gitlab-org--gitlab-foss/app/controllers/projects/clusters_controller.rb

class Projects::ClustersController < Projects::ApplicationController
  before_action :cluster, except: [:login, :index, :new, :new_gcp, :create]
  before_action :authorize_read_cluster!
  before_action :authorize_create_cluster!, only: [:new, :new_gcp, :create]
  before_action :authorize_google_api, only: [:new_gcp, :create]
  before_action :authorize_update_cluster!, only: [:update]
  before_action :authorize_admin_cluster!, only: [:destroy]

  def index
    @clusters ||= project.clusters.map { |cluster| cluster.present(current_user: current_user) }
  end

  def login
    begin
      state = generate_session_key_redirect(providers_gcp_new_namespace_project_clusters_url.to_s)

      @authorize_url = GoogleApi::CloudPlatform::Client.new(
        nil, callback_google_api_auth_url,
        state: state).authorize_url
    rescue GoogleApi::Auth::ConfigMissingError
      # no-op
    end
  end

  def new
  end

  def new_gcp
    @cluster = Clusters::Cluster.new.tap do |cluster|
      cluster.build_provider_gcp
    end
  end

  def create
    @cluster = Clusters::CreateService
      .new(project, current_user, create_params)
      .execute(token_in_session)

    if @cluster.persisted?
      redirect_to project_cluster_path(project, @cluster)
    else
      render :new_gcp
    end
  end

  def status
    respond_to do |format|
      format.json do
        Gitlab::PollingInterval.set_header(response, interval: 10_000)

        render json: ClusterSerializer
          .new(project: @project, current_user: @current_user)
          .represent_status(@cluster)
      end
    end
  end

  def show
  end

  def update
    Clusters::UpdateService
      .new(project, current_user, update_params)
      .execute(cluster)

    if cluster.valid?
      flash[:notice] = "Cluster was successfully updated."
      redirect_to project_cluster_path(project, project.cluster)
    else
      render :show
    end
  end

  def destroy
    if cluster.destroy
      flash[:notice] = "Cluster integration was successfully removed."
      redirect_to project_clusters_path(project), status: 302
    else
      flash[:notice] = "Cluster integration was not removed."
      render :show
    end
  end

  private

  def cluster
    @cluster ||= project.clusters.find_by(id: params[:id])&.present(current_user: current_user) || render_404
  end

  def create_params
    params.require(:cluster).permit(
      :enabled,
      :name,
      :provider_type,
      provider_gcp_attributes: [
        :gcp_project_id,
        :zone,
        :num_nodes,
        :machine_type
      ])
  end

  def update_params
    params.require(:cluster).permit(:enabled)
  end

  def authorize_google_api
    unless GoogleApi::CloudPlatform::Client.new(token_in_session, nil)
                                           .validate_token(expires_at_in_session)
      redirect_to action: 'login'
    end
  end

  def token_in_session
    @token_in_session ||=
      session[GoogleApi::CloudPlatform::Client.session_key_for_token]
  end

  def expires_at_in_session
    @expires_at_in_session ||=
      session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at]
  end

  def generate_session_key_redirect(uri)
    GoogleApi::CloudPlatform::Client.new_session_key_for_redirect_uri do |key|
      session[key] = uri
    end
  end

  def authorize_update_cluster!
    access_denied! unless can?(current_user, :update_cluster, cluster)
  end

  def authorize_admin_cluster!
    access_denied! unless can?(current_user, :admin_cluster, cluster)
  end
end
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`class Projects::ClustersController < Projects::ApplicationController`
Fix paths to the first page 2017-11-01 11:11:47 +00:00			`before_action :cluster, except: [:login, :index, :new, :new_gcp, :create]`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`before_action :authorize_read_cluster!`
Fix paths to the first page 2017-11-01 11:11:47 +00:00			`before_action :authorize_create_cluster!, only: [:new, :new_gcp, :create]`
			`before_action :authorize_google_api, only: [:new_gcp, :create]`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`before_action :authorize_update_cluster!, only: [:update]`
			`before_action :authorize_admin_cluster!, only: [:destroy]`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`def index`
Move cluster loading to ClustersController#index 2017-11-16 13:40:30 +00:00			`@clusters \|\|= project.clusters.map { \|cluster\| cluster.present(current_user: current_user) }`
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`end`

Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`def login`
			`begin`
Fix paths to the first page 2017-11-01 11:11:47 +00:00			`state = generate_session_key_redirect(providers_gcp_new_namespace_project_clusters_url.to_s)`
Security fix: redirection in google_api/authorizations_controller 2017-10-06 12:28:40 +00:00
Improve redirect uri state and fix all remaining tests 2017-10-06 14:14:14 +00:00			`@authorize_url = GoogleApi::CloudPlatform::Client.new(`
			`nil, callback_google_api_auth_url,`
			`state: state).authorize_url`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`rescue GoogleApi::Auth::ConfigMissingError`
Use expires_in for access_token validation 2017-10-02 08:13:46 +00:00			`# no-op`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`end`
			`end`

Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`def new`
			`end`

Fix paths to the first page 2017-11-01 11:11:47 +00:00			`def new_gcp`
specs for feature 2017-10-31 18:59:40 +00:00			`@cluster = Clusters::Cluster.new.tap do \|cluster\|`
			`cluster.build_provider_gcp`
			`end`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

			`def create`
This works 2017-10-23 08:36:35 +00:00			`@cluster = Clusters::CreateService`
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`.new(project, current_user, create_params)`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`.execute(token_in_session)`
Improve ClustersController 2017-09-26 14:05:12 +00:00
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`if @cluster.persisted?`
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`redirect_to project_cluster_path(project, @cluster)`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`else`
Fix pipeline. Fix routing when validation failed. 2017-11-01 14:13:22 +00:00			`render :new_gcp`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`end`
Multithreading cluster creation is done with `reactive_cache` 2017-09-28 09:11:17 +00:00			`end`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`def status`
Multithreading cluster creation is done with `reactive_cache` 2017-09-28 09:11:17 +00:00			`respond_to do \|format\|`
			`format.json do`
PollingInterval, rename to gke_clusters, has_one :cluster 2017-10-02 12:58:50 +00:00			`Gitlab::PollingInterval.set_header(response, interval: 10_000)`

Introduce serializer for ClusterEntity 2017-10-03 21:21:54 +00:00			`render json: ClusterSerializer`
			`.new(project: @project, current_user: @current_user)`
			`.represent_status(@cluster)`
Fetch k8s token from k8s username/password 2017-09-27 12:53:50 +00:00			`end`
			`end`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`def show`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

			`def update`
This works 2017-10-23 08:36:35 +00:00			`Clusters::UpdateService`
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`.new(project, current_user, update_params)`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`.execute(cluster)`
Databse foreing key, index, encrypt password. Use short path. Improve error handling. Polish. 2017-09-28 15:08:11 +00:00
Fix Rubocop failures 2017-10-04 19:13:01 +00:00			`if cluster.valid?`
			`flash[:notice] = "Cluster was successfully updated."`
			`redirect_to project_cluster_path(project, project.cluster)`
			`else`
			`render :show`
			`end`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

Delete/Update basic implementation 2017-09-27 13:17:41 +00:00			`def destroy`
Databse foreing key, index, encrypt password. Use short path. Improve error handling. Polish. 2017-09-28 15:08:11 +00:00			`if cluster.destroy`
Fix almost all unresolved comments from Docs and UX review 2017-10-05 19:33:29 +00:00			`flash[:notice] = "Cluster integration was successfully removed."`
Databse foreing key, index, encrypt password. Use short path. Improve error handling. Polish. 2017-09-28 15:08:11 +00:00			`redirect_to project_clusters_path(project), status: 302`
			`else`
Fix almost all unresolved comments from Docs and UX review 2017-10-05 19:33:29 +00:00			`flash[:notice] = "Cluster integration was not removed."`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`render :show`
Databse foreing key, index, encrypt password. Use short path. Improve error handling. Polish. 2017-09-28 15:08:11 +00:00			`end`
Delete/Update basic implementation 2017-09-27 13:17:41 +00:00			`end`

Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`private`

			`def cluster`
Find cluster by id in ClustersController#cluster Prepares the controller for handling multiple clusters instead of just one. 2017-11-15 19:15:48 +00:00			`@cluster \|\|= project.clusters.find_by(id: params[:id])&.present(current_user: current_user) \|\| render_404`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`

Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`def create_params`
			`params.require(:cluster).permit(`
Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform 2017-10-13 17:21:23 +00:00			`:enabled,`
This works 2017-10-23 08:36:35 +00:00			`:name,`
Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform 2017-10-13 17:21:23 +00:00			`:provider_type,`
This works 2017-10-23 08:36:35 +00:00			`provider_gcp_attributes: [`
			`:gcp_project_id,`
			`:zone,`
			`:num_nodes,`
Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform 2017-10-13 17:21:23 +00:00			`:machine_type`
			`])`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`
Tie KubernetesService 2017-09-26 08:46:09 +00:00
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`def update_params`
Fix out of sync with KubernetesService. Remove namespace pramas from controller. Use time_with_zone in schema. Remove Gcp::Clusters from safe_model_attributes.ym 2017-11-02 14:19:11 +00:00			`params.require(:cluster).permit(:enabled)`
Split create_params and update_params and fix small redirect bug in controller 2017-10-05 15:04:35 +00:00			`end`

Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`def authorize_google_api`
Use expires_in for access_token validation 2017-10-02 08:13:46 +00:00			`unless GoogleApi::CloudPlatform::Client.new(token_in_session, nil)`
			`.validate_token(expires_at_in_session)`
Add login root. Remove ceration type. 2017-09-27 12:01:08 +00:00			`redirect_to action: 'login'`
			`end`
			`end`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00
			`def token_in_session`
Use expires_in for access_token validation 2017-10-02 08:13:46 +00:00			`@token_in_session \|\|=`
			`session[GoogleApi::CloudPlatform::Client.session_key_for_token]`
			`end`

			`def expires_at_in_session`
			`@expires_at_in_session \|\|=`
			`session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at]`
Replace reactive_cache by multipel sidekiq workers 2017-09-30 15:54:22 +00:00			`end`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00
Improve redirect uri state and fix all remaining tests 2017-10-06 14:14:14 +00:00			`def generate_session_key_redirect(uri)`
			`GoogleApi::CloudPlatform::Client.new_session_key_for_redirect_uri do \|key\|`
			`session[key] = uri`
			`end`
			`end`

Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`def authorize_update_cluster!`
Introduce serializer for ClusterEntity 2017-10-03 21:21:54 +00:00			`access_denied! unless can?(current_user, :update_cluster, cluster)`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`end`

			`def authorize_admin_cluster!`
Introduce serializer for ClusterEntity 2017-10-03 21:21:54 +00:00			`access_denied! unless can?(current_user, :admin_cluster, cluster)`
Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers 2017-10-03 14:44:06 +00:00			`end`
Create Kubernetes cluster on GKE from k8s service 2017-09-25 07:10:25 +00:00			`end`