The first thing we need to do is add a Kubernetes cluster to GitLab. You can do this at the Group level (share cluster between projects) or the project level. The project I am working on has a React application for the Front-end and a Service Stack API for the Back-end, so I am going to add the cluster at the Group level.
Navigate to the group in GitLab and select Kubernetes, currently found in the left side menu, and click "Add Kubernetes cluster"
GitLab allows you to add a Google hosted Kubernetes Engine, however I ran into many errors and issues so decided to go for a DigitalOcean hosted cluster. This option worked out much cheaper and I was also able to actually get it to work, a win win in my mind, as we are not going to use Google Compute we will opted to "Add existing cluster".
To get these values is straight forward but not immediately apparent and you may end up doing a lot of documentation diving to work out what is what, so if you want to reuse my excursion in to the documentation here is what to do.
After following the getting started guide from DigitalOcean on cluster set up the following bash commands will get you the values for the first three fields in the above form.
Kubernetes cluster name
kubectl config view --raw --flatten -o json | jq -r '.clusters | select(.name == "'$(kubectl config current-context)'") | .name'
kubectl config view --raw --flatten -o json | jq -r '.clusters | select(.name == "'$(kubectl config current-context)'") | .cluster.server'
kubectl config view --raw --flatten -o json | jq -r '.clusters | select(.name == "'$(kubectl config current-context)'") | .cluster."certificate-authority-data"' | base64 --decode
To get the Token we first need to create a user with the correct ClusterRoleBindings, we can do this by creating the following YAML files
apiVersion: v1 kind: ServiceAccount metadata: name: gitlab namespace: default
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: gitlab-cluster-admin subjects: - kind: ServiceAccount name: gitlab namespace: default roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io
With these two files create you can use ```kubectl create -f``` to apply them to the cluster.
kubectl create -f gitlab-serviceaccount.yaml
kubectl create -f gitlab-serviceaccount-ClusterRoleBinding.yml
Now with a GitLab service account created we can get the Token with this bash command
kubectl -o json get secret | jq -r '.items | select(.metadata.annotations."kubernetes.io/service-account.name" == "gitlab") | .data.token' | base64 --decode
Finally make sure RBAC-enabled cluster is checked.
With the form now complete click the "Add Kubernetes cluster" and we are done.