Commit c6d53250 authored by Kamil Trzcinski's avatar Kamil Trzcinski

Specify defaults, fix policies, fix db columns

parent c471430a
...@@ -6,6 +6,10 @@ module Gcp ...@@ -6,6 +6,10 @@ module Gcp
belongs_to :user belongs_to :user
belongs_to :service belongs_to :service
default_value_for :gcp_cluster_zone, 'us-central1-a'
default_value_for :gcp_cluster_size, 3
default_value_for :gcp_machine_type, 'n1-standard-4'
attr_encrypted :password, attr_encrypted :password,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Gitlab::Application.secrets.db_key_base, key: Gitlab::Application.secrets.db_key_base,
...@@ -28,6 +32,35 @@ module Gcp ...@@ -28,6 +32,35 @@ module Gcp
errored: 4 errored: 4
} }
validates :gcp_project_id,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
validates :gcp_cluster_name,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
validates :gcp_cluster_zone, presence: true
validates :gcp_cluster_size, presence: true,
numericality: { only_integer: true, greater_than: 0 }
validates :project_namespace,
allow_blank: true,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
# if we do not do status transition we prevent change
validate :restrict_modification, on: :update, unless: :status_changed?
state_machine :status, initial: :scheduled do state_machine :status, initial: :scheduled do
event :creating do event :creating do
transition any - [:creating] => :creating transition any - [:creating] => :creating
...@@ -52,22 +85,9 @@ module Gcp ...@@ -52,22 +85,9 @@ module Gcp
end end
end end
validates :gcp_project_id, presence: true def project_namespace_placeholder
validates :gcp_cluster_zone, presence: true "#{project.path}-#{project.id}"
validates :gcp_cluster_name, presence: true end
validates :gcp_cluster_size, presence: true,
numericality: { only_integer: true, greater_than: 0 }
validates :project_namespace,
allow_blank: true,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
# if we do not do status transition we prevent change
validate :restrict_modification, on: :update, unless: :status_changed?
def on_creation? def on_creation?
scheduled? || creating? scheduled? || creating?
......
...@@ -4,11 +4,7 @@ module Gcp ...@@ -4,11 +4,7 @@ module Gcp
delegate { @subject.project } delegate { @subject.project }
condition(:safe_to_change) do rule { can?(:master_access) }.policy do
can?(:master_access) && !cluster.on_creation?
end
rule { safe_to_change }.policy do
enable :update_cluster enable :update_cluster
enable :admin_cluster enable :admin_cluster
end end
......
...@@ -9,7 +9,7 @@ module Ci ...@@ -9,7 +9,7 @@ module Ci
kubernetes_token: token, kubernetes_token: token,
username: username, username: username,
password: password, password: password,
service: project.find_or_initialize_service('kubernetes'), service: cluster.project.find_or_initialize_service('kubernetes'),
status_event: :created) status_event: :created)
cluster.service.update!( cluster.service.update!(
......
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
.form-group .form-group
= field.label :project_namespace = field.label :project_namespace
= field.text_field :project_namespace, class: 'form-control' = field.text_field :project_namespace, class: 'form-control', placeholder: @cluster.project_namespace_placeholder
.form-group .form-group
= field.label :gcp_machine_type = field.label :gcp_machine_type
......
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
= s_('ClusterIntegration|Save changes') = s_('ClusterIntegration|Save changes')
- if can?(current_user, :update_cluster, @cluster) && @cluster.on_creation? - if can?(current_user, :admin_cluster, @cluster)
.form_group .form_group
%label %label
= s_('ClusterIntegration|Google container engine') = s_('ClusterIntegration|Google container engine')
...@@ -37,16 +37,19 @@ ...@@ -37,16 +37,19 @@
- link_gke = link_to(s_('ClusterIntegration|Google Container Engine'), '', target: '_blank', rel: 'noopener noreferrer') - link_gke = link_to(s_('ClusterIntegration|Google Container Engine'), '', target: '_blank', rel: 'noopener noreferrer')
= s_('ClusterIntegration|Manage your cluster by visiting %{link_gke}').html_safe % { link_gke: link_gke } = s_('ClusterIntegration|Manage your cluster by visiting %{link_gke}').html_safe % { link_gke: link_gke }
.hidden.js-cluster-error.alert.alert-danger{ role: 'alert' } - if @cluster.errored?
.js-cluster-error.alert.alert-danger{ role: 'alert' }
= s_('ClusterIntegration|Something went wrong while creating your cluster on Google Container Engine.') = s_('ClusterIntegration|Something went wrong while creating your cluster on Google Container Engine.')
%code.js-error-reason %code.js-error-reason
.hidden.js-cluster-success.alert.alert-info{ role: 'alert' } - if @cluster.on_creation?
= s_('ClusterIntegration|Cluster was successfully created on Google Container Engine.') .js-cluster-creating.alert.alert-info{ role: 'alert' }
.hidden.js-cluster-creating.alert.alert-info{ role: 'alert' }
= s_('ClusterIntegration|Cluster is being created on Google Container Engine...') = s_('ClusterIntegration|Cluster is being created on Google Container Engine...')
- if @cluster.created?
.js-cluster-success.alert.alert-info{ role: 'alert' }
= s_('ClusterIntegration|Cluster was successfully created on Google Container Engine.')
.form_group .form_group
%label %label
= s_('ClusterIntegration|Cluster name') = s_('ClusterIntegration|Cluster name')
......
...@@ -5,6 +5,6 @@ module ClusterQueue ...@@ -5,6 +5,6 @@ module ClusterQueue
extend ActiveSupport::Concern extend ActiveSupport::Concern
included do included do
sidekiq_options queue: :manage_cluster sidekiq_options queue: :gcp_cluster
end end
end end
...@@ -62,6 +62,6 @@ ...@@ -62,6 +62,6 @@
- [update_user_activity, 1] - [update_user_activity, 1]
- [propagate_service_template, 1] - [propagate_service_template, 1]
- [background_migration, 1] - [background_migration, 1]
- [manage_cluster, 1] - [gcp_cluster, 1]
- [project_migrate_hashed_storage, 1] - [project_migrate_hashed_storage, 1]
- [storage_migrator, 1] - [storage_migrator, 1]
...@@ -4,13 +4,13 @@ class CreateGcpClusters < ActiveRecord::Migration ...@@ -4,13 +4,13 @@ class CreateGcpClusters < ActiveRecord::Migration
def change def change
create_table :gcp_clusters do |t| create_table :gcp_clusters do |t|
t.references :project, null: false, index: { unique: true }, foreign_key: { on_delete: :cascade } t.references :project, null: false, index: { unique: true }, foreign_key: { on_delete: :cascade }
t.references :user, null: false, foreign_key: true t.references :user, foreign_key: { on_delete: :nullify }
t.references :service, foreign_key: true t.references :service, foreign_key: { on_delete: :nullify }
# General # General
t.boolean :enabled, default: true t.boolean :enabled, default: true
t.integer :status t.integer :status
t.string :status_reason t.text :status_reason
# k8s integration specific # k8s integration specific
t.string :project_namespace t.string :project_namespace
...@@ -18,10 +18,10 @@ class CreateGcpClusters < ActiveRecord::Migration ...@@ -18,10 +18,10 @@ class CreateGcpClusters < ActiveRecord::Migration
# Cluster details # Cluster details
t.string :endpoint t.string :endpoint
t.text :ca_cert t.text :ca_cert
t.string :encrypted_kubernetes_token t.text :encrypted_kubernetes_token
t.string :encrypted_kubernetes_token_iv t.string :encrypted_kubernetes_token_iv
t.string :username t.string :username
t.string :encrypted_password t.text :encrypted_password
t.string :encrypted_password_iv t.string :encrypted_password_iv
# GKE # GKE
...@@ -31,7 +31,7 @@ class CreateGcpClusters < ActiveRecord::Migration ...@@ -31,7 +31,7 @@ class CreateGcpClusters < ActiveRecord::Migration
t.integer :gcp_cluster_size, null: false t.integer :gcp_cluster_size, null: false
t.string :gcp_machine_type t.string :gcp_machine_type
t.string :gcp_operation_id t.string :gcp_operation_id
t.string :encrypted_gcp_token t.text :encrypted_gcp_token
t.string :encrypted_gcp_token_iv t.string :encrypted_gcp_token_iv
t.datetime_with_timezone :created_at, null: false t.datetime_with_timezone :created_at, null: false
......
...@@ -577,18 +577,18 @@ ActiveRecord::Schema.define(version: 20170928100231) do ...@@ -577,18 +577,18 @@ ActiveRecord::Schema.define(version: 20170928100231) do
create_table "gcp_clusters", force: :cascade do |t| create_table "gcp_clusters", force: :cascade do |t|
t.integer "project_id", null: false t.integer "project_id", null: false
t.integer "user_id", null: false t.integer "user_id"
t.integer "service_id" t.integer "service_id"
t.boolean "enabled", default: true t.boolean "enabled", default: true
t.integer "status" t.integer "status"
t.string "status_reason" t.text "status_reason"
t.string "project_namespace" t.string "project_namespace"
t.string "endpoint" t.string "endpoint"
t.text "ca_cert" t.text "ca_cert"
t.string "encrypted_kubernetes_token" t.text "encrypted_kubernetes_token"
t.string "encrypted_kubernetes_token_iv" t.string "encrypted_kubernetes_token_iv"
t.string "username" t.string "username"
t.string "encrypted_password" t.text "encrypted_password"
t.string "encrypted_password_iv" t.string "encrypted_password_iv"
t.string "gcp_project_id", null: false t.string "gcp_project_id", null: false
t.string "gcp_cluster_zone", null: false t.string "gcp_cluster_zone", null: false
...@@ -596,10 +596,10 @@ ActiveRecord::Schema.define(version: 20170928100231) do ...@@ -596,10 +596,10 @@ ActiveRecord::Schema.define(version: 20170928100231) do
t.integer "gcp_cluster_size", null: false t.integer "gcp_cluster_size", null: false
t.string "gcp_machine_type" t.string "gcp_machine_type"
t.string "gcp_operation_id" t.string "gcp_operation_id"
t.string "encrypted_gcp_token" t.text "encrypted_gcp_token"
t.string "encrypted_gcp_token_iv" t.string "encrypted_gcp_token_iv"
t.datetime "created_at", null: false t.datetime_with_timezone "created_at", null: false
t.datetime "updated_at", null: false t.datetime_with_timezone "updated_at", null: false
end end
add_index "gcp_clusters", ["project_id"], name: "index_gcp_clusters_on_project_id", unique: true, using: :btree add_index "gcp_clusters", ["project_id"], name: "index_gcp_clusters_on_project_id", unique: true, using: :btree
...@@ -1752,8 +1752,8 @@ ActiveRecord::Schema.define(version: 20170928100231) do ...@@ -1752,8 +1752,8 @@ ActiveRecord::Schema.define(version: 20170928100231) do
add_foreign_key "events", "users", column: "author_id", name: "fk_edfd187b6f", on_delete: :cascade add_foreign_key "events", "users", column: "author_id", name: "fk_edfd187b6f", on_delete: :cascade
add_foreign_key "forked_project_links", "projects", column: "forked_to_project_id", name: "fk_434510edb0", on_delete: :cascade add_foreign_key "forked_project_links", "projects", column: "forked_to_project_id", name: "fk_434510edb0", on_delete: :cascade
add_foreign_key "gcp_clusters", "projects", on_delete: :cascade add_foreign_key "gcp_clusters", "projects", on_delete: :cascade
add_foreign_key "gcp_clusters", "services" add_foreign_key "gcp_clusters", "services", on_delete: :nullify
add_foreign_key "gcp_clusters", "users" add_foreign_key "gcp_clusters", "users", on_delete: :nullify
add_foreign_key "gpg_keys", "users", on_delete: :cascade add_foreign_key "gpg_keys", "users", on_delete: :cascade
add_foreign_key "gpg_signatures", "gpg_keys", on_delete: :nullify add_foreign_key "gpg_signatures", "gpg_keys", on_delete: :nullify
add_foreign_key "gpg_signatures", "projects", on_delete: :cascade add_foreign_key "gpg_signatures", "projects", on_delete: :cascade
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment