kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2020-12-21 21:10:23 +00:00
parent 152f35d6bf
commit c85cad8c8a
16 changed files with 1042 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/projects_controller.rb
View File

@ -34,6 +34,7 @@ class ProjectsController < Projects::ApplicationController
before_action only: [:edit] do
push_frontend_feature_flag(:approval_suggestions, @project, default_enabled: true)
push_frontend_feature_flag(:allow_editing_commit_messages, @project)
push_frontend_feature_flag(:search_settings_in_page, @project, default_enabled: false)
end
layout :determine_layout

2
app/graphql/types/ci/config/config_type.rb
View File

@ -11,7 +11,7 @@ module Types
description: 'Linting errors'
field :merged_yaml, GraphQL::STRING_TYPE, null: true,
description: 'Merged CI config YAML'
field :stages, [Types::Ci::Config::StageType], null: true,
field :stages, Types::Ci::Config::StageType.connection_type, null: true,
description: 'Stages of the pipeline'
field :status, Types::Ci::Config::StatusEnum, null: true,
description: 'Status of linting, can be either valid or invalid'

2
app/graphql/types/ci/config/group_type.rb
View File

@ -9,7 +9,7 @@ module Types
field :name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the job group'
field :jobs, [Types::Ci::Config::JobType], null: true,
field :jobs, Types::Ci::Config::JobType.connection_type, null: true,
description: 'Jobs in group'
field :size, GraphQL::INT_TYPE, null: true,
description: 'Size of the job group'

2
app/graphql/types/ci/config/job_type.rb
View File

@ -13,7 +13,7 @@ module Types
description: 'Name of the job group'
field :stage, GraphQL::STRING_TYPE, null: true,
description: 'Name of the job stage'
field :needs, [Types::Ci::Config::NeedType], null: true,
field :needs, Types::Ci::Config::NeedType.connection_type, null: true,
description: 'Builds that must complete before the jobs run'
end
end

2
app/graphql/types/ci/config/stage_type.rb
View File

@ -9,7 +9,7 @@ module Types
field :name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the stage'
field :groups, [Types::Ci::Config::GroupType], null: true,
field :groups, Types::Ci::Config::GroupType.connection_type, null: true,
description: 'Groups of jobs for the stage'
end
end

3
app/views/projects/edit.html.haml
View File

@ -3,6 +3,9 @@
- @content_class = "limit-container-width" unless fluid_layout
- expanded = expanded_by_default?
- if Feature.enabled?(:search_settings_in_page, @project, default_enabled: false)
= render "shared/search_settings"
%section.settings.general-settings.no-animate.expanded#js-general-settings
.settings-header
%h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Naming, topics, avatar')

3
app/views/shared/_search_settings.html.haml Normal file
View File

@ -0,0 +1,3 @@
.search-box-by-type.gl-mt-5
= sprite_icon('search', css_class: 'gl-search-box-by-type-search-icon gl-icon s16')
%input#search-settings-input.gl-form-input.gl-w-full.gl-search-box-by-type-input{ type: 'search', placeholder: _('Search settings') }

5
changelogs/unreleased/lm-update-w-connections-graphql.yml Normal file
View File

@ -0,0 +1,5 @@
---
title: Update ci config type for GraphQL to use connection_type
merge_request: 50160
author:
type: changed

8
config/feature_flags/development/search_settings_in_page.yml Normal file
View File

@ -0,0 +1,8 @@
---
name: search_settings_in_page
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50207
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/294025
milestone: '13.7'
type: development
group: group::editor
default_enabled: false

228
doc/api/graphql/reference/gitlab_schema.graphql
View File

@ -2291,7 +2291,27 @@ type CiConfig {
"""
Stages of the pipeline
"""
stages: [CiConfigStage!]
stages(
"""
Returns the elements in the list that come after the specified cursor.
"""
after: String
"""
Returns the elements in the list that come before the specified cursor.
"""
before: String
"""
Returns the first _n_ elements from the list.
"""
first: Int
"""
Returns the last _n_ elements from the list.
"""
last: Int
): CiConfigStageConnection
"""
Status of linting, can be either valid or invalid
@ -2303,7 +2323,27 @@ type CiConfigGroup {
"""
Jobs in group
"""
jobs: [CiConfigJob!]
jobs(
"""
Returns the elements in the list that come after the specified cursor.
"""
after: String
"""
Returns the elements in the list that come before the specified cursor.
"""
before: String
"""
Returns the first _n_ elements from the list.
"""
first: Int
"""
Returns the last _n_ elements from the list.
"""
last: Int
): CiConfigJobConnection
"""
Name of the job group
@ -2316,6 +2356,41 @@ type CiConfigGroup {
size: Int
}
"""
The connection type for CiConfigGroup.
"""
type CiConfigGroupConnection {
"""
A list of edges.
"""
edges: [CiConfigGroupEdge]
"""
A list of nodes.
"""
nodes: [CiConfigGroup]
"""
Information to aid in pagination.
"""
pageInfo: PageInfo!
}
"""
An edge in a connection.
"""
type CiConfigGroupEdge {
"""
A cursor for use in pagination.
"""
cursor: String!
"""
The item at the end of the edge.
"""
node: CiConfigGroup
}
type CiConfigJob {
"""
Name of the job group
@ -2330,7 +2405,27 @@ type CiConfigJob {
"""
Builds that must complete before the jobs run
"""
needs: [CiConfigNeed!]
needs(
"""
Returns the elements in the list that come after the specified cursor.
"""
after: String
"""
Returns the elements in the list that come before the specified cursor.
"""
before: String
"""
Returns the first _n_ elements from the list.
"""
first: Int
"""
Returns the last _n_ elements from the list.
"""
last: Int
): CiConfigNeedConnection
"""
Name of the job stage
@ -2338,6 +2433,41 @@ type CiConfigJob {
stage: String
}
"""
The connection type for CiConfigJob.
"""
type CiConfigJobConnection {
"""
A list of edges.
"""
edges: [CiConfigJobEdge]
"""
A list of nodes.
"""
nodes: [CiConfigJob]
"""
Information to aid in pagination.
"""
pageInfo: PageInfo!
}
"""
An edge in a connection.
"""
type CiConfigJobEdge {
"""
A cursor for use in pagination.
"""
cursor: String!
"""
The item at the end of the edge.
"""
node: CiConfigJob
}
type CiConfigNeed {
"""
Name of the need
@ -2345,11 +2475,66 @@ type CiConfigNeed {
name: String
}
"""
The connection type for CiConfigNeed.
"""
type CiConfigNeedConnection {
"""
A list of edges.
"""
edges: [CiConfigNeedEdge]
"""
A list of nodes.
"""
nodes: [CiConfigNeed]
"""
Information to aid in pagination.
"""
pageInfo: PageInfo!
}
"""
An edge in a connection.
"""
type CiConfigNeedEdge {
"""
A cursor for use in pagination.
"""
cursor: String!
"""
The item at the end of the edge.
"""
node: CiConfigNeed
}
type CiConfigStage {
"""
Groups of jobs for the stage
"""
groups: [CiConfigGroup!]
groups(
"""
Returns the elements in the list that come after the specified cursor.
"""
after: String
"""
Returns the elements in the list that come before the specified cursor.
"""
before: String
"""
Returns the first _n_ elements from the list.
"""
first: Int
"""
Returns the last _n_ elements from the list.
"""
last: Int
): CiConfigGroupConnection
"""
Name of the stage
@ -2357,6 +2542,41 @@ type CiConfigStage {
name: String
}
"""
The connection type for CiConfigStage.
"""
type CiConfigStageConnection {
"""
A list of edges.
"""
edges: [CiConfigStageEdge]
"""
A list of nodes.
"""
nodes: [CiConfigStage]
"""
Information to aid in pagination.
"""
pageInfo: PageInfo!
}
"""
An edge in a connection.
"""
type CiConfigStageEdge {
"""
A cursor for use in pagination.
"""
cursor: String!
"""
The item at the end of the edge.
"""
node: CiConfigStage
}
"""
Values for YAML processor result
"""

666
doc/api/graphql/reference/gitlab_schema.json
View File

@ -6126,20 +6126,51 @@
"name": "stages",
"description": "Stages of the pipeline",
"args": [
{
"name": "after",
"description": "Returns the elements in the list that come after the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "before",
"description": "Returns the elements in the list that come before the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "first",
"description": "Returns the first _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "last",
"description": "Returns the last _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
}
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigStage",
"ofType": null
}
}
"kind": "OBJECT",
"name": "CiConfigStageConnection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
@ -6175,20 +6206,51 @@
"name": "jobs",
"description": "Jobs in group",
"args": [
{
"name": "after",
"description": "Returns the elements in the list that come after the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "before",
"description": "Returns the elements in the list that come before the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "first",
"description": "Returns the first _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "last",
"description": "Returns the last _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
}
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigJob",
"ofType": null
}
}
"kind": "OBJECT",
"name": "CiConfigJobConnection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
@ -6229,6 +6291,118 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigGroupConnection",
"description": "The connection type for CiConfigGroup.",
"fields": [
{
"name": "edges",
"description": "A list of edges.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigGroupEdge",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "nodes",
"description": "A list of nodes.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigGroup",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "pageInfo",
"description": "Information to aid in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "PageInfo",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigGroupEdge",
"description": "An edge in a connection.",
"fields": [
{
"name": "cursor",
"description": "A cursor for use in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "node",
"description": "The item at the end of the edge.",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "CiConfigGroup",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigJob",
@ -6266,20 +6440,51 @@
"name": "needs",
"description": "Builds that must complete before the jobs run",
"args": [
{
"name": "after",
"description": "Returns the elements in the list that come after the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "before",
"description": "Returns the elements in the list that come before the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "first",
"description": "Returns the first _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "last",
"description": "Returns the last _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
}
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigNeed",
"ofType": null
}
}
"kind": "OBJECT",
"name": "CiConfigNeedConnection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
@ -6306,6 +6511,118 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigJobConnection",
"description": "The connection type for CiConfigJob.",
"fields": [
{
"name": "edges",
"description": "A list of edges.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigJobEdge",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "nodes",
"description": "A list of nodes.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigJob",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "pageInfo",
"description": "Information to aid in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "PageInfo",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigJobEdge",
"description": "An edge in a connection.",
"fields": [
{
"name": "cursor",
"description": "A cursor for use in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "node",
"description": "The item at the end of the edge.",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "CiConfigJob",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigNeed",
@ -6335,12 +6652,12 @@
},
{
"kind": "OBJECT",
"name": "CiConfigStage",
"description": null,
"name": "CiConfigNeedConnection",
"description": "The connection type for CiConfigNeed.",
"fields": [
{
"name": "groups",
"description": "Groups of jobs for the stage",
"name": "edges",
"description": "A list of edges.",
"args": [
],
@ -6348,18 +6665,161 @@
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigGroup",
"ofType": null
}
"kind": "OBJECT",
"name": "CiConfigNeedEdge",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "nodes",
"description": "A list of nodes.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigNeed",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "pageInfo",
"description": "Information to aid in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "PageInfo",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigNeedEdge",
"description": "An edge in a connection.",
"fields": [
{
"name": "cursor",
"description": "A cursor for use in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "node",
"description": "The item at the end of the edge.",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "CiConfigNeed",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigStage",
"description": null,
"fields": [
{
"name": "groups",
"description": "Groups of jobs for the stage",
"args": [
{
"name": "after",
"description": "Returns the elements in the list that come after the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "before",
"description": "Returns the elements in the list that come before the specified cursor.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "first",
"description": "Returns the first _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "last",
"description": "Returns the last _n_ elements from the list.",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
}
],
"type": {
"kind": "OBJECT",
"name": "CiConfigGroupConnection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "name",
"description": "Name of the stage",
@ -6382,6 +6842,118 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigStageConnection",
"description": "The connection type for CiConfigStage.",
"fields": [
{
"name": "edges",
"description": "A list of edges.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigStageEdge",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "nodes",
"description": "A list of nodes.",
"args": [
],
"type": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "CiConfigStage",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "pageInfo",
"description": "Information to aid in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "OBJECT",
"name": "PageInfo",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "CiConfigStageEdge",
"description": "An edge in a connection.",
"fields": [
{
"name": "cursor",
"description": "A cursor for use in pagination.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "node",
"description": "The item at the end of the edge.",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "CiConfigStage",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "ENUM",
"name": "CiConfigStatus",

8
doc/api/graphql/reference/index.md
View File

@ -381,14 +381,14 @@ Represents the total number of issues and their weights for a particular day.
| ----- | ---- | ----------- |
| `errors` | String! => Array | Linting errors |
| `mergedYaml` | String | Merged CI config YAML |
| `stages` | CiConfigStage! => Array | Stages of the pipeline |
| `stages` | CiConfigStageConnection | Stages of the pipeline |
| `status` | CiConfigStatus | Status of linting, can be either valid or invalid |
### CiConfigGroup
| Field | Type | Description |
| ----- | ---- | ----------- |
| `jobs` | CiConfigJob! => Array | Jobs in group |
| `jobs` | CiConfigJobConnection | Jobs in group |
| `name` | String | Name of the job group |
| `size` | Int | Size of the job group |
@ -398,7 +398,7 @@ Represents the total number of issues and their weights for a particular day.
| ----- | ---- | ----------- |
| `groupName` | String | Name of the job group |
| `name` | String | Name of the job |
| `needs` | CiConfigNeed! => Array | Builds that must complete before the jobs run |
| `needs` | CiConfigNeedConnection | Builds that must complete before the jobs run |
| `stage` | String | Name of the job stage |
### CiConfigNeed
@ -411,7 +411,7 @@ Represents the total number of issues and their weights for a particular day.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `groups` | CiConfigGroup! => Array | Groups of jobs for the stage |
| `groups` | CiConfigGroupConnection | Groups of jobs for the stage |
| `name` | String | Name of the stage |
### CiGroup

113
doc/user/project/clusters/add_eks_clusters.md
View File

@ -41,14 +41,32 @@ For example, the following policy document allows assuming a role whose name sta
}
```
### Administration settings
Generate an access key for the IAM user, and configure GitLab with the credentials:
1. Navigate to **Admin Area > Settings > General** and expand the **Amazon EKS** section.
1. Check **Enable Amazon EKS integration**.
1. Enter the account ID and access key credentials into the respective
`Account ID`, `Access key ID` and `Secret access key` fields.
1. Enter your **Account ID**.
1. Depending on your configuration, enter your access key and ID:
- _GitLab 13.7 and later, and using an instance profile_: You may leave
**Access key ID** and **Secret access key** blank.
Read [Instance profiles](#instance-profiles) for more information.
- _All GitLab versions_: Enter your access key credentials into
**Access key ID** and **Secret access key**.
1. Click **Save changes**.
#### Instance profiles
> Introduced in [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/291015).
You may leave `Access key ID` and `Secret access key` fields blank if
you are using an instance profile
[to pass an IAM role to an EC2 instance](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html).
Instance profiles dynamically retrieve temporary credentials from AWS when needed.
## New EKS cluster
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22392) in GitLab 12.5.
@ -175,17 +193,96 @@ You must add your AWS external ID to the
[IAM Role in the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html#cli-configure-role-xaccount)
to manage your cluster using `kubectl`.
### Cluster creation flow
The following sequence illustrates how GitLab works with AWS to create an EKS cluster:
```mermaid
sequenceDiagram
autonumber
participant G as GitLab
participant A as AWS
participant E as EKS cluster
alt static credentials
G->>G: Load AWS Access and secret key
end
alt IAM instance profile
G->>A: Fetch temporary credentials
A->>G: Temporary access credentials
end
G->>A: AssumeRole: EKS Provision Role
A->>A: Check account, external IDs
A->>A: Check permissions
A->>G: New access credentials
note over G: user selects EKS cluster options
note over G,A: Use Service Role credentials
G->>A: CreateStack (CloudFormation)
A->>G: Received
G->>G: Wait 5 minutes
loop Poll for cluster creation
G->>A: DescribeStacks
A->>G: CREATE_IN_PROGRESS
end
note over G,E: EKS Cluster Created
G->>A: DescribeStacks
A->>G: CREATE_COMPLETE
G->>E: kubectl create role (service account)
E->>G: OK
```
First, GitLab must obtain an initial set of credentials to communicate with the AWS API.
These credentials can be retrieved in one of two ways:
- Statically through the [Administration settings](#administration-settings).
- Dynamically via an IAM instance profile ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291015) in GitLab 13.7).
After GitLab retrieves the AWS credentials, it makes an
[AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html)
API call to obtain credentials for the Provision Role. AWS confirms
the request has the correct account ID, external ID, and permissions.
If the request is valid, AWS returns a new set of temporary credentials GitLab
uses to load the **Create cluster** options page.
On the **Create cluster** page, the user must select a **Service Role**, which is
the IAM role that is actually used to create the cluster, and other options
such as the Kubernetes cluster name, Kubernetes version, and region.
After the user clicks the **Create Kubernetes cluster** button, GitLab
submits a CloudFormation API request to create an EKS cluster with the given parameters
from the user. GitLab waits 5 minutes before checking whether the cluster was created,
and polls once a minute for up to 30 minutes.
After GitLab receives a `CREATE_COMPLETE` message from AWS, GitLab talks
to the EKS cluster to create a Kubernetes service account with `cluster-admin`
privileges, and updates its internal database to reflect the newly-created
Kubernetes cluster. From this point forward, GitLab uses this service account to
interact with the cluster.
### Troubleshooting creating a new cluster
The following errors are commonly encountered when creating a new cluster.
#### Error: Request failed with status code 422
#### Validation failed: Role ARN must be a valid Amazon Resource Name
When submitting the initial authentication form, GitLab returns a status code 422
error when it can't determine the role or region you've provided. Make sure you've
correctly configured your role with the **Account ID** and **External ID**
provided by GitLab. In GitLab, make sure to enter the correct **Role ARN**.
Make sure you also have access to the chosen region.
Check that the `Provision Role ARN` is correct. An example of a valid ARN:
```plaintext
arn:aws:iam::123456789012:role/gitlab-eks-provision'
```
#### Access denied: User `arn:aws:iam::x` is not authorized to perform: `sts:AssumeRole` on resource: `arn:aws:iam::y`
This error occurs when the credentials defined in the
[Administration settings](#administration-settings) cannot assume the role defined by the
Provision Role ARN. Check that:
1. The initial set of AWS credentials [has the AssumeRole policy](#additional-requirements-for-self-managed-instances).
1. The Provision Role has access to create clusters in the given region.
1. The account ID and
[external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html)
match the value defined in the **Trust relationships** tab in AWS:
![AWS IAM Trust relationships](img/aws_iam_role_trust.png)
#### Could not load Security Groups for this VPC

BIN
doc/user/project/clusters/img/aws_iam_role_trust.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 KiB

3
locale/gitlab.pot
View File

@ -24364,6 +24364,9 @@ msgstr ""
msgid "Search requirements"
msgstr ""
msgid "Search settings"
msgstr ""
msgid "Search users"
msgstr ""

100
spec/requests/api/graphql/ci/config_spec.rb
View File

@ -20,16 +20,24 @@ RSpec.describe 'Query.ciConfig' do
status
errors
stages {
name
groups {
nodes {
name
size
jobs {
name
groupName
stage
needs {
groups {
nodes {
name
size
jobs {
nodes {
name
groupName
stage
needs {
nodes {
name
}
}
}
}
}
}
}
@ -50,42 +58,60 @@ RSpec.describe 'Query.ciConfig' do
"status" => "VALID",
"errors" => [],
"stages" =>
[
{
"name" => "build",
"groups" =>
[
{
"nodes" =>
[
{
"name" => "build",
"groups" =>
{
"name" => "rspec",
"size" => 2,
"jobs" =>
"nodes" =>
[
{ "name" => "rspec 0 1", "groupName" => "rspec", "stage" => "build", "needs" => [] },
{ "name" => "rspec 0 2", "groupName" => "rspec", "stage" => "build", "needs" => [] }
]
},
{
"name" => "spinach", "size" => 1, "jobs" =>
[
{ "name" => "spinach", "groupName" => "spinach", "stage" => "build", "needs" => [] }
{
"name" => "rspec",
"size" => 2,
"jobs" =>
{
"nodes" =>
[
{ "name" => "rspec 0 1", "groupName" => "rspec", "stage" => "build", "needs" => { "nodes" => [] } },
{ "name" => "rspec 0 2", "groupName" => "rspec", "stage" => "build", "needs" => { "nodes" => [] } }
]
}
},
{
"name" => "spinach", "size" => 1, "jobs" =>
{
"nodes" =>
[
{ "name" => "spinach", "groupName" => "spinach", "stage" => "build", "needs" => { "nodes" => [] } }
]
}
}
]
}
]
},
{
"name" => "test",
"groups" =>
[
},
{
"name" => "test",
"groups" =>
{
"name" => "docker",
"size" => 1,
"jobs" => [
{ "name" => "docker", "groupName" => "docker", "stage" => "test", "needs" => [{ "name" => "spinach" }, { "name" => "rspec 0 1" }] }
"nodes" =>
[
{
"name" => "docker",
"size" => 1,
"jobs" =>
{
"nodes" => [
{ "name" => "docker", "groupName" => "docker", "stage" => "test", "needs" => { "nodes" => [{ "name" => "spinach" }, { "name" => "rspec 0 1" }] } }
]
}
}
]
}
]
}
]
}
]
}
)
end
end