diff --git a/app/models/clusters/platforms/kubernetes.rb b/app/models/clusters/platforms/kubernetes.rb index 9860abeecf7..3c5d7756eec 100644 --- a/app/models/clusters/platforms/kubernetes.rb +++ b/app/models/clusters/platforms/kubernetes.rb @@ -173,9 +173,7 @@ module Clusters kubeclient = build_kube_client! kubeclient.get_pods(namespace: actual_namespace).as_json - rescue Kubeclient::HttpError => err - raise err unless err.error_code == 404 - + rescue Kubeclient::ResourceNotFoundError [] end diff --git a/app/models/project_services/kubernetes_service.rb b/app/models/project_services/kubernetes_service.rb index 3459ded7ccf..c52a531e5fe 100644 --- a/app/models/project_services/kubernetes_service.rb +++ b/app/models/project_services/kubernetes_service.rb @@ -203,9 +203,7 @@ class KubernetesService < DeploymentService kubeclient = build_kube_client! kubeclient.get_pods(namespace: actual_namespace).as_json - rescue Kubeclient::HttpError => err - raise err unless err.error_code == 404 - + rescue Kubeclient::ResourceNotFoundError [] end diff --git a/app/services/clusters/applications/check_installation_progress_service.rb b/app/services/clusters/applications/check_installation_progress_service.rb index 19dc0478591..49b8825c3a4 100644 --- a/app/services/clusters/applications/check_installation_progress_service.rb +++ b/app/services/clusters/applications/check_installation_progress_service.rb @@ -15,8 +15,8 @@ module Clusters check_timeout end rescue Kubeclient::HttpError => e - Rails.logger.error "Kubernetes error: #{e.class.name} #{e.message}" - app.make_errored!("Kubernetes error") unless app.errored? + Rails.logger.error("Kubernetes error: #{e.error_code} #{e.message}") + app.make_errored!("Kubernetes error: #{e.error_code}") unless app.errored? end private @@ -53,7 +53,7 @@ module Clusters def remove_installation_pod helm_api.delete_pod!(install_command.pod_name) rescue => e - Rails.logger.error "Kubernetes error: #{e.class.name} #{e.message}" + Rails.logger.error("Kubernetes error: #{e.class.name} #{e.message}") # no-op end diff --git a/app/services/clusters/applications/install_service.rb b/app/services/clusters/applications/install_service.rb index 5a24d78e712..947d22022bc 100644 --- a/app/services/clusters/applications/install_service.rb +++ b/app/services/clusters/applications/install_service.rb @@ -13,8 +13,8 @@ module Clusters ClusterWaitForAppInstallationWorker.perform_in( ClusterWaitForAppInstallationWorker::INTERVAL, app.name, app.id) rescue Kubeclient::HttpError => e - Rails.logger.error "Kubernetes error: #{e.class.name} #{e.message}" - app.make_errored!("Kubernetes error.") + Rails.logger.error("Kubernetes error: #{e.error_code} #{e.message}") + app.make_errored!("Kubernetes error: #{e.error_code}") rescue StandardError => e Rails.logger.error "Can't start installation process: #{e.class.name} #{e.message}" app.make_errored!("Can't start installation process.") diff --git a/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb b/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb index 277cc4b788d..4ad04ab801e 100644 --- a/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb +++ b/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb @@ -21,10 +21,7 @@ module Clusters def get_secret kubeclient.get_secret(service_account_token_name, namespace).as_json - rescue Kubeclient::HttpError => err - raise err unless err.error_code == 404 - - nil + rescue Kubeclient::ResourceNotFoundError end end end diff --git a/changelogs/unreleased/kubernetes-http-response-code.yml b/changelogs/unreleased/kubernetes-http-response-code.yml new file mode 100644 index 00000000000..551fe2edc3c --- /dev/null +++ b/changelogs/unreleased/kubernetes-http-response-code.yml @@ -0,0 +1,5 @@ +--- +title: Show HTTP response code for Kubernetes errors +merge_request: 22964 +author: +type: other diff --git a/lib/gitlab/kubernetes/helm/api.rb b/lib/gitlab/kubernetes/helm/api.rb index e21bc531444..06841ec7b76 100644 --- a/lib/gitlab/kubernetes/helm/api.rb +++ b/lib/gitlab/kubernetes/helm/api.rb @@ -89,22 +89,14 @@ module Gitlab end def service_account_exists?(resource) - resource_exists? do - kubeclient.get_service_account(resource.metadata.name, resource.metadata.namespace) - end + kubeclient.get_service_account(resource.metadata.name, resource.metadata.namespace) + rescue ::Kubeclient::ResourceNotFoundError + false end def cluster_role_binding_exists?(resource) - resource_exists? do - kubeclient.get_cluster_role_binding(resource.metadata.name) - end - end - - def resource_exists? - yield - rescue ::Kubeclient::HttpError => e - raise e unless e.error_code == 404 - + kubeclient.get_cluster_role_binding(resource.metadata.name) + rescue ::Kubeclient::ResourceNotFoundError false end end diff --git a/lib/gitlab/kubernetes/namespace.rb b/lib/gitlab/kubernetes/namespace.rb index e6ff6160ab9..783c8a24741 100644 --- a/lib/gitlab/kubernetes/namespace.rb +++ b/lib/gitlab/kubernetes/namespace.rb @@ -10,9 +10,7 @@ module Gitlab def exists? @client.get_namespace(name) - rescue ::Kubeclient::HttpError => ke - raise ke unless ke.error_code == 404 - + rescue ::Kubeclient::ResourceNotFoundError false end diff --git a/spec/lib/gitlab/kubernetes/helm/api_spec.rb b/spec/lib/gitlab/kubernetes/helm/api_spec.rb index 9200724ed23..a8124ced28c 100644 --- a/spec/lib/gitlab/kubernetes/helm/api_spec.rb +++ b/spec/lib/gitlab/kubernetes/helm/api_spec.rb @@ -88,8 +88,8 @@ describe Gitlab::Kubernetes::Helm::Api do context 'service account and cluster role binding does not exist' do before do - expect(client).to receive('get_service_account').with('tiller', 'gitlab-managed-apps').and_raise(Kubeclient::HttpError.new(404, 'Not found', nil)) - expect(client).to receive('get_cluster_role_binding').with('tiller-admin').and_raise(Kubeclient::HttpError.new(404, 'Not found', nil)) + expect(client).to receive('get_service_account').with('tiller', 'gitlab-managed-apps').and_raise(Kubeclient::ResourceNotFoundError.new(404, 'Not found', nil)) + expect(client).to receive('get_cluster_role_binding').with('tiller-admin').and_raise(Kubeclient::ResourceNotFoundError.new(404, 'Not found', nil)) end it 'creates a service account, followed the cluster role binding on kubeclient' do @@ -103,7 +103,7 @@ describe Gitlab::Kubernetes::Helm::Api do context 'service account already exists' do before do expect(client).to receive('get_service_account').with('tiller', 'gitlab-managed-apps').and_return(service_account_resource) - expect(client).to receive('get_cluster_role_binding').with('tiller-admin').and_raise(Kubeclient::HttpError.new(404, 'Not found', nil)) + expect(client).to receive('get_cluster_role_binding').with('tiller-admin').and_raise(Kubeclient::ResourceNotFoundError.new(404, 'Not found', nil)) end it 'updates the service account, followed by creating the cluster role binding' do diff --git a/spec/lib/gitlab/kubernetes/namespace_spec.rb b/spec/lib/gitlab/kubernetes/namespace_spec.rb index e098612f6fb..e1c35c355f4 100644 --- a/spec/lib/gitlab/kubernetes/namespace_spec.rb +++ b/spec/lib/gitlab/kubernetes/namespace_spec.rb @@ -9,7 +9,7 @@ describe Gitlab::Kubernetes::Namespace do describe '#exists?' do context 'when namespace do not exits' do - let(:exception) { ::Kubeclient::HttpError.new(404, "namespace #{name} not found", nil) } + let(:exception) { ::Kubeclient::ResourceNotFoundError.new(404, "namespace #{name} not found", nil) } it 'returns false' do expect(client).to receive(:get_namespace).with(name).once.and_raise(exception) diff --git a/spec/services/clusters/applications/check_installation_progress_service_spec.rb b/spec/services/clusters/applications/check_installation_progress_service_spec.rb index 1a565bb734d..ea17f2bb423 100644 --- a/spec/services/clusters/applications/check_installation_progress_service_spec.rb +++ b/spec/services/clusters/applications/check_installation_progress_service_spec.rb @@ -19,6 +19,10 @@ describe Clusters::Applications::CheckInstallationProgressService do shared_examples 'a not yet terminated installation' do |a_phase| let(:phase) { a_phase } + before do + expect(service).to receive(:installation_phase).once.and_return(phase) + end + context "when phase is #{a_phase}" do context 'when not timeouted' do it 'reschedule a new check' do @@ -50,8 +54,6 @@ describe Clusters::Applications::CheckInstallationProgressService do end before do - expect(service).to receive(:installation_phase).once.and_return(phase) - allow(service).to receive(:installation_errors).and_return(errors) allow(service).to receive(:remove_installation_pod).and_return(nil) end @@ -60,6 +62,10 @@ describe Clusters::Applications::CheckInstallationProgressService do context 'when installation POD succeeded' do let(:phase) { Gitlab::Kubernetes::Pod::SUCCEEDED } + before do + expect(service).to receive(:installation_phase).once.and_return(phase) + end + it_behaves_like 'a terminated installation' it 'make the application installed' do @@ -76,6 +82,10 @@ describe Clusters::Applications::CheckInstallationProgressService do let(:phase) { Gitlab::Kubernetes::Pod::FAILED } let(:errors) { 'test installation failed' } + before do + expect(service).to receive(:installation_phase).once.and_return(phase) + end + it_behaves_like 'a terminated installation' it 'make the application errored' do @@ -87,5 +97,22 @@ describe Clusters::Applications::CheckInstallationProgressService do end RESCHEDULE_PHASES.each { |phase| it_behaves_like 'a not yet terminated installation', phase } + + context 'when installation raises a Kubeclient::HttpError' do + let(:cluster) { create(:cluster, :provided_by_user, :project) } + + before do + application.update!(cluster: cluster) + + expect(service).to receive(:installation_phase).and_raise(Kubeclient::HttpError.new(401, 'Unauthorized', nil)) + end + + it 'shows the response code from the error' do + service.execute + + expect(application).to be_errored + expect(application.status_reason).to eq('Kubernetes error: 401') + end + end end end diff --git a/spec/services/clusters/applications/install_service_spec.rb b/spec/services/clusters/applications/install_service_spec.rb index 4bd19f5bd79..2f801d019fe 100644 --- a/spec/services/clusters/applications/install_service_spec.rb +++ b/spec/services/clusters/applications/install_service_spec.rb @@ -42,7 +42,7 @@ describe Clusters::Applications::InstallService do service.execute expect(application).to be_errored - expect(application.status_reason).to match('Kubernetes error.') + expect(application.status_reason).to match('Kubernetes error: 500') end end diff --git a/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb b/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb index 4d1a6bb7b3a..a5806559b14 100644 --- a/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb +++ b/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb @@ -19,13 +19,16 @@ describe Clusters::Gcp::Kubernetes::FetchKubernetesTokenService do subject { described_class.new(kubeclient, service_account_token_name, namespace).execute } + before do + stub_kubeclient_discover(api_url) + end + context 'when params correct' do let(:decoded_token) { 'xxx.token.xxx' } let(:token) { Base64.encode64(decoded_token) } context 'when gitlab-token exists' do before do - stub_kubeclient_discover(api_url) stub_kubeclient_get_secret( api_url, { @@ -39,9 +42,17 @@ describe Clusters::Gcp::Kubernetes::FetchKubernetesTokenService do it { is_expected.to eq(decoded_token) } end + context 'when there is a 500 error' do + before do + stub_kubeclient_get_secret_error(api_url, service_account_token_name, namespace: namespace, status: 500) + end + + it { expect { subject }.to raise_error(Kubeclient::HttpError) } + end + context 'when gitlab-token does not exist' do before do - allow(kubeclient).to receive(:get_secret).and_raise(Kubeclient::HttpError.new(404, 'Not found', nil)) + stub_kubeclient_get_secret_error(api_url, service_account_token_name, namespace: namespace, status: 404) end it { is_expected.to be_nil } diff --git a/spec/support/helpers/kubernetes_helpers.rb b/spec/support/helpers/kubernetes_helpers.rb index a03d9c4045f..35ae04b16c6 100644 --- a/spec/support/helpers/kubernetes_helpers.rb +++ b/spec/support/helpers/kubernetes_helpers.rb @@ -41,9 +41,9 @@ module KubernetesHelpers .to_return(kube_response(kube_v1_secret_body(options))) end - def stub_kubeclient_get_secret_error(api_url, name, namespace: 'default') + def stub_kubeclient_get_secret_error(api_url, name, namespace: 'default', status: 404) WebMock.stub_request(:get, api_url + "/api/v1/namespaces/#{namespace}/secrets/#{name}") - .to_return(status: [404, "Internal Server Error"]) + .to_return(status: [status, "Internal Server Error"]) end def stub_kubeclient_create_service_account(api_url, namespace: 'default')