Skip to content

Files that require bigbang integration testing📜

See bb MR testing for details regarding testing changes against bigbang umbrella chart📜

There are certain integrations within the bigbang ecosystem and this package that require additional testing outside of the specific package tests ran during CI. This is a requirement when files within those integrations are changed, as to avoid causing breaks up through the bigbang umbrella. Currently, these include changes to the Istio implementation within gitlab-runner (now governed by bb-common via chart/templates/bigbang/istio.yaml and the networkPolicies/istio values), network policy templates (see: network policy templates), and kyverno (see: kyverno custom entries).

Be sure to also test against monitoring locally as it is integrated by default with these high-impact service control packages, and needs to be validated using the necessary chart values beneath the istio block (bb-common) with monitoring.enabled set to true as part of your dev-overrides.yaml.

How to upgrade the Gitlab Runner Package chart📜

  1. Renovate may have already made changes in the development branch. If that is the case then just verify that the changes are correct as you go through these steps.
  2. Discover the chart version tag that matches with the application version from the upstream chart by looking at the Chart.yaml. Do diff between old and new release tags to become aware of any significant chart changes. A graphical diff tool such as Meld is useful. You can see where the current chart version and available versions are at under the sources section in Chart.yaml.`
  3. Read the /CHANGELOG.md from the release tag from upstream upstream chart. Also, be aware of changes in the Gitlab chart that could affect the runner chart. Take note of any special upgrade instructions, if any.
  4. If Renovate has not created a development branch and merge request then manually create them.
  5. Merge/Sync the new helm chart with the existing Gitlab Runner package code. A graphical diff tool like Meld is useful. Reference the “Modifications made to upstream chart” section below. Be careful not to overwrite Big Bang Package changes that need to be kept. Note that some files will have combinations of changes that you will overwrite and changes that you keep. Stay alert. The hardest file to update is the /chart/values.yaml because many defaults are changed.
  6. In /chart/values.yaml update all the gitlab image tags to the new version. There are 3 images: gitlab-runner, gitlab-runner-helper, and the ubi.
  7. Update /tests/images.txt with the new image tags. This file insures that the images are packaged in the pipelines.
  8. Update CHANGELOG.md with an entry for “upgrade gitlab-runner to app version X.X.X chart version X.X.X-bb.X”. Or, whatever description is appropriate.
  9. Update Chart.yaml to the appropriate versions. The annotation version is the actual image tag and should match the appVersion with a prepended v.
version: X.X.X-bb.X
appVersion: X.X.X
annotations:
  bigbang.dev/applicationVersions: |
    - Gitlab Runner: vX.X.X
dependencies:
  - name: gitlab-runner
    version: X.X.X
    repository: https://charts.gitlab.io
    alias: upstream
  - name: gluon
    version: X.X.X
    repository: oci://registry1.dso.mil/bigbang/
helm.sh/images: |
- name: gitlab-runner
  image: registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner:vX.X.X
- name: gitlab-runner-helper
  image: registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner-helper:vX.X.X
- name: ubi9
  image: registry1.dso.mil/ironbank/redhat/ubi/ubi9:X.X
  1. Look inhttps://repo1.dso.mil/big-bang/product/packages/gitlab-runner/-/tree/0.88.3-bb.1/chart/Chart.yaml](https://repo1.dso.mil/big-bang/product/packages/gitlab-runner/-/tree/0.88.3-bb.1/chart/Chart.yaml#L15) at the dependencies and verify that you have the most recent version of the Big Bang Gluon library. If not, update Chart.yaml with the correct version. You will replace these files in the next step.
  2. Run a helm dependency command to update the chart/charts/*.tgz archives and create a new Chart.lock file. You will commit the tar archives along with the Chart.lock that was generated. This will contain the new upstream chart to commit if you have updated the Chart.yaml versioning for the upstream and other dependency charts.

    helm dependency update ./chart
    
  3. Update the README.md following the gluon library script

  4. Use a development environment to deploy and test Gitlab Runner. See more detailed testing instructions in Gitlab Package documentation. Test with Gitlab Package enabled to make sure the new gitlab-runner version still works with Gitlab. Also test an upgrade by deploying the old version first and then deploying the new version. Verify that the upgrade goes smoothly.
  5. When the Package pipeline runs expect the cypress tests to fail due to UI changes. The cypress test should be reviewed against the current Gitlab Package flows to avoid maintaining duplicate or stale UI coverage. See the Gitlab Package documentation if you do need to run the cypress tests locally. This test should be able to pass on BOTH clean install and upgrade stages with the appropriate updates.
  6. Update the README.md again if you have made any additional changes during the upgrade/testing process.

Testing new Gitlab Runner version📜

  1. Follow the testing instructions from the Gitlab Package documentation. The details are not repeated here.

Modifications made to upstream chart📜

This is a high-level list of modifications that Big Bang has made to the upstream helm chart. You can use this as a cross-check to make sure that no modifications were lost during the upgrade process.

/chart/charts/*.tgz and /chart/Chart.lock📜

  • The upstream GitLab Runner chart, Big Bang Gluon library, and Big Bang common library are added as chart dependencies. Run helm dependency update ./chart.
  • Commit the tar archives downloaded by the helm dependency update command and the generated Chart.lock.

/chart/dashboards/*📜

  • add Grafana dashboards

/chart/templates/bigbang/*📜

  • Kyverno policies
  • NetworkPolicies
  • Istio resources are now rendered via bb-common (chart/templates/bigbang/istio.yaml)
  • add support for Grafana dashboards
  • Istio authorization policies are now rendered via bb-common

/chart/templates/tests/*📜

  • add templates for helm tests

/chart/tests/cypress/*📜

  • add cypress tests

/.gitignore📜

  • keep dependency archives and lock files trackable by leaving *.tgz and *.lock unignored

https://repo1.dso.mil/big-bang/product/packages/gitlab-runner/-/tree/0.88.3-bb.1/chart/Chart.yaml📜

  • The Chart.yaml is updated with BigBang version changes and dependencies
  • Big Bang dependencies include the upstream GitLab Runner chart, Gluon, and bb-common

/chart/values.yaml📜

  • gitlabUrl: http://gitlab-webservice-default.gitlab.svc.cluster.local:8181
  • concurrent: 50
  • rbac.create: true
  • metrics.portName: http-metrics
  • service.enabled: true
  • runners.config: multiple changes
  • securityContext: changes to work with IB images
  • podSecurityContext: changes to work with IB images
  • containerSecurityContext: changes to work with IB images
  • resources: set requests and limits to the same values
  • image: use Iron Bank GitLab Runner image details
  • useTini: true
  • runners.job: independently customize UBI image details
  • runners.helper: independently customize Gitlab Runner Helper image details
  • istio: values added to support bb-common Istio resources
  • monitoring.enabled: value added to support BB monitoring
  • bbtests: values added to support CI testing with gluon
  • networkPolicies.enabled: value added to support network policies
  • autoRegister: values added to support Kyverno-based GitLab Runner secret synchronization
  • openshift: value added to support OpenShift-specific resources