kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Drive creation of a rbac platform_kubernetes off provider#legacy_abac so that there is one single source of truth.

Browse source
This commit is contained in:
Thong Kuah 2018-09-07 22:01:37 +12:00
parent 577c79bb58
commit 9c5050b122
2 changed files with 13 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app/services/clusters/gcp/finalize_creation_service.rb
View file

@ -25,7 +25,7 @@ module Clusters
private private
def create_gitlab_service_account! def create_gitlab_service_account!
if rbac_clusters_feature_enabled? if create_rbac_cluster?
Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute
end end
end end
@ -47,17 +47,17 @@ module Clusters
end end
def request_kubernetes_token def request_kubernetes_token
service_account_name = rbac_clusters_feature_enabled? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default' service_account_name = create_rbac_cluster? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default'
Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client, service_account_name).execute Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client, service_account_name).execute
end end
def authorization_type def authorization_type
rbac_clusters_feature_enabled? ? 'rbac' : 'abac' create_rbac_cluster? ? 'rbac' : 'abac'
end end
def rbac_clusters_feature_enabled? def create_rbac_cluster?
Feature.enabled?(:rbac_clusters) !provider.legacy_abac?
end end
def kube_client def kube_client

16
spec/services/clusters/gcp/finalize_creation_service_spec.rb
View file

@ -28,10 +28,6 @@ describe Clusters::Gcp::FinalizeCreationService do
end end
end end
before do
stub_feature_flags(rbac_clusters: false)
end
context 'when suceeded to fetch gke cluster info' do context 'when suceeded to fetch gke cluster info' do
let(:endpoint) { '111.111.111.111' } let(:endpoint) { '111.111.111.111' }
let(:api_url) { 'https://' + endpoint } let(:api_url) { 'https://' + endpoint }
@ -85,7 +81,8 @@ describe Clusters::Gcp::FinalizeCreationService do
let(:secret_name) { 'gitlab-token-Y1a' } let(:secret_name) { 'gitlab-token-Y1a' }
before do before do
stub_feature_flags(rbac_clusters: true) provider.legacy_abac = false
stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_service_account(api_url)
stub_kubeclient_create_cluster_role_binding(api_url) stub_kubeclient_create_cluster_role_binding(api_url)
end end
@ -118,7 +115,8 @@ describe Clusters::Gcp::FinalizeCreationService do
context 'rbac_clusters feature enabled' do context 'rbac_clusters feature enabled' do
before do before do
stub_feature_flags(rbac_clusters: true) provider.legacy_abac = false
stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_service_account(api_url)
stub_kubeclient_create_cluster_role_binding(api_url) stub_kubeclient_create_cluster_role_binding(api_url)
end end
@ -140,7 +138,8 @@ describe Clusters::Gcp::FinalizeCreationService do
let(:secret_name) { 'gitlab-token-321' } let(:secret_name) { 'gitlab-token-321' }
before do before do
stub_feature_flags(rbac_clusters: true) provider.legacy_abac = false
stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_service_account(api_url)
stub_kubeclient_create_cluster_role_binding(api_url) stub_kubeclient_create_cluster_role_binding(api_url)
end end
@ -158,7 +157,8 @@ describe Clusters::Gcp::FinalizeCreationService do
context 'rbac_clusters feature enabled' do context 'rbac_clusters feature enabled' do
before do before do
stub_feature_flags(rbac_clusters: true) provider.legacy_abac = false
stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_service_account(api_url)
stub_kubeclient_create_cluster_role_binding(api_url) stub_kubeclient_create_cluster_role_binding(api_url)
end end