I am using the Gitlab helm chart to install Gitlab on my cluster. I want to set initialRootPassword so that I can login without doing kubectl get secret
## Initial root password for this GitLab installation
## Secret created according to doc/installation/secrets.md#initial-root-password
## If allowing shared-secrets generation, this is OPTIONAL.
initialRootPassword: {}
# secret: RELEASE-gitlab-initial-root-password
# key: password
The above block is a bit confusing. Can you please help me with this? Thanks.
The initialRootPassword refers to a secret object within kubernetes, so you must first create a secret within the same namespace as your gitlab instance and then point initialRootPassword to it.
For example, if you want the root password to be "password", first you need to base64 encode it
$ echo -n "password"|base64
cGFzc3dvcmQ=
Then add it to kubernetes
# secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: gitlab-root-password
data:
password: cGFzc3dvcmQ=
kubectl apply -f secret.yamlThere are other ways to create the secret, see the docs for more info on that.
You can then set the initialRootPassword
initialRootPassword:
secret: gitlab-root-password
key: passwordThe key here refers to the name of the data key in the secret object.
An alternative is to use Gitlab default values which allow you to create a secret object that will be used automatically without explicitly setting initialRootPassword
This example is taken from gitlab docs (Replace <name> with the name of the release).
kubectl create secret generic <name>-gitlab-initial-root-password --from-literal=password=$(head -c 512 /dev/urandom | LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 32)