From a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 16 Jun 2021 18:25:58 +0000
Subject: Add latest changes from gitlab-org/gitlab@14-0-stable-ee

---
 doc/development/kubernetes.md | 25 ++++++++-----------------
 1 file changed, 8 insertions(+), 17 deletions(-)

(limited to 'doc/development/kubernetes.md')

diff --git a/doc/development/kubernetes.md b/doc/development/kubernetes.md
index 5be2080eb64..9e67227ec7f 100644
--- a/doc/development/kubernetes.md
+++ b/doc/development/kubernetes.md
@@ -35,12 +35,12 @@ We use the [`kubeclient`](https://rubygems.org/gems/kubeclient) gem to
 perform Kubernetes API calls. As the `kubeclient` gem does not support
 different API Groups (such as `apis/rbac.authorization.k8s.io`) from a
 single client, we have created a wrapper class,
-[`Gitlab::Kubernetes::KubeClient`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/kubernetes/kube_client.rb)
+[`Gitlab::Kubernetes::KubeClient`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/kubernetes/kube_client.rb)
 that enable you to achieve this.
 
 Selected Kubernetes API groups are supported. Do add support
 for new API groups or methods to
-[`Gitlab::Kubernetes::KubeClient`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/kubernetes/kube_client.rb)
+[`Gitlab::Kubernetes::KubeClient`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/kubernetes/kube_client.rb)
 if you need to use them. New API groups or API group versions can be
 added to `SUPPORTED_API_GROUPS` - internally, this creates an
 internal client for that group. New methods can be added as a delegation
@@ -50,7 +50,7 @@ to the relevant internal client.
 
 All calls to the Kubernetes API must be in a background process. Don't
 perform Kubernetes API calls within a web request. This blocks
-Unicorn, and can lead to a denial-of-service (DoS) attack in GitLab as
+webserver, and can lead to a denial-of-service (DoS) attack in GitLab as
 the Kubernetes cluster response times are outside of our control.
 
 The easiest way to ensure your calls happen a background process is to
@@ -58,7 +58,7 @@ delegate any such work to happen in a [Sidekiq worker](sidekiq_style_guide.md).
 
 You may want to make calls to Kubernetes and return the response, but a background
 worker isn't a good fit. Consider using
-[reactive caching](https://gitlab.com/gitlab-org/gitlab/blob/master/app/models/concerns/reactive_caching.rb).
+[reactive caching](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/concerns/reactive_caching.rb).
 For example:
 
 ```ruby
@@ -76,7 +76,7 @@ For example:
 ### Testing
 
 We have some WebMock stubs in
-[`KubernetesHelpers`](https://gitlab.com/gitlab-org/gitlab/blob/master/spec/support/helpers/kubernetes_helpers.rb)
+[`KubernetesHelpers`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/support/helpers/kubernetes_helpers.rb)
 which can help with mocking out calls to Kubernetes API in your tests.
 
 ### Amazon EKS integration
@@ -107,7 +107,7 @@ The process for creating a cluster is as follows:
    by `:provision_role_arn` and stores a set of temporary credentials on the
    provider record. By default these credentials are valid for one hour.
 1. A CloudFormation stack is created, based on the
-   [`AWS CloudFormation EKS template`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/aws/cloudformation/eks_cluster.yaml).
+   [`AWS CloudFormation EKS template`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/vendor/aws/cloudformation/eks_cluster.yaml).
    This triggers creation of all resources required for an EKS cluster.
 1. GitLab polls the status of the stack until all resources are ready,
    which takes somewhere between 10 and 15 minutes in most cases.
@@ -135,7 +135,7 @@ a cluster.
 Mitigation strategies include:
 
 1. Not allowing redirects to attacker controller resources:
-   [`Kubeclient::KubeClient`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/kubernetes/kube_client.rb#)
+   [`Kubeclient::KubeClient`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/kubernetes/kube_client.rb#)
    can be configured to disallow any redirects by passing in
    `http_max_redirects: 0` as an option.
 1. Not exposing error messages: by doing so, we
@@ -159,7 +159,7 @@ Logs related to the Kubernetes integration can be found in
 GDK install, these logs are present in `log/kubernetes.log`.
 
 Some services such as
-[`Clusters::Applications::InstallService`](https://gitlab.com/gitlab-org/gitlab/blob/master/app/services/clusters/applications/install_service.rb#L18)
+[`Clusters::Applications::InstallService`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/clusters/applications/install_service.rb#L18)
 rescues `StandardError` which can make it harder to debug issues in an
 development environment. The current workaround is to temporarily
 comment out the `rescue` in your local development source.
@@ -172,12 +172,3 @@ they are written:
 ```shell
 kubectl logs <pod_name> --follow -n gitlab-managed-apps
 ```
-
-## GitLab Managed Apps
-
-GitLab provides [GitLab Managed Apps](../user/clusters/applications.md), a one-click
-install for various applications which can be added directly to your configured cluster.
-
-**<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
-For an overview of how to add a new GitLab-managed app, see
-[How to add GitLab-managed-apps to Kubernetes integration](https://youtu.be/mKm-jkranEk).**
-- 
cgit v1.2.3