Commit 2789f209 authored by Thong Kuah's avatar Thong Kuah

Merge branch 'remove-local-tiller-feature-flag' into 'master'

Remove feature flag managed_apps_local_tiller

See merge request gitlab-org/gitlab!37641
parents 85615696 6f6b1976
<script> <script>
import helmInstallIllustration from '@gitlab/svgs/dist/illustrations/kubernetes-installation.svg';
import { GlLoadingIcon, GlSprintf, GlLink } from '@gitlab/ui'; import { GlLoadingIcon, GlSprintf, GlLink } from '@gitlab/ui';
import gitlabLogo from 'images/cluster_app_logos/gitlab.png'; import gitlabLogo from 'images/cluster_app_logos/gitlab.png';
import helmLogo from 'images/cluster_app_logos/helm.png';
import jupyterhubLogo from 'images/cluster_app_logos/jupyterhub.png'; import jupyterhubLogo from 'images/cluster_app_logos/jupyterhub.png';
import kubernetesLogo from 'images/cluster_app_logos/kubernetes.png'; import kubernetesLogo from 'images/cluster_app_logos/kubernetes.png';
import certManagerLogo from 'images/cluster_app_logos/cert_manager.png'; import certManagerLogo from 'images/cluster_app_logos/cert_manager.png';
...@@ -95,16 +93,6 @@ export default { ...@@ -95,16 +93,6 @@ export default {
}, },
}, },
computed: { computed: {
managedAppsLocalTillerEnabled() {
return Boolean(gon.features?.managedAppsLocalTiller);
},
helmInstalled() {
return (
this.managedAppsLocalTillerEnabled ||
this.applications.helm.status === APPLICATION_STATUS.INSTALLED ||
this.applications.helm.status === APPLICATION_STATUS.UPDATED
);
},
ingressId() { ingressId() {
return INGRESS; return INGRESS;
}, },
...@@ -162,7 +150,6 @@ export default { ...@@ -162,7 +150,6 @@ export default {
}, },
logos: { logos: {
gitlabLogo, gitlabLogo,
helmLogo,
jupyterhubLogo, jupyterhubLogo,
kubernetesLogo, kubernetesLogo,
certManagerLogo, certManagerLogo,
...@@ -172,7 +159,6 @@ export default { ...@@ -172,7 +159,6 @@ export default {
elasticStackLogo, elasticStackLogo,
fluentdLogo, fluentdLogo,
}, },
helmInstallIllustration,
}; };
</script> </script>
...@@ -180,46 +166,12 @@ export default { ...@@ -180,46 +166,12 @@ export default {
<section id="cluster-applications"> <section id="cluster-applications">
<p class="gl-mb-0"> <p class="gl-mb-0">
{{ {{
s__(`ClusterIntegration|Choose which applications to install on your Kubernetes cluster. s__(`ClusterIntegration|Choose which applications to install on your Kubernetes cluster.`)
Helm Tiller is required to install any of the following applications.`)
}} }}
<gl-link :href="helpPath">{{ __('More information') }}</gl-link> <gl-link :href="helpPath">{{ __('More information') }}</gl-link>
</p> </p>
<div class="cluster-application-list gl-mt-3"> <div class="cluster-application-list gl-mt-3">
<application-row
v-if="!managedAppsLocalTillerEnabled"
id="helm"
:logo-url="$options.logos.helmLogo"
:title="applications.helm.title"
:status="applications.helm.status"
:status-reason="applications.helm.statusReason"
:request-status="applications.helm.requestStatus"
:request-reason="applications.helm.requestReason"
:installed="applications.helm.installed"
:install-failed="applications.helm.installFailed"
:uninstallable="applications.helm.uninstallable"
:uninstall-successful="applications.helm.uninstallSuccessful"
:uninstall-failed="applications.helm.uninstallFailed"
class="rounded-top"
title-link="https://docs.helm.sh/"
>
<template #description>
{{
s__(`ClusterIntegration|Helm streamlines installing
and managing Kubernetes applications.
Tiller runs inside of your Kubernetes Cluster,
and manages releases of your charts.`)
}}
</template>
</application-row>
<div v-show="!helmInstalled" class="cluster-application-warning">
<div class="svg-container" v-html="$options.helmInstallIllustration"></div>
{{
s__(`ClusterIntegration|You must first install Helm Tiller before
installing the applications below`)
}}
</div>
<application-row <application-row
:id="ingressId" :id="ingressId"
:logo-url="$options.logos.kubernetesLogo" :logo-url="$options.logos.kubernetesLogo"
...@@ -237,7 +189,6 @@ export default { ...@@ -237,7 +189,6 @@ export default {
:uninstallable="applications.ingress.uninstallable" :uninstallable="applications.ingress.uninstallable"
:uninstall-successful="applications.ingress.uninstallSuccessful" :uninstall-successful="applications.ingress.uninstallSuccessful"
:uninstall-failed="applications.ingress.uninstallFailed" :uninstall-failed="applications.ingress.uninstallFailed"
:disabled="!helmInstalled"
:updateable="false" :updateable="false"
title-link="https://kubernetes.io/docs/concepts/services-networking/ingress/" title-link="https://kubernetes.io/docs/concepts/services-networking/ingress/"
> >
...@@ -340,7 +291,6 @@ export default { ...@@ -340,7 +291,6 @@ export default {
:uninstallable="applications.cert_manager.uninstallable" :uninstallable="applications.cert_manager.uninstallable"
:uninstall-successful="applications.cert_manager.uninstallSuccessful" :uninstall-successful="applications.cert_manager.uninstallSuccessful"
:uninstall-failed="applications.cert_manager.uninstallFailed" :uninstall-failed="applications.cert_manager.uninstallFailed"
:disabled="!helmInstalled"
title-link="https://cert-manager.readthedocs.io/en/latest/#" title-link="https://cert-manager.readthedocs.io/en/latest/#"
> >
<template #description> <template #description>
...@@ -398,7 +348,6 @@ export default { ...@@ -398,7 +348,6 @@ export default {
:uninstallable="applications.prometheus.uninstallable" :uninstallable="applications.prometheus.uninstallable"
:uninstall-successful="applications.prometheus.uninstallSuccessful" :uninstall-successful="applications.prometheus.uninstallSuccessful"
:uninstall-failed="applications.prometheus.uninstallFailed" :uninstall-failed="applications.prometheus.uninstallFailed"
:disabled="!helmInstalled"
title-link="https://prometheus.io/docs/introduction/overview/" title-link="https://prometheus.io/docs/introduction/overview/"
> >
<template #description> <template #description>
...@@ -438,7 +387,6 @@ export default { ...@@ -438,7 +387,6 @@ export default {
:uninstallable="applications.runner.uninstallable" :uninstallable="applications.runner.uninstallable"
:uninstall-successful="applications.runner.uninstallSuccessful" :uninstall-successful="applications.runner.uninstallSuccessful"
:uninstall-failed="applications.runner.uninstallFailed" :uninstall-failed="applications.runner.uninstallFailed"
:disabled="!helmInstalled"
title-link="https://docs.gitlab.com/runner/" title-link="https://docs.gitlab.com/runner/"
> >
<template #description> <template #description>
...@@ -464,7 +412,6 @@ export default { ...@@ -464,7 +412,6 @@ export default {
:uninstall-successful="applications.crossplane.uninstallSuccessful" :uninstall-successful="applications.crossplane.uninstallSuccessful"
:uninstall-failed="applications.crossplane.uninstallFailed" :uninstall-failed="applications.crossplane.uninstallFailed"
:install-application-request-params="{ stack: applications.crossplane.stack }" :install-application-request-params="{ stack: applications.crossplane.stack }"
:disabled="!helmInstalled"
title-link="https://crossplane.io" title-link="https://crossplane.io"
> >
<template #description> <template #description>
...@@ -509,7 +456,6 @@ export default { ...@@ -509,7 +456,6 @@ export default {
:uninstall-successful="applications.jupyter.uninstallSuccessful" :uninstall-successful="applications.jupyter.uninstallSuccessful"
:uninstall-failed="applications.jupyter.uninstallFailed" :uninstall-failed="applications.jupyter.uninstallFailed"
:install-application-request-params="{ hostname: applications.jupyter.hostname }" :install-application-request-params="{ hostname: applications.jupyter.hostname }"
:disabled="!helmInstalled"
title-link="https://jupyterhub.readthedocs.io/en/stable/" title-link="https://jupyterhub.readthedocs.io/en/stable/"
> >
<template #description> <template #description>
...@@ -575,7 +521,6 @@ export default { ...@@ -575,7 +521,6 @@ export default {
:uninstall-successful="applications.knative.uninstallSuccessful" :uninstall-successful="applications.knative.uninstallSuccessful"
:uninstall-failed="applications.knative.uninstallFailed" :uninstall-failed="applications.knative.uninstallFailed"
:updateable="false" :updateable="false"
:disabled="!helmInstalled"
v-bind="applications.knative" v-bind="applications.knative"
title-link="https://github.com/knative/docs" title-link="https://github.com/knative/docs"
> >
...@@ -597,7 +542,7 @@ export default { ...@@ -597,7 +542,7 @@ export default {
</p> </p>
<knative-domain-editor <knative-domain-editor
v-if="(knative.installed || (helmInstalled && rbac)) && !preInstalledKnative" v-if="(knative.installed || rbac) && !preInstalledKnative"
:knative="knative" :knative="knative"
:ingress-dns-help-path="ingressDnsHelpPath" :ingress-dns-help-path="ingressDnsHelpPath"
@save="saveKnativeDomain" @save="saveKnativeDomain"
...@@ -634,7 +579,6 @@ export default { ...@@ -634,7 +579,6 @@ export default {
:uninstallable="applications.elastic_stack.uninstallable" :uninstallable="applications.elastic_stack.uninstallable"
:uninstall-successful="applications.elastic_stack.uninstallSuccessful" :uninstall-successful="applications.elastic_stack.uninstallSuccessful"
:uninstall-failed="applications.elastic_stack.uninstallFailed" :uninstall-failed="applications.elastic_stack.uninstallFailed"
:disabled="!helmInstalled"
title-link="https://gitlab.com/gitlab-org/charts/elastic-stack" title-link="https://gitlab.com/gitlab-org/charts/elastic-stack"
> >
<template #description> <template #description>
...@@ -668,7 +612,6 @@ export default { ...@@ -668,7 +612,6 @@ export default {
:uninstallable="applications.fluentd.uninstallable" :uninstallable="applications.fluentd.uninstallable"
:uninstall-successful="applications.fluentd.uninstallSuccessful" :uninstall-successful="applications.fluentd.uninstallSuccessful"
:uninstall-failed="applications.fluentd.uninstallFailed" :uninstall-failed="applications.fluentd.uninstallFailed"
:disabled="!helmInstalled"
:updateable="false" :updateable="false"
title-link="https://github.com/helm/charts/tree/master/stable/fluentd" title-link="https://github.com/helm/charts/tree/master/stable/fluentd"
> >
...@@ -694,7 +637,7 @@ export default { ...@@ -694,7 +637,7 @@ export default {
</application-row> </application-row>
<div class="gl-mt-7 gl-border-1 gl-border-t-solid gl-border-gray-100"> <div class="gl-mt-7 gl-border-1 gl-border-t-solid gl-border-gray-100">
<!-- This empty div serves as a separator between applications that have a dependency on Helm and those that can be enabled without Helm. --> <!-- This empty div serves as a separator. The applications below can be externally installed using a cluster-management project. -->
</div> </div>
<application-row <application-row
......
...@@ -6,10 +6,6 @@ class Clusters::BaseController < ApplicationController ...@@ -6,10 +6,6 @@ class Clusters::BaseController < ApplicationController
skip_before_action :authenticate_user! skip_before_action :authenticate_user!
before_action :authorize_read_cluster! before_action :authorize_read_cluster!
before_action do
push_frontend_feature_flag(:managed_apps_local_tiller, clusterable, default_enabled: true)
end
helper_method :clusterable helper_method :clusterable
private private
......
...@@ -38,8 +38,7 @@ module Clusters ...@@ -38,8 +38,7 @@ module Clusters
chart: chart, chart: chart,
files: files.merge(cluster_issuer_file), files: files.merge(cluster_issuer_file),
preinstall: pre_install_script, preinstall: pre_install_script,
postinstall: post_install_script, postinstall: post_install_script
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -48,8 +47,7 @@ module Clusters ...@@ -48,8 +47,7 @@ module Clusters
name: 'certmanager', name: 'certmanager',
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files,
postdelete: post_delete_script, postdelete: post_delete_script
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -35,8 +35,7 @@ module Clusters ...@@ -35,8 +35,7 @@ module Clusters
version: VERSION, version: VERSION,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -34,8 +34,7 @@ module Clusters ...@@ -34,8 +34,7 @@ module Clusters
repository: repository, repository: repository,
files: files, files: files,
preinstall: migrate_to_3_script, preinstall: migrate_to_3_script,
postinstall: post_install_script, postinstall: post_install_script
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -44,8 +43,7 @@ module Clusters ...@@ -44,8 +43,7 @@ module Clusters
name: 'elastic-stack', name: 'elastic-stack',
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files,
postdelete: post_delete_script, postdelete: post_delete_script
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -121,8 +119,7 @@ module Clusters ...@@ -121,8 +119,7 @@ module Clusters
Gitlab::Kubernetes::Helm::DeleteCommand.new( Gitlab::Kubernetes::Helm::DeleteCommand.new(
name: 'elastic-stack', name: 'elastic-stack',
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files
local_tiller_enabled: cluster.local_tiller_enabled?
).delete_command, ).delete_command,
Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", "release=elastic-stack", "--namespace", Gitlab::Kubernetes::Helm::NAMESPACE) Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", "release=elastic-stack", "--namespace", Gitlab::Kubernetes::Helm::NAMESPACE)
] ]
......
...@@ -32,8 +32,7 @@ module Clusters ...@@ -32,8 +32,7 @@ module Clusters
version: VERSION, version: VERSION,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -52,8 +52,7 @@ module Clusters ...@@ -52,8 +52,7 @@ module Clusters
Gitlab::Kubernetes::Helm::InitCommand.new( Gitlab::Kubernetes::Helm::InitCommand.new(
name: name, name: name,
files: files, files: files,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -61,8 +60,7 @@ module Clusters ...@@ -61,8 +60,7 @@ module Clusters
Gitlab::Kubernetes::Helm::ResetCommand.new( Gitlab::Kubernetes::Helm::ResetCommand.new(
name: name, name: name,
files: files, files: files,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -63,8 +63,7 @@ module Clusters ...@@ -63,8 +63,7 @@ module Clusters
version: VERSION, version: VERSION,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -45,8 +45,7 @@ module Clusters ...@@ -45,8 +45,7 @@ module Clusters
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files,
repository: repository, repository: repository
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -77,8 +77,7 @@ module Clusters ...@@ -77,8 +77,7 @@ module Clusters
chart: chart, chart: chart,
files: files, files: files,
repository: REPOSITORY, repository: REPOSITORY,
postinstall: install_knative_metrics, postinstall: install_knative_metrics
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -100,8 +99,7 @@ module Clusters ...@@ -100,8 +99,7 @@ module Clusters
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files,
predelete: delete_knative_services_and_metrics, predelete: delete_knative_services_and_metrics,
postdelete: delete_knative_istio_leftovers, postdelete: delete_knative_istio_leftovers
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -69,8 +69,7 @@ module Clusters ...@@ -69,8 +69,7 @@ module Clusters
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files,
postinstall: install_knative_metrics, postinstall: install_knative_metrics
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -80,8 +79,7 @@ module Clusters ...@@ -80,8 +79,7 @@ module Clusters
version: version, version: version,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files_with_replaced_values(values), files: files_with_replaced_values(values)
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -90,8 +88,7 @@ module Clusters ...@@ -90,8 +88,7 @@ module Clusters
name: name, name: name,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files,
predelete: delete_knative_istio_metrics, predelete: delete_knative_istio_metrics
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -36,8 +36,7 @@ module Clusters ...@@ -36,8 +36,7 @@ module Clusters
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
files: files, files: files,
repository: repository, repository: repository
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
......
...@@ -357,10 +357,6 @@ module Clusters ...@@ -357,10 +357,6 @@ module Clusters
end end
end end
def local_tiller_enabled?
Feature.enabled?(:managed_apps_local_tiller, clusterable, default_enabled: true)
end
def prometheus_adapter def prometheus_adapter
application_prometheus application_prometheus
end end
......
...@@ -15,7 +15,7 @@ module Clusters ...@@ -15,7 +15,7 @@ module Clusters
def set_initial_status def set_initial_status
return unless not_installable? return unless not_installable?
self.status = status_states[:installable] if cluster&.application_helm_available? || cluster&.local_tiller_enabled? self.status = status_states[:installable]
end end
def can_uninstall? def can_uninstall?
......
...@@ -7,8 +7,7 @@ module Clusters ...@@ -7,8 +7,7 @@ module Clusters
Gitlab::Kubernetes::Helm::DeleteCommand.new( Gitlab::Kubernetes::Helm::DeleteCommand.new(
name: name, name: name,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
files: files, files: files
local_tiller_enabled: cluster.local_tiller_enabled?
) )
end end
...@@ -21,23 +20,11 @@ module Clusters ...@@ -21,23 +20,11 @@ module Clusters
end end
def files def files
@files ||= begin @files ||= { 'values.yaml': values }
files = { 'values.yaml': values }
files.merge!(certificate_files) if use_tiller_ssl?
files
end
end end
private private
def use_tiller_ssl?
return false if cluster.local_tiller_enabled?
cluster.application_helm.has_ssl?
end
def certificate_files def certificate_files
{ {
'ca.pem': ca_cert, 'ca.pem': ca_cert,
......
...@@ -97,24 +97,6 @@ module Clusters ...@@ -97,24 +97,6 @@ module Clusters
application.status_reason = status_reason if status_reason application.status_reason = status_reason if status_reason
end end
before_transition any => [:installed, :updated] do |application, transition|
unless application.cluster.local_tiller_enabled? || application.is_a?(Clusters::Applications::Helm)
if transition.event == :make_externally_installed
# If an application is externally installed
# We assume the helm application is externally installed too
helm = application.cluster.application_helm || application.cluster.build_application_helm
helm.make_externally_installed!
else
# When installing any application we are also performing an update
# of tiller (see Gitlab::Kubernetes::Helm::ClientCommand) so
# therefore we need to reflect that in the database.
application.cluster.application_helm.update!(version: Gitlab::Kubernetes::Helm::HELM_VERSION)
end
end
end
after_transition any => [:uninstalling], :use_transactions => false do |application, _| after_transition any => [:uninstalling], :use_transactions => false do |application, _|
application.prepare_uninstall application.prepare_uninstall
end end
......
---
title: Remove feature flag managed_apps_local_tiller
merge_request: 37641
author:
type: changed
...@@ -69,47 +69,23 @@ can lead to confusion during deployments. ...@@ -69,47 +69,23 @@ can lead to confusion during deployments.
> - Introduced in GitLab 10.2 for project-level clusters. > - Introduced in GitLab 10.2 for project-level clusters.
> - Introduced in GitLab 11.6 for group-level clusters. > - Introduced in GitLab 11.6 for group-level clusters.
> - A local Tiller option was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2 behind a feature flag, enabled by default. > - [Uses a local Tiller](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) since GitLab 13.2.
> - The feature flag for local Tiller is enabled on GitLab.com.
[Helm](https://helm.sh/docs/) is a package manager for Kubernetes and is [Helm](https://helm.sh/docs/) is a package manager for Kubernetes and is
used to install the GitLab-managed apps. GitLab runs each `helm` command used to install the GitLab-managed apps. GitLab runs each `helm` command
in a pod within the `gitlab-managed-apps` namespace inside the cluster. in a pod within the `gitlab-managed-apps` namespace inside the cluster.
As of GitLab 13.2, the integration uses a local GitLab's integration uses Helm 2 with a local
[Tiller](https://v2.helm.sh/docs/glossary/#tiller) by default. When using a [Tiller](https://v2.helm.sh/docs/glossary/#tiller) server for managing
local Tiller, the Helm application does not need to be installed and will not applications. Prior to [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/209736),
be shown in the list of applications. GitLab used an in-cluster Tiller server in the `gitlab-managed-apps`
namespace. This server can now be safely removed.
NOTE: **Note:** NOTE: **Note:**
GitLab's Helm integration does not support installing applications behind a proxy, GitLab's Helm integration does not support installing applications behind a proxy,
but a [workaround](../../topics/autodevops/index.md#install-applications-behind-a-proxy) but a [workaround](../../topics/autodevops/index.md#install-applications-behind-a-proxy)
is available. is available.
### Enable or disable local Tiller **(CORE ONLY)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2
> - The option to disable local Tiller is [planned for removal](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.3
Local Tiller is under development, but is ready for production use. It is
deployed behind a feature flag that is **enabled by default**.
[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md)
can enable it for your instance.
To enable it:
```ruby
# Instance-wide
Feature.enable(:managed_apps_local_tiller)
```
To disable it:
```ruby
# Instance-wide
Feature.disable(:managed_apps_local_tiller)
```
### cert-manager ### cert-manager
> Introduced in GitLab 11.6 for project- and group-level clusters. > Introduced in GitLab 11.6 for project- and group-level clusters.
......
...@@ -6,21 +6,16 @@ module Gitlab ...@@ -6,21 +6,16 @@ module Gitlab
class BaseCommand class BaseCommand
attr_reader :name, :files attr_reader :name, :files
def initialize(rbac:, name:, files:, local_tiller_enabled:) def initialize(rbac:, name:, files:)
@rbac = rbac @rbac = rbac
@name = name @name = name
@files = files @files = files
@local_tiller_enabled = local_tiller_enabled
end end
def rbac? def rbac?
@rbac @rbac
end end
def local_tiller_enabled?
@local_tiller_enabled
end
def pod_resource def pod_resource
pod_service_account_name = rbac? ? service_account_name : nil pod_service_account_name = rbac? ? service_account_name : nil
......
...@@ -5,30 +5,11 @@ module Gitlab ...@@ -5,30 +5,11 @@ module Gitlab
module Helm module Helm
module ClientCommand module ClientCommand
def init_command def init_command
if local_tiller_enabled? <<~SHELL.chomp
<<~HEREDOC.chomp
export HELM_HOST="localhost:44134" export HELM_HOST="localhost:44134"
tiller -listen ${HELM_HOST} -alsologtostderr & tiller -listen ${HELM_HOST} -alsologtostderr &
helm init --client-only helm init --client-only
HEREDOC SHELL
else
# Here we are always upgrading to the latest version of Tiller when
# installing an app. We ensure the helm version stored in the
# database is correct by also updating this after transition to
# :installed,:updated in Clusters::Concerns::ApplicationStatus
'helm init --upgrade'
end
end
def wait_for_tiller_command
return if local_tiller_enabled?
helm_check = ['helm', 'version', *optional_tls_flags].shelljoin
# This is necessary to give Tiller time to restart after upgrade.
# Ideally we'd be able to use --wait but cannot because of
# https://github.com/helm/helm/issues/4855
"for i in $(seq 1 30); do #{helm_check} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)"
end end
def repository_command def repository_command
...@@ -37,12 +18,6 @@ module Gitlab ...@@ -37,12 +18,6 @@ module Gitlab
private private
def tls_flags_if_remote_tiller
return [] if local_tiller_enabled?
optional_tls_flags
end
def repository_update_command def repository_update_command
'helm repo update' 'helm repo update'
end end
......
...@@ -17,7 +17,6 @@ module Gitlab ...@@ -17,7 +17,6 @@ module Gitlab
def generate_script def generate_script
super + [ super + [
init_command, init_command,
wait_for_tiller_command,
predelete, predelete,
delete_command, delete_command,
postdelete postdelete
...@@ -29,9 +28,7 @@ module Gitlab ...@@ -29,9 +28,7 @@ module Gitlab
end end
def delete_command def delete_command
command = ['helm', 'delete', '--purge', name] + tls_flags_if_remote_tiller ['helm', 'delete', '--purge', name].shelljoin
command.shelljoin
end end
end end
end end
......
...@@ -21,7 +21,6 @@ module Gitlab ...@@ -21,7 +21,6 @@ module Gitlab
def generate_script def generate_script
super + [ super + [
init_command, init_command,
wait_for_tiller_command,
repository_command, repository_command,
repository_update_command, repository_update_command,
preinstall, preinstall,
...@@ -39,7 +38,6 @@ module Gitlab ...@@ -39,7 +38,6 @@ module Gitlab
install_flag + install_flag +
rollback_support_flag + rollback_support_flag +
reset_values_flag + reset_values_flag +
tls_flags_if_remote_tiller +
optional_version_flag + optional_version_flag +
rbac_create_flag + rbac_create_flag +
namespace_flag + namespace_flag +
......
...@@ -26,7 +26,6 @@ module Gitlab ...@@ -26,7 +26,6 @@ module Gitlab
def generate_script def generate_script
super + [ super + [
init_command, init_command,
wait_for_tiller_command,
repository_command, repository_command,
repository_update_command, repository_update_command,
upgrade_command upgrade_command
...@@ -38,7 +37,6 @@ module Gitlab ...@@ -38,7 +37,6 @@ module Gitlab
def upgrade_command def upgrade_command
command = ['helm', 'upgrade', name, chart] + command = ['helm', 'upgrade', name, chart] +
reuse_values_flag + reuse_values_flag +
tls_flags_if_remote_tiller +
version_flag + version_flag +
namespace_flag + namespace_flag +
value_flag value_flag
......
...@@ -5177,7 +5177,7 @@ msgstr "" ...@@ -5177,7 +5177,7 @@ msgstr ""
msgid "ClusterIntegration|Choose the worker node %{startLink}instance type %{externalLinkIcon} %{endLink}." msgid "ClusterIntegration|Choose the worker node %{startLink}instance type %{externalLinkIcon} %{endLink}."
msgstr "" msgstr ""
msgid "ClusterIntegration|Choose which applications to install on your Kubernetes cluster. Helm Tiller is required to install any of the following applications." msgid "ClusterIntegration|Choose which applications to install on your Kubernetes cluster."
msgstr "" msgstr ""
msgid "ClusterIntegration|Choose which of your environments will use this cluster." msgid "ClusterIntegration|Choose which of your environments will use this cluster."
...@@ -5393,9 +5393,6 @@ msgstr "" ...@@ -5393,9 +5393,6 @@ msgstr ""
msgid "ClusterIntegration|Helm release failed to install" msgid "ClusterIntegration|Helm release failed to install"
msgstr "" msgstr ""
msgid "ClusterIntegration|Helm streamlines installing and managing Kubernetes applications. Tiller runs inside of your Kubernetes Cluster, and manages releases of your charts."
msgstr ""
msgid "ClusterIntegration|If you are setting up multiple clusters and are using Auto DevOps, %{help_link_start}read this first%{help_link_end}." msgid "ClusterIntegration|If you are setting up multiple clusters and are using Auto DevOps, %{help_link_start}read this first%{help_link_end}."
msgstr "" msgstr ""
...@@ -5903,9 +5900,6 @@ msgstr "" ...@@ -5903,9 +5900,6 @@ msgstr ""
msgid "ClusterIntegration|You are about to update %{appTitle} on your cluster." msgid "ClusterIntegration|You are about to update %{appTitle} on your cluster."
msgstr "" msgstr ""
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgstr ""
msgid "ClusterIntegration|You must grant access to your organization’s AWS resources in order to create a new EKS cluster. To grant access, create a provision role using the account and external ID below and provide us the ARN." msgid "ClusterIntegration|You must grant access to your organization’s AWS resources in order to create a new EKS cluster. To grant access, create a provision role using the account and external ID below and provide us the ARN."
msgstr "" msgstr ""
......
# frozen_string_literal: true # frozen_string_literal: true
RSpec.shared_examples "installing applications for a cluster" do |managed_apps_local_tiller| RSpec.shared_examples "installing applications for a cluster" do
before do before do
# Reduce interval from 10 seconds which is too long for an automated test # Reduce interval from 10 seconds which is too long for an automated test
stub_const("#{Clusters::ClustersController}::STATUS_POLLING_INTERVAL", 500) stub_const("#{Clusters::ClustersController}::STATUS_POLLING_INTERVAL", 500)
stub_feature_flags(managed_apps_local_tiller: managed_apps_local_tiller)
visit cluster_path visit cluster_path
end end
...@@ -31,12 +29,7 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l ...@@ -31,12 +29,7 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
it 'user can install applications' do it 'user can install applications' do
wait_for_requests wait_for_requests
application_row = application_row = '.js-cluster-application-row-ingress'
if managed_apps_local_tiller
'.js-cluster-application-row-ingress'
else
'.js-cluster-application-row-helm'
end
page.within(application_row) do page.within(application_row) do
expect(page).not_to have_css('.js-cluster-application-install-button[disabled]') expect(page).not_to have_css('.js-cluster-application-install-button[disabled]')
...@@ -44,50 +37,11 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l ...@@ -44,50 +37,11 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
end end
end end
if managed_apps_local_tiller it 'does not show the Helm application' do
it 'does not show the Helm application' do expect(page).not_to have_selector(:css, '.js-cluster-application-row-helm')
expect(page).not_to have_selector(:css, '.js-cluster-application-row-helm')
end
else
context 'when user installs Helm' do
before do
allow(ClusterInstallAppWorker).to receive(:perform_async)
wait_for_requests
page.within('.js-cluster-application-row-helm') do
page.find(:css, '.js-cluster-application-install-button').click
end
wait_for_requests
end
it 'shows the status transition' do
page.within('.js-cluster-application-row-helm') do
# FE sends request and gets the response, then the buttons is "Installing"
expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Installing')
Clusters::Cluster.last.application_helm.make_installing!
# FE starts polling and update the buttons to "Installing"
expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Installing')
Clusters::Cluster.last.application_helm.make_installed!
expect(page).not_to have_css('button', exact_text: 'Install', visible: :all)
expect(page).not_to have_css('button', exact_text: 'Installing', visible: :all)
expect(page).to have_css('.js-cluster-application-uninstall-button:not([disabled])', exact_text: 'Uninstall')
end
expect(page).to have_content('Helm Tiller was successfully installed on your Kubernetes cluster')
end
end
end end
context 'when user installs Knative' do context 'when user installs Knative' do
before do
create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
end
context 'on an abac cluster' do context 'on an abac cluster' do
let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled, *cluster_factory_args) } let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled, *cluster_factory_args) }
...@@ -166,8 +120,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l ...@@ -166,8 +120,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
allow(ClusterInstallAppWorker).to receive(:perform_async) allow(ClusterInstallAppWorker).to receive(:perform_async)
allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in) allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in)
allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async) allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async)
create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
end end
it 'shows status transition' do it 'shows status transition' do
...@@ -223,8 +175,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l ...@@ -223,8 +175,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
before do before do
allow(ClusterInstallAppWorker).to receive(:perform_async) allow(ClusterInstallAppWorker).to receive(:perform_async)
create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
page.within('.js-cluster-application-row-elastic_stack') do page.within('.js-cluster-application-row-elastic_stack') do
click_button 'Install' click_button 'Install'
end end
...@@ -255,8 +205,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l ...@@ -255,8 +205,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in) allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in)
allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async) allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async)
create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
page.within('.js-cluster-application-row-ingress') do page.within('.js-cluster-application-row-ingress') do
expect(page).to have_css('.js-cluster-application-install-button:not([disabled])') expect(page).to have_css('.js-cluster-application-install-button:not([disabled])')
page.find(:css, '.js-cluster-application-install-button').click page.find(:css, '.js-cluster-application-install-button').click
......
...@@ -14,7 +14,6 @@ describe('Applications', () => { ...@@ -14,7 +14,6 @@ describe('Applications', () => {
beforeEach(() => { beforeEach(() => {
gon.features = gon.features || {}; gon.features = gon.features || {};
gon.features.managedAppsLocalTiller = false;
}); });
const createApp = ({ applications, type, props } = {}, isShallow) => { const createApp = ({ applications, type, props } = {}, isShallow) => {
...@@ -41,10 +40,6 @@ describe('Applications', () => { ...@@ -41,10 +40,6 @@ describe('Applications', () => {
createApp({ type: CLUSTER_TYPE.PROJECT }); createApp({ type: CLUSTER_TYPE.PROJECT });
}); });
it('renders a row for Helm Tiller', () => {
expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
});
it('renders a row for Ingress', () => { it('renders a row for Ingress', () => {
expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true); expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
}); });
...@@ -90,10 +85,6 @@ describe('Applications', () => { ...@@ -90,10 +85,6 @@ describe('Applications', () => {
createApp({ type: CLUSTER_TYPE.GROUP }); createApp({ type: CLUSTER_TYPE.GROUP });
}); });
it('renders a row for Helm Tiller', () => {
expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
});
it('renders a row for Ingress', () => { it('renders a row for Ingress', () => {
expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true); expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
}); });
...@@ -140,10 +131,6 @@ describe('Applications', () => { ...@@ -140,10 +131,6 @@ describe('Applications', () => {
createApp({ type: CLUSTER_TYPE.INSTANCE }); createApp({ type: CLUSTER_TYPE.INSTANCE });
}); });
it('renders a row for Helm Tiller', () => {
expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
});
it('renders a row for Ingress', () => { it('renders a row for Ingress', () => {
expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true); expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
}); });
...@@ -186,15 +173,9 @@ describe('Applications', () => { ...@@ -186,15 +173,9 @@ describe('Applications', () => {
}); });
describe('Helm application', () => { describe('Helm application', () => {
describe('when managedAppsLocalTiller enabled', () => { it('does not render a row for Helm Tiller', () => {
beforeEach(() => { createApp();
gon.features.managedAppsLocalTiller = true; expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(false);
});
it('does not render a row for Helm Tiller', () => {
createApp();
expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(false);
});
}); });
}); });
...@@ -252,7 +233,6 @@ describe('Applications', () => { ...@@ -252,7 +233,6 @@ describe('Applications', () => {
externalHostname: 'localhost.localdomain', externalHostname: 'localhost.localdomain',
modsecurity_enabled: false, modsecurity_enabled: false,
}, },
helm: { title: 'Helm Tiller' },
cert_manager: { title: 'Cert-Manager' }, cert_manager: { title: 'Cert-Manager' },
crossplane: { title: 'Crossplane', stack: '' }, crossplane: { title: 'Crossplane', stack: '' },
runner: { title: 'GitLab Runner' }, runner: { title: 'GitLab Runner' },
...@@ -403,14 +383,6 @@ describe('Applications', () => { ...@@ -403,14 +383,6 @@ describe('Applications', () => {
false, false,
); );
}); });
it('renders disabled install button', () => {
expect(
wrapper
.find('.js-cluster-application-row-jupyter .js-cluster-application-install-button')
.attributes('disabled'),
).toEqual('disabled');
});
}); });
}); });
...@@ -530,7 +502,7 @@ describe('Applications', () => { ...@@ -530,7 +502,7 @@ describe('Applications', () => {
describe('Elastic Stack application', () => { describe('Elastic Stack application', () => {
describe('with elastic stack installable', () => { describe('with elastic stack installable', () => {
it('renders hostname active input', () => { it('renders the install button enabled', () => {
createApp(); createApp();
expect( expect(
...@@ -539,7 +511,7 @@ describe('Applications', () => { ...@@ -539,7 +511,7 @@ describe('Applications', () => {
'.js-cluster-application-row-elastic_stack .js-cluster-application-install-button', '.js-cluster-application-row-elastic_stack .js-cluster-application-install-button',
) )
.attributes('disabled'), .attributes('disabled'),
).toEqual('disabled'); ).toBeUndefined();
}); });
}); });
......
...@@ -17,8 +17,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do ...@@ -17,8 +17,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do
name: application_name, name: application_name,
chart: 'chart-name', chart: 'chart-name',
rbac: rbac, rbac: rbac,
files: files, files: files
local_tiller_enabled: true
) )
end end
...@@ -143,7 +142,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do ...@@ -143,7 +142,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do
end end
context 'with a service account' do context 'with a service account' do
let(:command) { Gitlab::Kubernetes::Helm::InitCommand.new(name: application_name, files: files, rbac: rbac, local_tiller_enabled: true) } let(:command) { Gitlab::Kubernetes::Helm::InitCommand.new(name: application_name, files: files, rbac: rbac) }
context 'rbac-enabled cluster' do context 'rbac-enabled cluster' do
let(:rbac) { true } let(:rbac) { true }
......
...@@ -16,8 +16,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::BaseCommand do ...@@ -16,8 +16,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::BaseCommand do
super( super(
name: 'test-class-name', name: 'test-class-name',
rbac: rbac, rbac: rbac,
files: { some: 'value' }, files: { some: 'value' }
local_tiller_enabled: false
) )
end end
end end
......
...@@ -3,12 +3,11 @@ ...@@ -3,12 +3,11 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do
subject(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files, local_tiller_enabled: local_tiller_enabled) } subject(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files) }
let(:app_name) { 'app-name' } let(:app_name) { 'app-name' }
let(:rbac) { true } let(:rbac) { true }
let(:files) { {} } let(:files) { {} }
let(:local_tiller_enabled) { true }
it_behaves_like 'helm command generator' do it_behaves_like 'helm command generator' do
let(:commands) do let(:commands) do
...@@ -21,50 +20,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do ...@@ -21,50 +20,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do
end end
end end
context 'tillerless feature disabled' do
let(:local_tiller_enabled) { false }
it_behaves_like 'helm command generator' do
let(:commands) do
<<~EOS
helm init --upgrade
for i in $(seq 1 30); do helm version && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
helm delete --purge app-name
EOS
end
end
context 'when there is a ca.pem file' do
let(:files) { { 'ca.pem': 'some file content' } }
let(:tls_flags) do
<<~EOS.squish
--tls
--tls-ca-cert /data/helm/app-name/config/ca.pem
--tls-cert /data/helm/app-name/config/cert.pem
--tls-key /data/helm/app-name/config/key.pem
EOS
end
it_behaves_like 'helm command generator' do
let(:commands) do
<<~EOS
helm init --upgrade
for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
#{helm_delete_command}
EOS
end
let(:helm_delete_command) do
<<~EOS.squish
helm delete --purge app-name
#{tls_flags}
EOS
end
end
end
end
describe '#pod_name' do describe '#pod_name' do
subject { delete_command.pod_name } subject { delete_command.pod_name }
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Gitlab::Kubernetes::Helm::InitCommand do RSpec.describe Gitlab::Kubernetes::Helm::InitCommand do
subject(:init_command) { described_class.new(name: application.name, files: files, rbac: rbac, local_tiller_enabled: false) } subject(:init_command) { described_class.new(name: application.name, files: files, rbac: rbac) }
let(:application) { create(:clusters_applications_helm) } let(:application) { create(:clusters_applications_helm) }
let(:rbac) { false } let(:rbac) { false }
......
...@@ -12,8 +12,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do ...@@ -12,8 +12,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
version: version, version: version,
repository: repository, repository: repository,
preinstall: preinstall, preinstall: preinstall,
postinstall: postinstall, postinstall: postinstall
local_tiller_enabled: local_tiller_enabled
) )
end end
...@@ -23,7 +22,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do ...@@ -23,7 +22,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
let(:version) { '1.2.3' } let(:version) { '1.2.3' }
let(:preinstall) { nil } let(:preinstall) { nil }
let(:postinstall) { nil } let(:postinstall) { nil }
let(:local_tiller_enabled) { true }
it_behaves_like 'helm command generator' do it_behaves_like 'helm command generator' do
let(:commands) do let(:commands) do
...@@ -52,46 +50,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do ...@@ -52,46 +50,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
end end
end end
context 'tillerless feature disabled' do
let(:local_tiller_enabled) { false }
let(:tls_flags) do
<<~EOS.squish
--tls
--tls-ca-cert /data/helm/app-name/config/ca.pem
--tls-cert /data/helm/app-name/config/cert.pem
--tls-key /data/helm/app-name/config/key.pem
EOS
end
it_behaves_like 'helm command generator' do
let(:commands) do
<<~EOS
helm init --upgrade
for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
helm repo add app-name https://repository.example.com
helm repo update
#{helm_install_comand}
EOS
end
let(:helm_install_comand) do
<<~EOS.squish
helm upgrade app-name chart-name
--install
--atomic
--cleanup-on-fail
--reset-values
#{tls_flags}
--version 1.2.3
--set rbac.create\\=false,rbac.enabled\\=false
--namespace gitlab-managed-apps
-f /data/helm/app-name/config/values.yaml
EOS
end
end
end
context 'when rbac is true' do context 'when rbac is true' do
let(:rbac) { true } let(:rbac) { true }
......
...@@ -7,7 +7,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do ...@@ -7,7 +7,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do
let(:repository) { 'https://repository.example.com' } let(:repository) { 'https://repository.example.com' }
let(:rbac) { false } let(:rbac) { false }
let(:version) { '1.2.3' } let(:version) { '1.2.3' }
let(:local_tiller_enabled) { true }
subject(:patch_command) do subject(:patch_command) do
described_class.new( described_class.new(
...@@ -16,47 +15,10 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do ...@@ -16,47 +15,10 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do
rbac: rbac, rbac: rbac,
files: files, files: files,
version: version, version: version,
repository: repository, repository: repository
local_tiller_enabled: local_tiller_enabled
) )
end end
context 'when local tiller feature is disabled' do
let(:local_tiller_enabled) { false }
let(:tls_flags) do
<<~EOS.squish
--tls
--tls-ca-cert /data/helm/app-name/config/ca.pem
--tls-cert /data/helm/app-name/config/cert.pem
--tls-key /data/helm/app-name/config/key.pem
EOS
end
it_behaves_like 'helm command generator' do
let(:commands) do
<<~EOS
helm init --upgrade
for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
helm repo add app-name https://repository.example.com
helm repo update
#{helm_upgrade_comand}
EOS
end
let(:helm_upgrade_comand) do
<<~EOS.squish
helm upgrade app-name chart-name
--reuse-values
#{tls_flags}
--version 1.2.3
--namespace gitlab-managed-apps
-f /data/helm/app-name/config/values.yaml
EOS
end
end
end
it_behaves_like 'helm command generator' do it_behaves_like 'helm command generator' do
let(:commands) do let(:commands) do
<<~EOS <<~EOS
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Gitlab::Kubernetes::Helm::ResetCommand do RSpec.describe Gitlab::Kubernetes::Helm::ResetCommand do
subject(:reset_command) { described_class.new(name: name, rbac: rbac, files: files, local_tiller_enabled: false) } subject(:reset_command) { described_class.new(name: name, rbac: rbac, files: files) }
let(:rbac) { true } let(:rbac) { true }
let(:name) { 'helm' } let(:name) { 'helm' }
......
...@@ -28,46 +28,16 @@ RSpec.shared_examples 'cluster application helm specs' do |application_name| ...@@ -28,46 +28,16 @@ RSpec.shared_examples 'cluster application helm specs' do |application_name|
describe '#files' do describe '#files' do
subject { application.files } subject { application.files }
context 'managed_apps_local_tiller feature flag is disabled' do it 'does not include cert files' do
before do expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
stub_feature_flags(managed_apps_local_tiller: false)
end
context 'when the helm application does not have a ca_cert' do
before do
application.cluster.application_helm.ca_cert = nil
end
it 'does not include cert files when there is no ca_cert entry' do
expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
end
end
it 'includes cert files when there is a ca_cert entry' do
expect(subject).to include(:'ca.pem', :'cert.pem', :'key.pem')
expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
expect(cert.not_after).to be < 60.minutes.from_now
end
end end
context 'managed_apps_local_tiller feature flag is enabled' do context 'when cluster does not have helm installed' do
before do let(:application) { create(application_name, :no_helm_installed) }
stub_feature_flags(managed_apps_local_tiller: application.cluster.clusterable)
end
it 'does not include cert files' do it 'does not include cert files' do
expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem') expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
end end
context 'when cluster does not have helm installed' do
let(:application) { create(application_name, :no_helm_installed) }
it 'does not include cert files' do
expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
end
end
end end
end end
end end
...@@ -6,46 +6,8 @@ RSpec.shared_examples 'cluster application initial status specs' do ...@@ -6,46 +6,8 @@ RSpec.shared_examples 'cluster application initial status specs' do
subject { described_class.new(cluster: cluster) } subject { described_class.new(cluster: cluster) }
context 'local tiller feature flag is disabled' do it 'sets a default status' do
before do expect(subject.status_name).to be(:installable)
stub_feature_flags(managed_apps_local_tiller: false)
end
it 'sets a default status' do
expect(subject.status_name).to be(:not_installable)
end
end
context 'local tiller feature flag is enabled' do
before do
stub_feature_flags(managed_apps_local_tiller: cluster.clusterable)
end
it 'sets a default status' do
expect(subject.status_name).to be(:installable)
end
end
context 'when application helm is scheduled' do
before do
stub_feature_flags(managed_apps_local_tiller: false)
create(:clusters_applications_helm, :scheduled, cluster: cluster)
end
it 'defaults to :not_installable' do
expect(subject.status_name).to be(:not_installable)
end
end
context 'when application helm is installed' do
before do
create(:clusters_applications_helm, :installed, cluster: cluster)
end
it 'sets a default status' do
expect(subject.status_name).to be(:installable)
end
end end
end end
end end
...@@ -48,43 +48,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name| ...@@ -48,43 +48,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
expect(subject).to be_installed expect(subject).to be_installed
end end
context 'managed_apps_local_tiller feature flag disabled' do it 'does not update the helm version' do
before do subject.cluster.application_helm.update!(version: '1.2.3')
stub_feature_flags(managed_apps_local_tiller: false)
end
it 'updates helm version' do
subject.cluster.application_helm.update!(version: '1.2.3')
expect do
subject.make_installed! subject.make_installed!
subject.cluster.application_helm.reload subject.cluster.application_helm.reload
end.not_to change { subject.cluster.application_helm.version }
expect(subject.cluster.application_helm.version).to eq(Gitlab::Kubernetes::Helm::HELM_VERSION)
end
end end
context 'managed_apps_local_tiller feature flag enabled' do context 'the cluster has no helm installed' do
before do subject { create(application_name, :installing, :no_helm_installed) }
stub_feature_flags(managed_apps_local_tiller: subject.cluster.clusterable)
end
it 'does not update the helm version' do
subject.cluster.application_helm.update!(version: '1.2.3')
expect do
subject.make_installed!
subject.cluster.application_helm.reload
end.not_to change { subject.cluster.application_helm.version }
end
context 'the cluster has no helm installed' do
subject { create(application_name, :installing, :no_helm_installed) }
it 'runs without errors' do it 'runs without errors' do
expect { subject.make_installed! }.not_to raise_error expect { subject.make_installed! }.not_to raise_error
end
end end
end end
...@@ -97,43 +75,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name| ...@@ -97,43 +75,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
expect(subject).to be_updated expect(subject).to be_updated
end end
context 'managed_apps_local_tiller feature flag disabled' do it 'does not update the helm version' do
before do subject.cluster.application_helm.update!(version: '1.2.3')
stub_feature_flags(managed_apps_local_tiller: false)
end
it 'updates helm version' do
subject.cluster.application_helm.update!(version: '1.2.3')
expect do
subject.make_installed! subject.make_installed!
subject.cluster.application_helm.reload subject.cluster.application_helm.reload
end.not_to change { subject.cluster.application_helm.version }
expect(subject.cluster.application_helm.version).to eq(Gitlab::Kubernetes::Helm::HELM_VERSION)
end
end end
context 'managed_apps_local_tiller feature flag enabled' do context 'the cluster has no helm installed' do
before do subject { create(application_name, :updating, :no_helm_installed) }
stub_feature_flags(managed_apps_local_tiller: true)
end
it 'does not update the helm version' do
subject.cluster.application_helm.update!(version: '1.2.3')
expect do
subject.make_installed!
subject.cluster.application_helm.reload
end.not_to change { subject.cluster.application_helm.version }
end
context 'the cluster has no helm installed' do
subject { create(application_name, :updating, :no_helm_installed) }
it 'runs without errors' do it 'runs without errors' do
expect { subject.make_installed! }.not_to raise_error expect { subject.make_installed! }.not_to raise_error
end
end end
end end
end end
...@@ -185,62 +141,26 @@ RSpec.shared_examples 'cluster application status specs' do |application_name| ...@@ -185,62 +141,26 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
expect(subject).to be_installed expect(subject).to be_installed
end end
context 'local tiller flag enabled' do context 'helm record does not exist' do
before do subject { build(application_name, :installing, :no_helm_installed) }
stub_feature_flags(managed_apps_local_tiller: true)
end
context 'helm record does not exist' do
subject { build(application_name, :installing, :no_helm_installed) }
it 'does not create a helm record' do
subject.make_externally_installed!
subject.cluster.reload
expect(subject.cluster.application_helm).to be_nil
end
end
context 'helm record exists' do
subject { build(application_name, :installing, cluster: old_helm.cluster) }
it 'does not update helm version' do it 'does not create a helm record' do
subject.make_externally_installed! subject.make_externally_installed!
subject.cluster.application_helm.reload
expect(subject.cluster.application_helm.version).to eq('1.2.3') subject.cluster.reload
end expect(subject.cluster.application_helm).to be_nil
end end
end end
context 'local tiller flag disabled' do context 'helm record exists' do
before do subject { build(application_name, :installing, cluster: old_helm.cluster) }
stub_feature_flags(managed_apps_local_tiller: false)
end
context 'helm record does not exist' do
subject { build(application_name, :installing, :no_helm_installed) }
it 'creates a helm record' do it 'does not update helm version' do
subject.make_externally_installed! subject.make_externally_installed!
subject.cluster.reload
expect(subject.cluster.application_helm).to be_present
expect(subject.cluster.application_helm).to be_persisted
end
end
context 'helm record exists' do
subject { build(application_name, :installing, cluster: old_helm.cluster) }
it 'does not update helm version' do
subject.make_externally_installed!
subject.cluster.application_helm.reload subject.cluster.application_helm.reload
expect(subject.cluster.application_helm.version).to eq('1.2.3') expect(subject.cluster.application_helm.version).to eq('1.2.3')
end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment