kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
88481 commits 1 branch 0 tags 899 MiB
Commit graph

24 commits

Author SHA1 Message Date
Dylan Griffith
9275e1dfbf Make RBAC enabled default for new clusters 
Many changes were also made to tests that expected this to default to
false.
 2019-01-04 11:49:13 +01:00
George Tsiolis
ac5fe450ff Rename ClusterPlatformConfigureWorker 2018-12-21 13:17:13 +00:00
Thong Kuah
c0c75c8000 Rename to CreateOrUpdateServiceAccountService 
This reflects how we now create or update
 2018-12-05 10:22:22 +13:00
Thong Kuah
dc18272091 Modify service so that it can be re-run 
If the service fails mid-point, then we should be able to re-run this
service. So, detect presence of any previously created Kubernetes
resource and update or create accordingly.

Fix specs accordingly. In the case of finalize_creation_service_spec.rb,
I decided to stub out the async worker rather than maintaining
individual stubs for various kubeclient calls for that worker.

Also add test cases for group clusters
 2018-12-04 15:46:46 +13:00
Thong Kuah
28b0b9c144 Call ClusterPlatformConfigureWorker to re-use code 
We remove configure_project_service_account and replace
ClusterPlatformConfigureWorker as they perform exactly the same piece of
work. This also makes GKE cluster creation to be the same as Adding
existing cluster - they both now use another worker to execute
CreateOrUpdateNamespaceService.
 2018-12-04 15:46:11 +13:00
Kamil Trzciński
c3bd3bfc6e Improve variables support 
This ensures that variables accept only string,
alongside also improves kubernetes_namespace,
improving validation and default value being set.
 2018-11-19 14:09:39 +01:00
Thong Kuah
14b3033a0d Show HTTP response code for Kubernetes errors 2018-11-13 12:46:01 +00:00
Chris Baumbauer
1435fe6075 Add missing strip to finalize creation service test 2018-11-03 17:03:26 -07:00
Thong Kuah
5ede567d71 Incorporates Kubernetes Namespace into Cluster's flow 2018-11-02 15:46:15 +00:00
George Tsiolis
733ae94921 Fix typos in comments and specs 2018-11-01 08:59:20 +02:00
Thong Kuah
8d81f2690c Update all usages of KubeClient 
Find and replace everywhere we pass in `api_groups` to KubeClient, as no
longer needed
 2018-10-23 23:36:43 +13:00
Thong Kuah
3c5c6c2c2e Address BE review - re-arrange some specs 2018-09-14 16:26:51 +12:00
Thong Kuah
a02e35308b Always create gitlab service account and service account token regardless of ABAC/RBAC 
This also solves the async nature of the automatic creation of default
service tokens for service accounts. It also makes explicit which
service account token we always use.

create cluster role binding only if the provider has legacy_abac
disabled.
 2018-09-14 16:26:51 +12:00
Thong Kuah
9c5050b122 Drive creation of a rbac platform_kubernetes off provider#legacy_abac so that there is one single source of truth. 2018-09-14 16:26:51 +12:00
Thong Kuah
577c79bb58 ABAC: fetch default service account token; RBAC: fetch gitlab service acount token 
Keeps existing behaviour for ABAC cluster
 2018-09-14 16:26:51 +12:00
Thong Kuah
ab6d74da9a Only create new service account with cluster-admin clusterrolebinding for when we have the rbac cluster FF enabled. 
This syncs up with `authorization_type`.
 2018-09-14 16:26:51 +12:00
Thong Kuah
bf0179b7f1 Set RBAC support behind a feature flag. 
This is the same as with adding an existing cluster
 2018-09-14 16:26:50 +12:00
Thong Kuah
3eec327d50 Refactor to DRY out building of kube_client into originator service 2018-09-14 16:26:50 +12:00
Thong Kuah
7ebc18d1b3 When provisioning a new cluster, create gitlab service account so that GitLab can perform operations in a RBAC-enabled cluster. 
Correspondingly, use the token of the gitlab service account, vs the
default service account token which will have no privs.
 2018-09-14 16:26:50 +12:00
Thong Kuah
fe450ebf51 Move FetchKubernetesTokenService to under the Clusters::Gcp::Kubernetes namespace 
This is in preparation to share some common code with another service
which will also need a kubeclient utilizing master username and password
 2018-09-14 16:26:50 +12:00
Shinya Maeda
a99ad59e65 Remove 10.3 comments (Tracked by a tech debts issue). Refactor spec factory name. Use ArgumentError 2017-11-06 23:06:10 +09:00
Shinya Maeda
3602c0b987 Fix some tests 2017-11-03 03:37:32 +09:00
Shinya Maeda
6571efb6c3 Fix spec. Fix usage ping. Fix warnings by adding new models and attributes. 2017-11-01 16:12:44 +09:00
Shinya Maeda
d6744d9838 specs for services. Improved details. 2017-10-30 21:55:18 +09:00