Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
47cb5a26
Commit
47cb5a26
authored
Dec 13, 2018
by
Chris Baumbauer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Require Knative to be installed only on an RBAC kubernetes cluster
parent
b97b85c3
Changes
12
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
89 additions
and
3 deletions
+89
-3
app/assets/javascripts/clusters/clusters_bundle.js
app/assets/javascripts/clusters/clusters_bundle.js
+3
-0
app/assets/javascripts/clusters/components/applications.vue
app/assets/javascripts/clusters/components/applications.vue
+18
-1
app/assets/javascripts/clusters/stores/clusters_store.js
app/assets/javascripts/clusters/stores/clusters_store.js
+6
-0
app/models/clusters/applications/knative.rb
app/models/clusters/applications/knative.rb
+11
-0
app/views/clusters/clusters/show.html.haml
app/views/clusters/clusters/show.html.haml
+1
-0
changelogs/unreleased/knative-rbac-check.yml
changelogs/unreleased/knative-rbac-check.yml
+5
-0
locale/gitlab.pot
locale/gitlab.pot
+3
-0
spec/factories/clusters/clusters.rb
spec/factories/clusters/clusters.rb
+4
-0
spec/factories/clusters/platforms/kubernetes.rb
spec/factories/clusters/platforms/kubernetes.rb
+2
-2
spec/features/projects/clusters/applications_spec.rb
spec/features/projects/clusters/applications_spec.rb
+28
-0
spec/javascripts/clusters/stores/clusters_store_spec.js
spec/javascripts/clusters/stores/clusters_store_spec.js
+1
-0
spec/models/clusters/applications/knative_spec.rb
spec/models/clusters/applications/knative_spec.rb
+7
-0
No files found.
app/assets/javascripts/clusters/clusters_bundle.js
View file @
47cb5a26
...
@@ -32,6 +32,7 @@ export default class Clusters {
...
@@ -32,6 +32,7 @@ export default class Clusters {
installKnativePath
,
installKnativePath
,
installPrometheusPath
,
installPrometheusPath
,
managePrometheusPath
,
managePrometheusPath
,
hasRbac
,
clusterType
,
clusterType
,
clusterStatus
,
clusterStatus
,
clusterStatusReason
,
clusterStatusReason
,
...
@@ -45,6 +46,7 @@ export default class Clusters {
...
@@ -45,6 +46,7 @@ export default class Clusters {
this
.
store
.
setManagePrometheusPath
(
managePrometheusPath
);
this
.
store
.
setManagePrometheusPath
(
managePrometheusPath
);
this
.
store
.
updateStatus
(
clusterStatus
);
this
.
store
.
updateStatus
(
clusterStatus
);
this
.
store
.
updateStatusReason
(
clusterStatusReason
);
this
.
store
.
updateStatusReason
(
clusterStatusReason
);
this
.
store
.
updateRbac
(
hasRbac
);
this
.
service
=
new
ClustersService
({
this
.
service
=
new
ClustersService
({
endpoint
:
statusPath
,
endpoint
:
statusPath
,
installHelmEndpoint
:
installHelmPath
,
installHelmEndpoint
:
installHelmPath
,
...
@@ -102,6 +104,7 @@ export default class Clusters {
...
@@ -102,6 +104,7 @@ export default class Clusters {
ingressHelpPath
:
this
.
state
.
ingressHelpPath
,
ingressHelpPath
:
this
.
state
.
ingressHelpPath
,
managePrometheusPath
:
this
.
state
.
managePrometheusPath
,
managePrometheusPath
:
this
.
state
.
managePrometheusPath
,
ingressDnsHelpPath
:
this
.
state
.
ingressDnsHelpPath
,
ingressDnsHelpPath
:
this
.
state
.
ingressDnsHelpPath
,
rbac
:
this
.
state
.
rbac
,
},
},
});
});
},
},
...
...
app/assets/javascripts/clusters/components/applications.vue
View file @
47cb5a26
...
@@ -52,6 +52,11 @@ export default {
...
@@ -52,6 +52,11 @@ export default {
required
:
false
,
required
:
false
,
default
:
''
,
default
:
''
,
},
},
rbac
:
{
type
:
Boolean
,
required
:
false
,
default
:
false
,
},
},
},
data
:
()
=>
({
data
:
()
=>
({
elasticsearchLogo
,
elasticsearchLogo
,
...
@@ -442,6 +447,18 @@ export default {
...
@@ -442,6 +447,18 @@ export default {
title-link=
"https://github.com/knative/docs"
title-link=
"https://github.com/knative/docs"
>
>
<div
slot=
"description"
>
<div
slot=
"description"
>
<span
v-if=
"!rbac"
>
<p
v-if=
"!rbac"
class=
"bs-callout bs-callout-info append-bottom-0"
>
{{
s__(`ClusterIntegration|You must have an RBAC-enabled cluster
to install Knative.`)
}}
<a
:href=
"helpPath"
target=
"_blank"
rel=
"noopener noreferrer"
>
{{ __('More information') }}
</a>
</p>
<br
/>
</span>
<p>
<p>
{{
{{
s__(`ClusterIntegration|Knative extends Kubernetes to provide
s__(`ClusterIntegration|Knative extends Kubernetes to provide
...
@@ -465,7 +482,7 @@ export default {
...
@@ -465,7 +482,7 @@ export default {
/>
/>
</div>
</div>
</
template
>
</
template
>
<
template
v-else-if=
"helmInstalled"
>
<
template
v-else-if=
"helmInstalled
&& rbac
"
>
<div
class=
"form-group"
>
<div
class=
"form-group"
>
<label
for=
"knative-domainname"
>
<label
for=
"knative-domainname"
>
{{
s__
(
'
ClusterIntegration|Knative Domain Name:
'
)
}}
{{
s__
(
'
ClusterIntegration|Knative Domain Name:
'
)
}}
...
...
app/assets/javascripts/clusters/stores/clusters_store.js
View file @
47cb5a26
import
{
s__
}
from
'
../../locale
'
;
import
{
s__
}
from
'
../../locale
'
;
import
{
parseBoolean
}
from
'
../../lib/utils/common_utils
'
;
import
{
INGRESS
,
JUPYTER
,
KNATIVE
,
CERT_MANAGER
}
from
'
../constants
'
;
import
{
INGRESS
,
JUPYTER
,
KNATIVE
,
CERT_MANAGER
}
from
'
../constants
'
;
export
default
class
ClusterStore
{
export
default
class
ClusterStore
{
...
@@ -7,6 +8,7 @@ export default class ClusterStore {
...
@@ -7,6 +8,7 @@ export default class ClusterStore {
helpPath
:
null
,
helpPath
:
null
,
ingressHelpPath
:
null
,
ingressHelpPath
:
null
,
status
:
null
,
status
:
null
,
rbac
:
false
,
statusReason
:
null
,
statusReason
:
null
,
applications
:
{
applications
:
{
helm
:
{
helm
:
{
...
@@ -81,6 +83,10 @@ export default class ClusterStore {
...
@@ -81,6 +83,10 @@ export default class ClusterStore {
this
.
state
.
status
=
status
;
this
.
state
.
status
=
status
;
}
}
updateRbac
(
rbac
)
{
this
.
state
.
rbac
=
parseBoolean
(
rbac
);
}
updateStatusReason
(
reason
)
{
updateStatusReason
(
reason
)
{
this
.
state
.
statusReason
=
reason
;
this
.
state
.
statusReason
=
reason
;
}
}
...
...
app/models/clusters/applications/knative.rb
View file @
47cb5a26
...
@@ -19,6 +19,13 @@ module Clusters
...
@@ -19,6 +19,13 @@ module Clusters
self
.
reactive_cache_key
=
->
(
knative
)
{
[
knative
.
class
.
model_name
.
singular
,
knative
.
id
]
}
self
.
reactive_cache_key
=
->
(
knative
)
{
[
knative
.
class
.
model_name
.
singular
,
knative
.
id
]
}
def
set_initial_status
return
unless
not_installable?
return
unless
verify_cluster?
self
.
status
=
'installable'
end
state_machine
:status
do
state_machine
:status
do
after_transition
any
=>
[
:installed
]
do
|
application
|
after_transition
any
=>
[
:installed
]
do
|
application
|
application
.
run_after_commit
do
application
.
run_after_commit
do
...
@@ -99,6 +106,10 @@ module Clusters
...
@@ -99,6 +106,10 @@ module Clusters
def
install_knative_metrics
def
install_knative_metrics
[
"kubectl apply -f
#{
METRICS_CONFIG
}
"
]
if
cluster
.
application_prometheus_available?
[
"kubectl apply -f
#{
METRICS_CONFIG
}
"
]
if
cluster
.
application_prometheus_available?
end
end
def
verify_cluster?
cluster
&
.
application_helm_available?
&&
cluster
&
.
platform_kubernetes_rbac?
end
end
end
end
end
end
end
app/views/clusters/clusters/show.html.haml
View file @
47cb5a26
...
@@ -16,6 +16,7 @@
...
@@ -16,6 +16,7 @@
install_jupyter_path:
clusterable
.
install_applications_cluster_path
(
@cluster
,
:jupyter
),
install_jupyter_path:
clusterable
.
install_applications_cluster_path
(
@cluster
,
:jupyter
),
install_knative_path:
clusterable
.
install_applications_cluster_path
(
@cluster
,
:knative
),
install_knative_path:
clusterable
.
install_applications_cluster_path
(
@cluster
,
:knative
),
toggle_status:
@cluster
.
enabled?
?
'true'
:
'false'
,
toggle_status:
@cluster
.
enabled?
?
'true'
:
'false'
,
has_rbac:
@cluster
.
platform_kubernetes_rbac?
?
'true'
:
'false'
,
cluster_type:
@cluster
.
cluster_type
,
cluster_type:
@cluster
.
cluster_type
,
cluster_status:
@cluster
.
status_name
,
cluster_status:
@cluster
.
status_name
,
cluster_status_reason:
@cluster
.
status_reason
,
cluster_status_reason:
@cluster
.
status_reason
,
...
...
changelogs/unreleased/knative-rbac-check.yml
0 → 100644
View file @
47cb5a26
---
title
:
Require Knative to be installed only on an RBAC kubernetes cluster
merge_request
:
23807
author
:
Chris Baumbauer
type
:
changed
locale/gitlab.pot
View file @
47cb5a26
...
@@ -1842,6 +1842,9 @@ msgstr ""
...
@@ -1842,6 +1842,9 @@ msgstr ""
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgstr ""
msgstr ""
msgid "ClusterIntegration|You must have an RBAC-enabled cluster to install Knative."
msgstr ""
msgid "ClusterIntegration|Your account must have %{link_to_kubernetes_engine}"
msgid "ClusterIntegration|Your account must have %{link_to_kubernetes_engine}"
msgstr ""
msgstr ""
...
...
spec/factories/clusters/clusters.rb
View file @
47cb5a26
...
@@ -44,6 +44,10 @@ FactoryBot.define do
...
@@ -44,6 +44,10 @@ FactoryBot.define do
provider_gcp
factory:
[
:cluster_provider_gcp
,
:creating
]
provider_gcp
factory:
[
:cluster_provider_gcp
,
:creating
]
end
end
trait
:rbac_disabled
do
platform_kubernetes
factory:
[
:cluster_platform_kubernetes
,
:configured
,
:rbac_disabled
]
end
trait
:disabled
do
trait
:disabled
do
enabled
false
enabled
false
end
end
...
...
spec/factories/clusters/platforms/kubernetes.rb
View file @
47cb5a26
...
@@ -16,8 +16,8 @@ FactoryBot.define do
...
@@ -16,8 +16,8 @@ FactoryBot.define do
end
end
end
end
trait
:rbac_
en
abled
do
trait
:rbac_
dis
abled
do
authorization_type
:
r
bac
authorization_type
:
a
bac
end
end
end
end
end
end
spec/features/projects/clusters/applications_spec.rb
View file @
47cb5a26
...
@@ -70,6 +70,34 @@ describe 'Clusters Applications', :js do
...
@@ -70,6 +70,34 @@ describe 'Clusters Applications', :js do
end
end
end
end
context
'when user installs Knative'
do
before
do
create
(
:clusters_applications_helm
,
:installed
,
cluster:
cluster
)
end
context
'on an abac cluster'
do
let
(
:cluster
)
{
create
(
:cluster
,
:provided_by_gcp
,
:rbac_disabled
,
projects:
[
project
])}
it
'should show info block and not be installable'
do
page
.
within
(
'.js-cluster-application-row-knative'
)
do
expect
(
page
).
to
have_css
(
'.bs-callout-info'
)
expect
(
page
.
find
(
:css
,
'.js-cluster-application-install-button'
)[
'disabled'
]).
to
eq
(
'true'
)
end
end
end
context
'on an rbac cluster'
do
let
(
:cluster
)
{
create
(
:cluster
,
:provided_by_gcp
,
projects:
[
project
])}
it
'should not show callout block and be installable'
do
page
.
within
(
'.js-cluster-application-row-knative'
)
do
expect
(
page
).
not_to
have_css
(
'.bs-callout-info'
)
expect
(
page
).
to
have_css
(
'.js-cluster-application-install-button:not([disabled])'
)
end
end
end
end
context
'when user installs Cert Manager'
do
context
'when user installs Cert Manager'
do
before
do
before
do
allow
(
ClusterInstallAppWorker
).
to
receive
(
:perform_async
)
allow
(
ClusterInstallAppWorker
).
to
receive
(
:perform_async
)
...
...
spec/javascripts/clusters/stores/clusters_store_spec.js
View file @
47cb5a26
...
@@ -62,6 +62,7 @@ describe('Clusters Store', () => {
...
@@ -62,6 +62,7 @@ describe('Clusters Store', () => {
ingressHelpPath
:
null
,
ingressHelpPath
:
null
,
status
:
mockResponseData
.
status
,
status
:
mockResponseData
.
status
,
statusReason
:
mockResponseData
.
status_reason
,
statusReason
:
mockResponseData
.
status_reason
,
rbac
:
false
,
applications
:
{
applications
:
{
helm
:
{
helm
:
{
title
:
'
Helm Tiller
'
,
title
:
'
Helm Tiller
'
,
...
...
spec/models/clusters/applications/knative_spec.rb
View file @
47cb5a26
...
@@ -15,6 +15,13 @@ describe Clusters::Applications::Knative do
...
@@ -15,6 +15,13 @@ describe Clusters::Applications::Knative do
allow
(
ClusterWaitForIngressIpAddressWorker
).
to
receive
(
:perform_async
)
allow
(
ClusterWaitForIngressIpAddressWorker
).
to
receive
(
:perform_async
)
end
end
describe
'when rbac is not enabled'
do
let
(
:cluster
)
{
create
(
:cluster
,
:provided_by_gcp
,
:rbac_disabled
)
}
let
(
:knative_no_rbac
)
{
create
(
:clusters_applications_knative
,
cluster:
cluster
)
}
it
{
expect
(
knative_no_rbac
).
to
be_not_installable
}
end
describe
'.installed'
do
describe
'.installed'
do
subject
{
described_class
.
installed
}
subject
{
described_class
.
installed
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment