Instead of using the official helm chart for GitLab, we use a stripped down version that
- Exposes GitLab at
- Exposes Docker Registry at
- Listens only on HTTP while TLS is handled by Ingress.
- Uses an admin service account.
- Uses a PVC to store data.
To deploy GitLab run:
To expose GitLab, create an Ingress resource:
To visit GitLab go to https://gitlab.example.com.
Serving GitLab under prefix is not that straightforward (see https://docs.gitlab.com/ee/install/relative_url.html)
Add Kubernetes Cluster to GitLab¶
To add the Kubernetes Cluster to GitLab follow https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html#existing-kubernetes-cluster.
We have enabled private access to the EKS cluster so we have to allow Requests to the local network in GitLab (see https://gitlab.com/gitlab-org/gitlab-foss/-/issues/57948). Go to Admin -> Settings -> Network -> Outbound Requests -> Allow requests to the local network from hooks and services and allow both.
To obtain the endpoint of the cluster run:
To obtain the CA certificate of the cluster run:
To obtain an admin token, since GitLab is already running with admin service account create a dedicated admin token: