Package com.cloudforgeci.api.application.cicd

Class GitLabApplicationSpec

java.lang.Object
com.cloudforgeci.api.application.cicd.GitLabApplicationSpec
All Implemented Interfaces:
ApplicationSpec, DatabaseSpec
@ApplicationPlugin(value="gitlab", category="cicd", displayName="GitLab", description="Complete DevOps platform with Git, CI/CD, and security", defaultCpu=2048, defaultMemory=4096, defaultInstanceType="t3.medium", supportsFargate=true, supportsEc2=true, supportsOidc=true, supportsDatabase=true, requiresDatabase=true) public class GitLabApplicationSpec extends Object implements ApplicationSpec, DatabaseSpec
GitLab ApplicationSpec implementation.

GitLab is a complete DevOps platform with Git repository, CI/CD, and collaboration features.

Key Features:

  • Git repository management
  • Built-in CI/CD pipelines
  • Issue tracking and project management
  • Container registry
  • Security scanning

Requirements:

  • Production: PostgreSQL 12+ via RDS (REQUIRED for multi-instance)
  • Development: Embedded PostgreSQL (single instance only)
  • Redis for caching (included in GitLab container)
  • Minimum 4GB RAM recommended

Database Configuration:

  • GitLab REQUIRES PostgreSQL for production deployments
  • Embedded database only suitable for development/staging (single instance)
  • RDS recommended: db.t3.medium or larger with Multi-AZ
See Also:

  • Constructor Details

    • GitLabApplicationSpec

      public GitLabApplicationSpec()

  • Method Details

    • applicationId

      public String applicationId()
      Description copied from interface: ApplicationSpec
      Returns a unique identifier for this application. Used for logging, metrics, and resource naming.
      Specified by:
      applicationId in interface ApplicationSpec
      Returns:
      application identifier (e.g., "jenkins", "gitlab", "vault")

    • defaultContainerImage

      public String defaultContainerImage()
      Description copied from interface: ApplicationSpec
      Returns the default container image for this application. Can be overridden by deployment context configuration.
      Specified by:
      defaultContainerImage in interface ApplicationSpec
      Returns:
      container image string (e.g., "jenkins/jenkins:lts")

    • applicationPort

      public int applicationPort()
      Description copied from interface: ApplicationSpec
      Returns the primary application port. This is the port the application listens on inside the container.
      Specified by:
      applicationPort in interface ApplicationSpec
      Returns:
      application port (e.g., 8080 for Jenkins)

    • optionalPorts

      public List<ApplicationSpec.OptionalPort> optionalPorts()
      Description copied from interface: ApplicationSpec
      Returns optional ports that can be enabled via deployment configuration.

      These ports are NOT exposed by default. Users must set the corresponding configKey to true in their deployment configuration to enable each port.

      Example implementation for Mattermost:

      
 @Override
 public List<OptionalPort> optionalPorts() {
     return List.of(
         OptionalPort.outboundTcp(587, "enableSmtp", "SMTP Email"),
         OptionalPort.inboundTcp(8074, "enableClustering", "Cluster Gossip")
     );
 }

      User enables in deployment-context.json:

      
 {
   "enableSmtp": true,
   "enableClustering": true
 }
      Specified by:
      optionalPorts in interface ApplicationSpec
      Returns:
      list of optional ports (empty by default - most apps only need primary port)

    • containerDataPath

      public String containerDataPath()
      Description copied from interface: ApplicationSpec
      Returns the container path where application data is stored. This is where the volume will be mounted inside the container.
      Specified by:
      containerDataPath in interface ApplicationSpec
      Returns:
      container mount path (e.g., "/var/jenkins_home")

    • efsDataPath

      public String efsDataPath()
      Description copied from interface: ApplicationSpec
      Returns the EFS path for this application's data. This is the path within the EFS filesystem.
      Specified by:
      efsDataPath in interface ApplicationSpec
      Returns:
      EFS path (e.g., "/jenkins")

    • volumeName

      public String volumeName()
      Description copied from interface: ApplicationSpec
      Returns the volume name for this application. Used to reference the volume in task definitions.
      Specified by:
      volumeName in interface ApplicationSpec
      Returns:
      volume name (e.g., "jenkinsHome")

    • containerUser

      public String containerUser()
      Description copied from interface: ApplicationSpec
      Returns the container user (UID:GID) to run as. Important for file permissions when using EFS.
      Specified by:
      containerUser in interface ApplicationSpec
      Returns:
      user in format "UID:GID" (e.g., "1000:1000")

    • databaseRequirement

      public DatabaseSpec.DatabaseRequirement databaseRequirement()
      Description copied from interface: DatabaseSpec
      Database requirement for this application.
      Specified by:
      databaseRequirement in interface DatabaseSpec
      Returns:
      database requirement (required, optional, or none)

    • databaseParameters

      public Map<String,String> databaseParameters()
      Description copied from interface: DatabaseSpec
      Database configuration overrides for specific engines.

      Example PostgreSQL parameters:

      • max_connections - 200
      • shared_buffers - {DBInstanceClassMemory/4096}
      • work_mem - 16MB
      • log_statement - all
      Specified by:
      databaseParameters in interface DatabaseSpec
      Returns:
      map of parameter group settings

    • backupRetentionDays

      public int backupRetentionDays()
      Description copied from interface: DatabaseSpec
      Database backup retention requirements.
      Specified by:
      backupRetentionDays in interface DatabaseSpec
      Returns:
      backup retention days (1-35), default 7

    • healthCheckPath

      public String healthCheckPath()
      Description copied from interface: ApplicationSpec
      Returns the health check path for ALB/ELB health checks.

      Different applications expose health endpoints at different paths:

      • Jenkins: /login
      • GitLab: /users/sign_in
      • Grafana: /api/health
      • Metabase: /api/health
      Specified by:
      healthCheckPath in interface ApplicationSpec
      Returns:
      health check path (e.g., "/login", "/api/health")

    • containerEnvironmentVariables

      public Map<String,String> containerEnvironmentVariables(String fqdn, boolean sslEnabled, String authMode)
      Description copied from interface: ApplicationSpec
      Configures application-specific environment variables for the container.

      Applications can override this to provide custom environment variables based on deployment configuration (FQDN, SSL, authMode, etc.). The infrastructure passes the FQDN, SSL settings, and authentication mode for applications that need reverse proxy configuration or authentication-specific setup.

      Example use cases:

      • Jenkins: JAVA_OPTS, JENKINS_OPTS for reverse proxy configuration, skip setup wizard for application-oidc
      • GitLab: GITLAB_OMNIBUS_CONFIG for external URL configuration and OIDC setup
      • Vault: VAULT_ADDR for API endpoint configuration
      Specified by:
      containerEnvironmentVariables in interface ApplicationSpec
      Parameters:
      fqdn - The fully qualified domain name (may be null)
      sslEnabled - Whether SSL is enabled
      authMode - The authentication mode (may be null, e.g., "none", "alb-oidc", "application-oidc")
      Returns:
      Map of environment variable key-value pairs (never null, may be empty)

    • containerEnvironmentVariables

      public Map<String,String> containerEnvironmentVariables(String fqdn, boolean sslEnabled, String authMode, DatabaseSpec.DatabaseConnection dbConn)
      Container environment variables with database connection support.

      If database connection is provided, configures GitLab to use RDS PostgreSQL. Otherwise, falls back to embedded PostgreSQL (single instance only).

    • efsPermissions

      public String efsPermissions()
      Description copied from interface: ApplicationSpec
      Returns the EFS permissions for the access point.
      Specified by:
      efsPermissions in interface ApplicationSpec
      Returns:
      permissions string (e.g., "750")

    • ebsDeviceName

      public String ebsDeviceName()
      Description copied from interface: ApplicationSpec
      Returns the EBS device name for EC2 instances when not using EFS. This is the device that will be formatted and mounted for application data.
      Specified by:
      ebsDeviceName in interface ApplicationSpec
      Returns:
      EBS device path (e.g., "/dev/xvdh")

    • ec2DataPath

      public String ec2DataPath()
      Description copied from interface: ApplicationSpec
      Returns the EC2 data path where application stores persistent data. This may differ from containerDataPath depending on application packaging.
      Specified by:
      ec2DataPath in interface ApplicationSpec
      Returns:
      EC2 mount path (e.g., "/var/lib/jenkins")

    • ec2LogPaths

      public List<String> ec2LogPaths()
      Description copied from interface: ApplicationSpec
      Returns CloudWatch log file paths for EC2 monitoring. These files will be streamed to CloudWatch Logs for centralized logging.
      Specified by:
      ec2LogPaths in interface ApplicationSpec
      Returns:
      list of absolute log file paths (e.g., ["/var/log/jenkins/jenkins.log"])

    • configureUserData

      public void configureUserData(UserDataBuilder builder, Ec2Context context)
      Description copied from interface: ApplicationSpec
      Configure EC2 UserData script for application installation and setup.

      The implementation should use the UserDataBuilder to add application-specific installation commands while leveraging infrastructure helpers for storage mounting and CloudWatch configuration.

      The infrastructure handles:

      • System updates
      • EFS vs EBS storage mounting (based on availability)
      • CloudWatch Agent installation and configuration
      • File permissions and ownership

      The application provides:

      • Application installation commands (yum/dnf install, etc.)
      • Application configuration
      • Service startup commands
      Specified by:
      configureUserData in interface ApplicationSpec
      Parameters:
      builder - The UserDataBuilder providing infrastructure helpers
      context - The Ec2Context providing runtime information

    • supportsOidcIntegration

      public boolean supportsOidcIntegration()
      Description copied from interface: ApplicationSpec
      Returns whether this application supports OIDC integration.

      Applications with built-in OIDC support (GitLab, Grafana, SonarQube) or plugin support (Jenkins) should return true.

      Specified by:
      supportsOidcIntegration in interface ApplicationSpec
      Returns:
      true if application can integrate with OIDC providers

    • getOidcIntegration

      public OidcIntegration getOidcIntegration()
      Description copied from interface: ApplicationSpec
      Returns the OIDC integration handler for this application.

      This provides application-specific configuration for integrating with Cognito or IAM Identity Center OIDC.

      Specified by:
      getOidcIntegration in interface ApplicationSpec
      Returns:
      OIDC integration handler, or null if not supported

    • defaultHealthCheckGracePeriod

      public int defaultHealthCheckGracePeriod()
      Description copied from interface: ApplicationSpec
      Get the recommended health check grace period for this application.

      The grace period is how long ECS/ALB waits before starting health checks after a container starts. Applications with longer initialization times (like GitLab) need longer grace periods.

      Default values:

      • Most applications: 300 seconds (5 minutes)
      • GitLab: 600 seconds (10 minutes) - due to database migrations and initialization
      • Other database-heavy apps may also need longer periods
      Specified by:
      defaultHealthCheckGracePeriod in interface ApplicationSpec
      Returns:
      recommended health check grace period in seconds

    • toString

      public String toString()
      Overrides:
      toString in class Object