diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-05 18:09:42 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-05 18:09:42 +0300 |
| commit | 0d09054d162458364ce3fc431506c182e2a5fa4f (patch) | |
| tree | 876e3bd5b2aae32189c09e113454a58c91cbd3f6 /doc | |
| parent | f44809bf96e636a28394c9849dbea5f68e8c910c (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/development/testing_guide/review_apps.md | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/doc/development/testing_guide/review_apps.md b/doc/development/testing_guide/review_apps.md index 606f7c4d6b5..dd2008a2003 100644 --- a/doc/development/testing_guide/review_apps.md +++ b/doc/development/testing_guide/review_apps.md @@ -153,7 +153,13 @@ used by the `review-deploy` and `review-stop` jobs. ### Get access to the GCP Review Apps cluster You need to [open an access request (internal link)](https://gitlab.com/gitlab-com/access-requests/issues/new) -for the `gcp-review-apps-sg` GCP group. +for the `gcp-review-apps-sg` GCP group. In order to join a group, you must specify the desired GCP role in your access request. +The role is what will grant you specific permissions in order to engage with Review App containers. + +Here are some permissions you may want to have, and the roles that grant them: + +- `container.pods.getLogs` - Required to [retrieve pod logs](#dig-into-a-pods-logs). Granted by [Viewer (`roles/viewer`)](https://cloud.google.com/iam/docs/understanding-roles#kubernetes-engine-roles). +- `container.pods.exec` - Required to [run a Rails console](#run-a-rails-console). Granted by [Kubernetes Engine Developer (`roles/container.developer`)](https://cloud.google.com/iam/docs/understanding-roles#kubernetes-engine-roles). ### Log into my Review App @@ -175,7 +181,7 @@ secure note named `gitlab-{ce,ee} Review App's root password`. ### Run a Rails console -1. Make sure you [have access to the cluster](#get-access-to-the-gcp-review-apps-cluster) first. +1. Make sure you [have access to the cluster](#get-access-to-the-gcp-review-apps-cluster) and the `container.pods.exec` permission first. 1. [Filter Workloads by your Review App slug](https://console.cloud.google.com/kubernetes/workload?project=gitlab-review-apps), e.g. `review-qa-raise-e-12chm0`. 1. Find and open the `task-runner` Deployment, e.g. `review-qa-raise-e-12chm0-task-runner`. @@ -191,7 +197,7 @@ secure note named `gitlab-{ce,ee} Review App's root password`. ### Dig into a Pod's logs -1. Make sure you [have access to the cluster](#get-access-to-the-gcp-review-apps-cluster) first. +1. Make sure you [have access to the cluster](#get-access-to-the-gcp-review-apps-cluster) and the `container.pods.getLogs` permission first. 1. [Filter Workloads by your Review App slug](https://console.cloud.google.com/kubernetes/workload?project=gitlab-review-apps), e.g. `review-qa-raise-e-12chm0`. 1. Find and open the `migrations` Deployment, e.g. |