2019-03-03 19:00:40 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module Gitlab
|
|
|
|
|
module Ci
|
|
|
|
|
module Build
|
|
|
|
|
module Prerequisite
|
|
|
|
|
class KubernetesNamespace < Base
|
|
|
|
|
def unmet?
|
2019-04-14 22:11:50 -04:00
|
|
|
deployment_cluster.present? &&
|
2019-05-02 21:05:53 -04:00
|
|
|
deployment_cluster.managed? &&
|
2020-01-08 01:08:13 -05:00
|
|
|
missing_namespace?
|
2019-03-03 19:00:40 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def complete!
|
|
|
|
|
return unless unmet?
|
|
|
|
|
|
2019-08-07 00:40:29 -04:00
|
|
|
create_namespace
|
2019-03-03 19:00:40 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
2019-08-07 00:40:29 -04:00
|
|
|
def missing_namespace?
|
|
|
|
|
kubernetes_namespace.nil? || kubernetes_namespace.service_account_token.blank?
|
|
|
|
|
end
|
|
|
|
|
|
2019-03-12 23:06:54 -04:00
|
|
|
def deployment_cluster
|
2019-06-25 01:06:37 -04:00
|
|
|
build.deployment&.cluster
|
2019-03-03 19:00:40 -05:00
|
|
|
end
|
|
|
|
|
|
2019-08-07 00:40:29 -04:00
|
|
|
def environment
|
|
|
|
|
build.deployment.environment
|
|
|
|
|
end
|
|
|
|
|
|
2019-03-17 22:02:39 -04:00
|
|
|
def kubernetes_namespace
|
|
|
|
|
strong_memoize(:kubernetes_namespace) do
|
2019-08-07 00:40:29 -04:00
|
|
|
Clusters::KubernetesNamespaceFinder.new(
|
|
|
|
|
deployment_cluster,
|
|
|
|
|
project: environment.project,
|
2019-09-23 11:06:32 -04:00
|
|
|
environment_name: environment.name,
|
2019-08-07 00:40:29 -04:00
|
|
|
allow_blank_token: true
|
|
|
|
|
).execute
|
2019-03-17 22:02:39 -04:00
|
|
|
end
|
|
|
|
|
end
|
2019-03-03 19:00:40 -05:00
|
|
|
|
2019-08-07 00:40:29 -04:00
|
|
|
def create_namespace
|
2019-12-11 10:07:38 -05:00
|
|
|
namespace = kubernetes_namespace || build_namespace_record
|
|
|
|
|
|
|
|
|
|
return if conflicting_ci_namespace_requested?(namespace)
|
|
|
|
|
|
2019-08-22 02:40:17 -04:00
|
|
|
Clusters::Kubernetes::CreateOrUpdateNamespaceService.new(
|
2019-03-12 23:06:54 -04:00
|
|
|
cluster: deployment_cluster,
|
2019-12-11 10:07:38 -05:00
|
|
|
kubernetes_namespace: namespace
|
2019-08-07 00:40:29 -04:00
|
|
|
).execute
|
|
|
|
|
end
|
|
|
|
|
|
2019-12-11 10:07:38 -05:00
|
|
|
##
|
|
|
|
|
# A namespace can only be specified via gitlab-ci.yml
|
|
|
|
|
# for unmanaged clusters, as we currently have no way
|
|
|
|
|
# of preventing a job requesting a namespace it
|
|
|
|
|
# shouldn't have access to.
|
|
|
|
|
#
|
|
|
|
|
# To make this clear, we fail the build instead of
|
|
|
|
|
# silently using a namespace other than the one
|
|
|
|
|
# explicitly specified.
|
|
|
|
|
#
|
|
|
|
|
# Support for managed clusters will be added in
|
|
|
|
|
# https://gitlab.com/gitlab-org/gitlab/issues/38054
|
|
|
|
|
def conflicting_ci_namespace_requested?(namespace_record)
|
|
|
|
|
build.expanded_kubernetes_namespace.present? &&
|
|
|
|
|
namespace_record.namespace != build.expanded_kubernetes_namespace
|
|
|
|
|
end
|
|
|
|
|
|
2019-08-07 00:40:29 -04:00
|
|
|
def build_namespace_record
|
|
|
|
|
Clusters::BuildKubernetesNamespaceService.new(
|
|
|
|
|
deployment_cluster,
|
|
|
|
|
environment: environment
|
2019-03-03 19:00:40 -05:00
|
|
|
).execute
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
