Merge branch '60617-allow-switching-from-gitlab-managed-to-unmanaged-clusters' into 'master'
Allow switching clusters between managed/unmanaged Closes #60617 See merge request gitlab-org/gitlab-ce!29322
This commit is contained in:
commit
db9ef69272
10 changed files with 71 additions and 11 deletions
|
@ -128,6 +128,7 @@ class Clusters::ClustersController < Clusters::BaseController
|
||||||
:enabled,
|
:enabled,
|
||||||
:name,
|
:name,
|
||||||
:environment_scope,
|
:environment_scope,
|
||||||
|
:managed,
|
||||||
:base_domain,
|
:base_domain,
|
||||||
platform_kubernetes_attributes: [
|
platform_kubernetes_attributes: [
|
||||||
:api_url,
|
:api_url,
|
||||||
|
@ -140,6 +141,7 @@ class Clusters::ClustersController < Clusters::BaseController
|
||||||
params.require(:cluster).permit(
|
params.require(:cluster).permit(
|
||||||
:enabled,
|
:enabled,
|
||||||
:environment_scope,
|
:environment_scope,
|
||||||
|
:managed,
|
||||||
:base_domain,
|
:base_domain,
|
||||||
platform_kubernetes_attributes: [
|
platform_kubernetes_attributes: [
|
||||||
:namespace
|
:namespace
|
||||||
|
|
|
@ -80,9 +80,18 @@ module Clusters
|
||||||
.append(key: 'KUBE_CA_PEM_FILE', value: ca_pem, file: true)
|
.append(key: 'KUBE_CA_PEM_FILE', value: ca_pem, file: true)
|
||||||
end
|
end
|
||||||
|
|
||||||
if kubernetes_namespace = cluster.kubernetes_namespaces.has_service_account_token.find_by(project: project)
|
if !cluster.managed?
|
||||||
|
project_namespace = namespace.presence || "#{project.path}-#{project.id}".downcase
|
||||||
|
|
||||||
|
variables
|
||||||
|
.append(key: 'KUBE_URL', value: api_url)
|
||||||
|
.append(key: 'KUBE_TOKEN', value: token, public: false, masked: true)
|
||||||
|
.append(key: 'KUBE_NAMESPACE', value: project_namespace)
|
||||||
|
.append(key: 'KUBECONFIG', value: kubeconfig(project_namespace), public: false, file: true)
|
||||||
|
|
||||||
|
elsif kubernetes_namespace = cluster.kubernetes_namespaces.has_service_account_token.find_by(project: project)
|
||||||
variables.concat(kubernetes_namespace.predefined_variables)
|
variables.concat(kubernetes_namespace.predefined_variables)
|
||||||
elsif cluster.project_type? || !cluster.managed?
|
elsif cluster.project_type?
|
||||||
# As of 11.11 a user can create a cluster that they manage themselves,
|
# As of 11.11 a user can create a cluster that they manage themselves,
|
||||||
# which replicates the existing project-level cluster behaviour.
|
# which replicates the existing project-level cluster behaviour.
|
||||||
# Once we have marked all project-level clusters that make use of this
|
# Once we have marked all project-level clusters that make use of this
|
||||||
|
|
|
@ -48,7 +48,7 @@
|
||||||
= s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
|
= s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
|
||||||
|
|
||||||
.form-group
|
.form-group
|
||||||
= field.check_box :managed, { disabled: true, label: s_('ClusterIntegration|GitLab-managed cluster'),
|
= field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),
|
||||||
label_class: 'label-bold' }
|
label_class: 'label-bold' }
|
||||||
.form-text.text-muted
|
.form-text.text-muted
|
||||||
= s_('ClusterIntegration|Allow GitLab to manage namespace and service accounts for this cluster.')
|
= s_('ClusterIntegration|Allow GitLab to manage namespace and service accounts for this cluster.')
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
title: Allow switching clusters between managed and unmanaged
|
||||||
|
merge_request: 29322
|
||||||
|
author:
|
||||||
|
type: added
|
|
@ -57,10 +57,6 @@ differentiate the new cluster from the rest.
|
||||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
|
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
|
||||||
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
|
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
|
||||||
|
|
||||||
NOTE: **Note:**
|
|
||||||
Only available when creating clusters. Existing clusters not managed by GitLab
|
|
||||||
cannot become GitLab-managed later.
|
|
||||||
|
|
||||||
You can choose to allow GitLab to manage your cluster for you. If your cluster is
|
You can choose to allow GitLab to manage your cluster for you. If your cluster is
|
||||||
managed by GitLab, resources for your projects will be automatically created. See the
|
managed by GitLab, resources for your projects will be automatically created. See the
|
||||||
[Access controls](../../project/clusters/index.md#access-controls) section for details on which resources will
|
[Access controls](../../project/clusters/index.md#access-controls) section for details on which resources will
|
||||||
|
|
|
@ -225,10 +225,6 @@ applications running on the cluster.
|
||||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
|
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
|
||||||
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
|
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
|
||||||
|
|
||||||
NOTE: **Note:**
|
|
||||||
Only available when creating clusters. Existing clusters not managed by GitLab
|
|
||||||
cannot become GitLab-managed later.
|
|
||||||
|
|
||||||
You can choose to allow GitLab to manage your cluster for you. If your cluster is
|
You can choose to allow GitLab to manage your cluster for you. If your cluster is
|
||||||
managed by GitLab, resources for your projects will be automatically created. See the
|
managed by GitLab, resources for your projects will be automatically created. See the
|
||||||
[Access controls](#access-controls) section for details on which resources will
|
[Access controls](#access-controls) section for details on which resources will
|
||||||
|
|
|
@ -396,6 +396,7 @@ describe Admin::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
base_domain: domain
|
base_domain: domain
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -409,6 +410,7 @@ describe Admin::ClustersController do
|
||||||
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
expect(cluster.domain).to eq('test-domain.com')
|
expect(cluster.domain).to eq('test-domain.com')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -433,6 +435,7 @@ describe Admin::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
domain: domain
|
domain: domain
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -445,6 +448,7 @@ describe Admin::ClustersController do
|
||||||
expect(response).to have_http_status(:no_content)
|
expect(response).to have_http_status(:no_content)
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -463,6 +463,7 @@ describe Groups::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
base_domain: domain
|
base_domain: domain
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -476,6 +477,7 @@ describe Groups::ClustersController do
|
||||||
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
expect(cluster.domain).to eq('test-domain.com')
|
expect(cluster.domain).to eq('test-domain.com')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -500,6 +502,7 @@ describe Groups::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
domain: domain
|
domain: domain
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -512,6 +515,7 @@ describe Groups::ClustersController do
|
||||||
expect(response).to have_http_status(:no_content)
|
expect(response).to have_http_status(:no_content)
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -449,6 +449,7 @@ describe Projects::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
platform_kubernetes_attributes: {
|
platform_kubernetes_attributes: {
|
||||||
namespace: 'my-namespace'
|
namespace: 'my-namespace'
|
||||||
}
|
}
|
||||||
|
@ -464,6 +465,7 @@ describe Projects::ClustersController do
|
||||||
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
|
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -475,6 +477,7 @@ describe Projects::ClustersController do
|
||||||
cluster: {
|
cluster: {
|
||||||
enabled: false,
|
enabled: false,
|
||||||
name: 'my-new-cluster-name',
|
name: 'my-new-cluster-name',
|
||||||
|
managed: false,
|
||||||
platform_kubernetes_attributes: {
|
platform_kubernetes_attributes: {
|
||||||
namespace: 'my-namespace'
|
namespace: 'my-namespace'
|
||||||
}
|
}
|
||||||
|
@ -489,6 +492,7 @@ describe Projects::ClustersController do
|
||||||
expect(response).to have_http_status(:no_content)
|
expect(response).to have_http_status(:no_content)
|
||||||
expect(cluster.enabled).to be_falsey
|
expect(cluster.enabled).to be_falsey
|
||||||
expect(cluster.name).to eq('my-new-cluster-name')
|
expect(cluster.name).to eq('my-new-cluster-name')
|
||||||
|
expect(cluster).not_to be_managed
|
||||||
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
|
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -298,6 +298,46 @@ describe Clusters::Platforms::Kubernetes, :use_clean_rails_memory_store_caching
|
||||||
{ key: 'KUBE_TOKEN', value: kubernetes_namespace.service_account_token, public: false, masked: true }
|
{ key: 'KUBE_TOKEN', value: kubernetes_namespace.service_account_token, public: false, masked: true }
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'the cluster has been set to unmanaged after the namespace was created' do
|
||||||
|
before do
|
||||||
|
cluster.update!(managed: false)
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'setting variables'
|
||||||
|
|
||||||
|
it 'sets KUBE_TOKEN from the platform' do
|
||||||
|
expect(subject).to include(
|
||||||
|
{ key: 'KUBE_TOKEN', value: kubernetes.token, public: false, masked: true }
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'the platform has a custom namespace set' do
|
||||||
|
before do
|
||||||
|
kubernetes.update!(namespace: 'custom-namespace')
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets KUBE_NAMESPACE from the platform' do
|
||||||
|
expect(subject).to include(
|
||||||
|
{ key: 'KUBE_NAMESPACE', value: kubernetes.namespace, public: true, masked: false }
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'there is no namespace specified on the platform' do
|
||||||
|
let(:project) { cluster.project }
|
||||||
|
|
||||||
|
before do
|
||||||
|
kubernetes.update!(namespace: nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets KUBE_NAMESPACE to a default for the project' do
|
||||||
|
expect(subject).to include(
|
||||||
|
{ key: 'KUBE_NAMESPACE', value: "#{project.path}-#{project.id}", public: true, masked: false }
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'namespace is provided' do
|
context 'namespace is provided' do
|
||||||
|
|
Loading…
Reference in a new issue