fleet
fleet copied to clipboard
fleetdm
GitLab for Fleet's best practice GitOps
Goal
| User story |
|---|
| As an endpoint operator who works at an organization that uses GitLab, |
| I want to clone a GitLab repo (that looks like the GitHub repo) and connect it to my Fleet server |
| so that I can manage my computers as code with GitLab and the YAML files in Fleet's best practice GitOps |
Context
- Product designer: @marko-lisica
Changes
Product
- [ ] UI changes: No UI changes
- [ ] CLI usage changes: No CLI changes
- [ ] REST API changes: No API changes
- [ ] Permissions changes: No permissions changes
- [ ] Outdated reference documentation changes: Update the GitOps reference to point to GitHub and GitLab repos.
- [ ] Changes to paid features or tiers: Available for Fleet Free and Fleet Premium
Engineering
- [ ] Database schema migrations: TODO
- [ ] Load testing: TODO
ℹ️ Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".
QA
Risk assessment
- Requires load testing: TODO
- Risk level: Low / High TODO
- Risk description: TODO
Manual testing steps
- Step 1
- Step 2
- Step 3
Testing notes
Confirmation
- [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
- [ ] QA (@____): Added comment to user story confirming successful completion of QA.
We discussed this request at feature fest.
We decided not to draft this one in the upcoming design sprint (4.49).
Removing from feature fest board.
Issue description from #20836 (duplicate):
Problem
Supporting our Fleet gitops repository on multiple CI products will be required. We have heard that Gitlab is an important player in the CI realm. We need to be able to house our "fleet-gitops" repo in a company owned Gitlab environment with Github pipelines (equivalent to GH Actions).
What have you tried?
It seems that there are nice import utilities to take repos from gh and into gitlab. I tried this, but the workflow.yml still needs to be converted to the gitlab syntax manually. But, maybe I missed something.
Hey @getvictor any ideas on how we'd do this? And what the level of effort will be? I have minimal experience using GitLab.
Goal is to enable the same workflow we enable w/ best practice GitOps. That is...clone a GitLab repo => connect it to your Fleet server => start managed computers as code
Hey @getvictor any ideas on how we'd do this? And what the level of effort will be? I have minimal experience using GitLab.
Goal is to enable the same workflow we enable w/ best practice GitOps. That is...clone a GitLab repo => connect it to your Fleet server => start managed computers as code
Yes, we would spin up a personal GitLab, and use it for testing/dev. I estimate ~1 day to complete this story.
@lukeheath, this was probably communicated to customers that we will do as part of this sprint. Does it make sense to add a P2 so we can work on it before other bugs?
In any case we will do the roadmap P2 before this but we have a few days before we have the design ready.
@noahtalerman GitLab does not have its own secrets manager yet. I will use Hashicorp Vault. Reference: https://docs.gitlab.com/ee/ci/secrets/
GitLab does not have its own secrets manager yet. I will use Hashicorp Vault. Reference: https://docs.gitlab.com/ee/ci/secrets/
Hey @kennyb-222 does that work for y'all?
cc @getvictor
Update: looks like I don't neet a secrets manager. Gitlab can mask env variables, so I'll just use that feature.
PR for fleet-gitops repo: https://github.com/fleetdm/fleet-gitops/pull/48
Hey @zayhanlon and @dherder, heads up, this user story was shipped in Fleet 4.57 🎉
