From 14978ddc53d3ae80a87198d543dbdd14674390dd Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Thu, 22 Feb 2018 15:13:30 -0600
Subject: [PATCH] Modify cluster creation API method to enable legacy_apac as
 default

GKE 1.8 has RBAC on by default, since GKE has bumped the default version
to 1.8.7 RBAC is now on, and we don't support that out of the box.

This was also avoiding cluster applications (tiller, prometheus, etc), to
be installed.

Closes #41619
---
 app/services/clusters/gcp/finalize_creation_service.rb      | 4 ++--
 ...turn-on-legacy-authorization-for-new-clusters-on-gke.yml | 5 +++++
 lib/google_api/cloud_platform/client.rb                     | 6 +++++-
 spec/lib/google_api/cloud_platform/client_spec.rb           | 3 +++
 4 files changed, 15 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml

diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb
index cea56f4e849..15ab2d54404 100644
--- a/app/services/clusters/gcp/finalize_creation_service.rb
+++ b/app/services/clusters/gcp/finalize_creation_service.rb
@@ -30,10 +30,10 @@ module Clusters
           ca_cert: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
           username: gke_cluster.master_auth.username,
           password: gke_cluster.master_auth.password,
-          token: request_kuberenetes_token)
+          token: request_kubernetes_token)
       end
 
-      def request_kuberenetes_token
+      def request_kubernetes_token
         Ci::FetchKubernetesTokenService.new(
           'https://' + gke_cluster.endpoint,
           Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
diff --git a/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml b/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml
new file mode 100644
index 00000000000..507367c98c4
--- /dev/null
+++ b/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml
@@ -0,0 +1,5 @@
+---
+title: Enable Legacy Authorization by default on Cluster creations
+merge_request: 17302
+author:
+type: fixed
diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb
index ff638c07755..f30dd995695 100644
--- a/lib/google_api/cloud_platform/client.rb
+++ b/lib/google_api/cloud_platform/client.rb
@@ -76,9 +76,13 @@ module GoogleApi
               "initial_node_count": cluster_size,
               "node_config": {
                 "machine_type": machine_type
+              },
+              "legacy_abac": {
+                "enabled": true
               }
             }
-          } )
+          }
+        )
 
         service.create_cluster(project_id, zone, request_body, options: user_agent_header)
       end
diff --git a/spec/lib/google_api/cloud_platform/client_spec.rb b/spec/lib/google_api/cloud_platform/client_spec.rb
index f65e41dfea3..db9d9158b29 100644
--- a/spec/lib/google_api/cloud_platform/client_spec.rb
+++ b/spec/lib/google_api/cloud_platform/client_spec.rb
@@ -115,6 +115,9 @@ describe GoogleApi::CloudPlatform::Client do
               "initial_node_count": cluster_size,
               "node_config": {
                 "machine_type": machine_type
+              },
+              "legacy_abac": {
+                "enabled": true
               }
             }
           } )