Commit c6d53250 authored by Kamil Trzcinski's avatar Kamil Trzcinski

Specify defaults, fix policies, fix db columns

parent c471430a
......@@ -6,6 +6,10 @@ module Gcp
belongs_to :user
belongs_to :service
default_value_for :gcp_cluster_zone, 'us-central1-a'
default_value_for :gcp_cluster_size, 3
default_value_for :gcp_machine_type, 'n1-standard-4'
attr_encrypted :password,
mode: :per_attribute_iv,
key: Gitlab::Application.secrets.db_key_base,
......@@ -28,6 +32,35 @@ module Gcp
errored: 4
}
validates :gcp_project_id,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
validates :gcp_cluster_name,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
validates :gcp_cluster_zone, presence: true
validates :gcp_cluster_size, presence: true,
numericality: { only_integer: true, greater_than: 0 }
validates :project_namespace,
allow_blank: true,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
# if we do not do status transition we prevent change
validate :restrict_modification, on: :update, unless: :status_changed?
state_machine :status, initial: :scheduled do
event :creating do
transition any - [:creating] => :creating
......@@ -52,22 +85,9 @@ module Gcp
end
end
validates :gcp_project_id, presence: true
validates :gcp_cluster_zone, presence: true
validates :gcp_cluster_name, presence: true
validates :gcp_cluster_size, presence: true,
numericality: { only_integer: true, greater_than: 0 }
validates :project_namespace,
allow_blank: true,
length: 1..63,
format: {
with: Gitlab::Regex.kubernetes_namespace_regex,
message: Gitlab::Regex.kubernetes_namespace_regex_message
}
# if we do not do status transition we prevent change
validate :restrict_modification, on: :update, unless: :status_changed?
def project_namespace_placeholder
"#{project.path}-#{project.id}"
end
def on_creation?
scheduled? || creating?
......
......@@ -4,11 +4,7 @@ module Gcp
delegate { @subject.project }
condition(:safe_to_change) do
can?(:master_access) && !cluster.on_creation?
end
rule { safe_to_change }.policy do
rule { can?(:master_access) }.policy do
enable :update_cluster
enable :admin_cluster
end
......
......@@ -9,7 +9,7 @@ module Ci
kubernetes_token: token,
username: username,
password: password,
service: project.find_or_initialize_service('kubernetes'),
service: cluster.project.find_or_initialize_service('kubernetes'),
status_event: :created)
cluster.service.update!(
......
......@@ -26,7 +26,7 @@
.form-group
= field.label :project_namespace
= field.text_field :project_namespace, class: 'form-control'
= field.text_field :project_namespace, class: 'form-control', placeholder: @cluster.project_namespace_placeholder
.form-group
= field.label :gcp_machine_type
......
......@@ -29,7 +29,7 @@
= s_('ClusterIntegration|Save changes')
- if can?(current_user, :update_cluster, @cluster) && @cluster.on_creation?
- if can?(current_user, :admin_cluster, @cluster)
.form_group
%label
= s_('ClusterIntegration|Google container engine')
......@@ -37,16 +37,19 @@
- link_gke = link_to(s_('ClusterIntegration|Google Container Engine'), '', target: '_blank', rel: 'noopener noreferrer')
= s_('ClusterIntegration|Manage your cluster by visiting %{link_gke}').html_safe % { link_gke: link_gke }
.hidden.js-cluster-error.alert.alert-danger{ role: 'alert' }
- if @cluster.errored?
.js-cluster-error.alert.alert-danger{ role: 'alert' }
= s_('ClusterIntegration|Something went wrong while creating your cluster on Google Container Engine.')
%code.js-error-reason
.hidden.js-cluster-success.alert.alert-info{ role: 'alert' }
= s_('ClusterIntegration|Cluster was successfully created on Google Container Engine.')
.hidden.js-cluster-creating.alert.alert-info{ role: 'alert' }
- if @cluster.on_creation?
.js-cluster-creating.alert.alert-info{ role: 'alert' }
= s_('ClusterIntegration|Cluster is being created on Google Container Engine...')
- if @cluster.created?
.js-cluster-success.alert.alert-info{ role: 'alert' }
= s_('ClusterIntegration|Cluster was successfully created on Google Container Engine.')
.form_group
%label
= s_('ClusterIntegration|Cluster name')
......
......@@ -5,6 +5,6 @@ module ClusterQueue
extend ActiveSupport::Concern
included do
sidekiq_options queue: :manage_cluster
sidekiq_options queue: :gcp_cluster
end
end
......@@ -62,6 +62,6 @@
- [update_user_activity, 1]
- [propagate_service_template, 1]
- [background_migration, 1]
- [manage_cluster, 1]
- [gcp_cluster, 1]
- [project_migrate_hashed_storage, 1]
- [storage_migrator, 1]
......@@ -4,13 +4,13 @@ class CreateGcpClusters < ActiveRecord::Migration
def change
create_table :gcp_clusters do |t|
t.references :project, null: false, index: { unique: true }, foreign_key: { on_delete: :cascade }
t.references :user, null: false, foreign_key: true
t.references :service, foreign_key: true
t.references :user, foreign_key: { on_delete: :nullify }
t.references :service, foreign_key: { on_delete: :nullify }
# General
t.boolean :enabled, default: true
t.integer :status
t.string :status_reason
t.text :status_reason
# k8s integration specific
t.string :project_namespace
......@@ -18,10 +18,10 @@ class CreateGcpClusters < ActiveRecord::Migration
# Cluster details
t.string :endpoint
t.text :ca_cert
t.string :encrypted_kubernetes_token
t.text :encrypted_kubernetes_token
t.string :encrypted_kubernetes_token_iv
t.string :username
t.string :encrypted_password
t.text :encrypted_password
t.string :encrypted_password_iv
# GKE
......@@ -31,7 +31,7 @@ class CreateGcpClusters < ActiveRecord::Migration
t.integer :gcp_cluster_size, null: false
t.string :gcp_machine_type
t.string :gcp_operation_id
t.string :encrypted_gcp_token
t.text :encrypted_gcp_token
t.string :encrypted_gcp_token_iv
t.datetime_with_timezone :created_at, null: false
......
......@@ -577,18 +577,18 @@ ActiveRecord::Schema.define(version: 20170928100231) do
create_table "gcp_clusters", force: :cascade do |t|
t.integer "project_id", null: false
t.integer "user_id", null: false
t.integer "user_id"
t.integer "service_id"
t.boolean "enabled", default: true
t.integer "status"
t.string "status_reason"
t.text "status_reason"
t.string "project_namespace"
t.string "endpoint"
t.text "ca_cert"
t.string "encrypted_kubernetes_token"
t.text "encrypted_kubernetes_token"
t.string "encrypted_kubernetes_token_iv"
t.string "username"
t.string "encrypted_password"
t.text "encrypted_password"
t.string "encrypted_password_iv"
t.string "gcp_project_id", null: false
t.string "gcp_cluster_zone", null: false
......@@ -596,10 +596,10 @@ ActiveRecord::Schema.define(version: 20170928100231) do
t.integer "gcp_cluster_size", null: false
t.string "gcp_machine_type"
t.string "gcp_operation_id"
t.string "encrypted_gcp_token"
t.text "encrypted_gcp_token"
t.string "encrypted_gcp_token_iv"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime_with_timezone "created_at", null: false
t.datetime_with_timezone "updated_at", null: false
end
add_index "gcp_clusters", ["project_id"], name: "index_gcp_clusters_on_project_id", unique: true, using: :btree
......@@ -1752,8 +1752,8 @@ ActiveRecord::Schema.define(version: 20170928100231) do
add_foreign_key "events", "users", column: "author_id", name: "fk_edfd187b6f", on_delete: :cascade
add_foreign_key "forked_project_links", "projects", column: "forked_to_project_id", name: "fk_434510edb0", on_delete: :cascade
add_foreign_key "gcp_clusters", "projects", on_delete: :cascade
add_foreign_key "gcp_clusters", "services"
add_foreign_key "gcp_clusters", "users"
add_foreign_key "gcp_clusters", "services", on_delete: :nullify
add_foreign_key "gcp_clusters", "users", on_delete: :nullify
add_foreign_key "gpg_keys", "users", on_delete: :cascade
add_foreign_key "gpg_signatures", "gpg_keys", on_delete: :nullify
add_foreign_key "gpg_signatures", "projects", on_delete: :cascade
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment