Merge branch 'docs-auto-devops-deploy-token' into 'master'
Docs: Clarify how Auto DevOps deploys using deploy token See merge request gitlab-org/gitlab-ce!25787
This commit is contained in:
commit
f2a53ee44d
|
@ -506,17 +506,22 @@ enable them.
|
||||||
You can make use of [environment variables](#environment-variables) to automatically
|
You can make use of [environment variables](#environment-variables) to automatically
|
||||||
scale your pod replicas.
|
scale your pod replicas.
|
||||||
|
|
||||||
It's important to note that when a project is deployed to a Kubernetes cluster,
|
> [Introduced][ce-19507] in GitLab 11.0.
|
||||||
it relies on a Docker image that has been pushed to the
|
|
||||||
[GitLab Container Registry](../../user/project/container_registry.md). Kubernetes
|
For internal and private projects a [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token)
|
||||||
fetches this image and uses it to run the application. If the project is public,
|
will be automatically created, when Auto DevOps is enabled and the Auto DevOps settings are saved. This Deploy Token
|
||||||
the image can be accessed by Kubernetes without any authentication, allowing us
|
can be used for permanent access to the registry.
|
||||||
to have deployments more usable. If the project is private/internal, the
|
|
||||||
Registry requires credentials to pull the image. Currently, this is addressed
|
If the GitLab Deploy Token cannot be found, `CI_REGISTRY_PASSWORD` is
|
||||||
by providing `CI_JOB_TOKEN` as the password that can be used, but this token will
|
used. Note that `CI_REGISTRY_PASSWORD` is only valid during deployment.
|
||||||
no longer be valid as soon as the deployment job finishes. This means that
|
This means that Kubernetes will be able to successfully pull the
|
||||||
Kubernetes can run the application, but in case it should be restarted or
|
container image during deployment but in cases where the image needs to
|
||||||
executed somewhere else, it cannot be accessed again.
|
be pulled again, e.g. after pod eviction, Kubernetes will fail to do so
|
||||||
|
as it will be attempting to fetch the image using
|
||||||
|
`CI_REGISTRY_PASSWORD`.
|
||||||
|
|
||||||
|
NOTE: **Note:**
|
||||||
|
When the GitLab Deploy Token has been manually revoked, it won't be automatically created.
|
||||||
|
|
||||||
#### Migrations
|
#### Migrations
|
||||||
|
|
||||||
|
@ -551,15 +556,6 @@ The `/app` path is the directory of your project inside the docker image
|
||||||
as [configured by
|
as [configured by
|
||||||
Herokuish](https://github.com/gliderlabs/herokuish#paths)
|
Herokuish](https://github.com/gliderlabs/herokuish#paths)
|
||||||
|
|
||||||
> [Introduced][ce-19507] in GitLab 11.0.
|
|
||||||
|
|
||||||
For internal and private projects a [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token)
|
|
||||||
will be automatically created, when Auto DevOps is enabled and the Auto DevOps settings are saved. This Deploy Token
|
|
||||||
can be used for permanent access to the registry.
|
|
||||||
|
|
||||||
Note: **Note**
|
|
||||||
When the GitLab Deploy Token has been manually revoked, it won't be automatically created.
|
|
||||||
|
|
||||||
### Auto Monitoring
|
### Auto Monitoring
|
||||||
|
|
||||||
NOTE: **Note:**
|
NOTE: **Note:**
|
||||||
|
|
Loading…
Reference in New Issue