Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Gitlab.com (SaaS) #127

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add support for Gitlab.com (SaaS) #127

wants to merge 3 commits into from

Conversation

fjudith
Copy link
Contributor

@fjudith fjudith commented Oct 29, 2024
edited
Loading

What does this PR do?

🛑 Please open an issue first to discuss any significant work and flesh out details/direction - we would hate for your time to be wasted.
Consult the CONTRIBUTING guide for submitting pull-requests.

  • opa-platform: New GITLAB_PROVISIONING_ENABLED environnent variable to control the provisioning of the selft-hosted Gitlab instances.
  • opa-platform: Add support of the provisioning of an IAM Identity Provider for Gitlab.com managed runner (a.k.a Gtilab SaaS runner) if self-hosted Gitlab instances provisioning disable (i.e. GITLAB_PROVISIONING_ENABLED=false)
  • opa-common-construct: Allow Gitlab runner (self-hosted/managed) to assume the fine-grained provisioning role
  • opa-platform: Renamed CREATE_ENV_PROVISIONING_ROLE to DANGEROUSLY_ENABLE_PROVISIONING_ROLE_WITH_ADMIN_ACCESS environnent variable, and add logic to provision the provisioning role with either fine-grained or full-access permissions.

Motivation

Current AWS Harmonix deployment requires dedicated self-hosted Gitlab server and runner provisioned by the opa-platform CDK app.
By default the provining role is provisioned with full-access permissions, we should provide a mechanism to switch to more least privilege allocation.

For Moderators

  • Compile, build, tests successful before merge?

Additional Notes

Relates to issue: #119 #116

@fjudith fjudith marked this pull request as draft October 29, 2024 12:27
@fjudith fjudith changed the title Feature/gitlab-saas Add support for Gitlab.com (SaaS) Oct 29, 2024
@fjudith fjudith mentioned this pull request Oct 29, 2024
Merged
5 tasks
@fjudith fjudith marked this pull request as ready for review February 3, 2025 01:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@fjudith