gitlab-org--gitlab-foss/app/controllers/projects/clusters_controller.rb

class Projects::ClustersController < Projects::ApplicationController
  before_action :cluster
  before_action :authorize_google_api, except: [:login]
  # before_action :authorize_admin_clusters! # TODO: Authentication

  def login
    begin
      @authorize_url = api_client.authorize_url
    rescue GoogleApi::Authentication::ConfigMissingError
    end
  end

  def index
    if cluster
      redirect_to edit_namespace_project_cluster_path(project.namespace, project, cluster.id)
    else
      redirect_to action: 'new'
    end
  end

  def new
  end

  def create
    # Create a cluster on GKE
    operation = api_client.projects_zones_clusters_create(
      params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],
      cluster_size: params['cluster_size'], machine_type: params['machine_type']
    )

    # wait_operation_done
    if operation&.operation_type == 'CREATE_CLUSTER'
      api_client.wait_operation_done(operation.self_link)
    else
      raise "TODO: ERROR"
    end

    # Get cluster details (end point, etc)
    gke_cluster = api_client.projects_zones_clusters_get(
      params['gcp_project_id'], params['cluster_zone'], params['cluster_name']
    )

    # Get k8s token
    token = ''
    KubernetesService.new.tap do |ks|
      ks.api_url = 'https://' + gke_cluster.endpoint
      ks.ca_pem = Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate)
      ks.username = gke_cluster.master_auth.username
      ks.password = gke_cluster.master_auth.password
      secrets = ks.read_secrets
      secrets.each do |secret|
        name = secret.dig('metadata', 'name')
        if /default-token/ =~ name
          token_base64 = secret.dig('data', 'token')
          token = Base64.decode64(token_base64)
          break
        end
      end
    end

    # Update service
    kubernetes_service.attributes = service_params(
        active: true,
        api_url: 'https://' + gke_cluster.endpoint,
        ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
        namespace: params['project_namespace'],
        token: token
      )

    kubernetes_service.save!

    # Save info
    project.clusters.create(
      gcp_project_id: params['gcp_project_id'],
      cluster_zone: params['cluster_zone'],
      cluster_name: params['cluster_name'],
      service: kubernetes_service
    )

    redirect_to action: 'index'
  end

  def edit
    # TODO: If on, do we override parameter?
    # TODO: If off, do we override parameter?
  end

  def update
    cluster.update(enabled: params['enabled'])
    cluster.service.update(active: params['enabled'])
    render :edit
  end

  def destroy
    cluster.destroy
    redirect_to action: 'index'
  end

  private

  def cluster
    # Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters
    @cluster ||= project.clusters.last
  end

  def api_client
    @api_client ||=
      GoogleApi::CloudPlatform::Client.new(
        session[GoogleApi::CloudPlatform::Client.token_in_session],
        callback_google_api_authorizations_url,
        state: namespace_project_clusters_url.to_s
      )
  end

  def kubernetes_service
    @kubernetes_service ||= project.find_or_initialize_service('kubernetes')
  end

  def service_params(active:, api_url:, ca_pem:, namespace:, token:)
    {
      active: active,
      api_url: api_url,
      ca_pem: ca_pem,
      namespace: namespace,
      token: token
    }
  end

  def authorize_google_api
    unless session[GoogleApi::CloudPlatform::Client.token_in_session]
      redirect_to action: 'login'
    end
  end
end
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`class Projects::ClustersController < Projects::ApplicationController`
			`before_action :cluster`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`before_action :authorize_google_api, except: [:login]`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`# before_action :authorize_admin_clusters! # TODO: Authentication`

Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`def login`
			`begin`
			`@authorize_url = api_client.authorize_url`
			`rescue GoogleApi::Authentication::ConfigMissingError`
			`end`
			`end`

Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`def index`
			`if cluster`
Delete/Update basic implementation 2017-09-27 13:17:41 +00:00			`redirect_to edit_namespace_project_cluster_path(project.namespace, project, cluster.id)`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`else`
			`redirect_to action: 'new'`
			`end`
			`end`

			`def new`
			`end`

			`def create`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`# Create a cluster on GKE`
			`operation = api_client.projects_zones_clusters_create(`
			`params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],`
			`cluster_size: params['cluster_size'], machine_type: params['machine_type']`
			`)`

			`# wait_operation_done`
			`if operation&.operation_type == 'CREATE_CLUSTER'`
			`api_client.wait_operation_done(operation.self_link)`
			`else`
			`raise "TODO: ERROR"`
			`end`
Improve ClustersController 2017-09-26 14:05:12 +00:00
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`# Get cluster details (end point, etc)`
			`gke_cluster = api_client.projects_zones_clusters_get(`
			`params['gcp_project_id'], params['cluster_zone'], params['cluster_name']`
			`)`

Fetch k8s token from k8s username/password 2017-09-27 12:53:50 +00:00			`# Get k8s token`
			`token = ''`
			`KubernetesService.new.tap do \|ks\|`
			`ks.api_url = 'https://' + gke_cluster.endpoint`
			`ks.ca_pem = Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate)`
			`ks.username = gke_cluster.master_auth.username`
			`ks.password = gke_cluster.master_auth.password`
			`secrets = ks.read_secrets`
			`secrets.each do \|secret\|`
			`name = secret.dig('metadata', 'name')`
			`if /default-token/ =~ name`
			`token_base64 = secret.dig('data', 'token')`
			`token = Base64.decode64(token_base64)`
			`break`
			`end`
			`end`
			`end`

Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`# Update service`
			`kubernetes_service.attributes = service_params(`
			`active: true,`
Fetch k8s token from k8s username/password 2017-09-27 12:53:50 +00:00			`api_url: 'https://' + gke_cluster.endpoint,`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),`
			`namespace: params['project_namespace'],`
Fetch k8s token from k8s username/password 2017-09-27 12:53:50 +00:00			`token: token`
ok 2017-09-25 17:11:26 +00:00			`)`

Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`kubernetes_service.save!`
ok 2017-09-25 17:11:26 +00:00
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`# Save info`
			`project.clusters.create(`
			`gcp_project_id: params['gcp_project_id'],`
			`cluster_zone: params['cluster_zone'],`
			`cluster_name: params['cluster_name'],`
			`service: kubernetes_service`
			`)`
ok 2017-09-25 17:11:26 +00:00
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`redirect_to action: 'index'`
			`end`

			`def edit`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`# TODO: If on, do we override parameter?`
			`# TODO: If off, do we override parameter?`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

			`def update`
Delete/Update basic implementation 2017-09-27 13:17:41 +00:00			`cluster.update(enabled: params['enabled'])`
			`cluster.service.update(active: params['enabled'])`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`render :edit`
			`end`

Delete/Update basic implementation 2017-09-27 13:17:41 +00:00			`def destroy`
			`cluster.destroy`
			`redirect_to action: 'index'`
			`end`

Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`private`

			`def cluster`
			`# Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters`
Tie KubernetesService 2017-09-26 08:46:09 +00:00			`@cluster \|\|= project.clusters.last`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

			`def api_client`
			`@api_client \|\|=`
			`GoogleApi::CloudPlatform::Client.new(`
ok 2017-09-25 17:11:26 +00:00			`session[GoogleApi::CloudPlatform::Client.token_in_session],`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`callback_google_api_authorizations_url,`
			`state: namespace_project_clusters_url.to_s`
			`)`
			`end`
Tie KubernetesService 2017-09-26 08:46:09 +00:00
			`def kubernetes_service`
			`@kubernetes_service \|\|= project.find_or_initialize_service('kubernetes')`
			`end`

			`def service_params(active:, api_url:, ca_pem:, namespace:, token:)`
			`{`
			`active: active,`
			`api_url: api_url,`
			`ca_pem: ca_pem,`
			`namespace: namespace,`
			`token: token`
			`}`
			`end`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00
			`def authorize_google_api`
			`unless session[GoogleApi::CloudPlatform::Client.token_in_session]`
			`redirect_to action: 'login'`
			`end`
			`end`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`