Native Hybrid environments!

Thanks @bwilkerson13!

Amazon Linux 2023 support

• Merge Request(s): !1129 !1141

Support for Amazon Linux 2023 as a target OS has been added!

Migration support via Geo

• Merge Request(s): !1140 !1135
• Documentation

The Toolkit now supports the ability to migrate from a non Toolkit controlled environment to a Toolkit controlled environment via Geo!

GKE Private Cluster support

• Merge Request(s): !1159
• Documentation

Custom GitLab Secrets support

• Merge Request(s): !1196
• Documentation

Custom GitLab secrets can now be set directly via the Toolkit!

Further Updates and Improvements

• Minimum Ansible version has been updated to 9.x. Note that this requires at least Python 3.10 on the Ansible host. !1190
• OpenSearch can now be configured via VMs on Azure. !1123 (thanks @jimbaumgardner!)
• AWS RDS Parameters have been updated and additional settings can now be set dynamically. !1119
• AWS RDS Performance insights can now optionally be enabled. !1118 (thanks @sbreitrainer!)
• Docker image build has switched from asdf to rtx for Terraform version install and management. !1128
• Let's Encrypt provisioning for Linux package (Omnibus) environments has been switched from certbot to acme.sh. !1129
• GKE Backup Service Account key can now be provided directly as a string. !1187
• GKE envelope / database encryption can now be enabled. !1199
• Advanced Search configuration steps have been refactored to allow setup on existing environments and all data types indexed for first time. !1191
• Common Custom Tasks now run before the installation of the GitLab Linux package. !1167
• Newly generated GitLab secrets are now correctly propagated within the same run. !1181
• A URL configuration issue for Registry in Cloud Native Hybrid environments with Geo has been fixed. !1155 (thanks @niskhakova!)
• An upstream RHEL 8 Python package installation has been addressed. !1173
• Correct permissions are now set for GCP object storage replication. !1157 (thanks @nwestbury!)
• Correct permissions are now set for AWS S3 Replication when a custom KMS key is being used. !1177
• Workaround added for a transient upstream deb issue where package unlocks were ignored. !1174
• Various other small updates, improvements and fixes.

Upgrade Notes

Expected Terraform Changes

• Empty pages buckets will be added (but this can be disabled)
• Some new RDS parameters, as recommended for GitLab, have been added.

Feedback

Got any feedback or found an issue? Please feel free to create an issue on our tracker.