Add oauth reference to jupyter cluster app

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

app/controllers/projects/clusters/applications_controller.rb

@@ -6,7 +6,15 @@ class Projects::Clusters::ApplicationsController < Projects::ApplicationControll
 
   def create
     application = @application_class.find_or_create_by!(cluster: @cluster)
-    application.update(hostname: params[:hostname]) if application.respond_to?(:hostname)
+
+    if application.respond_to?(:hostname)
+      application.update(hostname: params[:hostname])
+    end
+
+    if application.respond_to?(:oauth_application)
+      application.oauth_application = create_oauth_application(application)
+      application.save
+    end
 
     Clusters::Applications::ScheduleInstallationService.new(project, current_user).execute(application)
 
@@ -24,4 +32,15 @@ class Projects::Clusters::ApplicationsController < Projects::ApplicationControll
   def application_class
     @application_class ||= Clusters::Cluster::APPLICATIONS[params[:application]] || render_404
   end
+
+  def create_oauth_application(application)
+    oauth_application_params = {
+      name: params[:application],
+      redirect_uri: application.callback_url,
+      scopes: 'api read_user openid',
+      owner: current_user
+    }
+
+    Applications::CreateService.new(current_user, oauth_application_params).execute
+  end
 end

app/models/clusters/applications/jupyter.rb

@@ -9,6 +9,8 @@ module Clusters
       include ::Clusters::Concerns::ApplicationStatus
       include ::Clusters::Concerns::ApplicationData
 
+      belongs_to :oauth_application, class_name: 'Doorkeeper::Application'
+
       default_value_for :version, VERSION
 
       def chart
@@ -32,16 +34,40 @@ module Clusters
         )
       end
 
+      def callback_url
+        "http://#{hostname}/hub/oauth_callback"
+      end
+
       private
 
       def specification
         {
-          "ingress" => { "hosts" => [hostname] },
-          "hub" => { "cookieSecret" => SecureRandom.hex(32) },
-          "proxy" => { "secretToken" => SecureRandom.hex(32) }
+          "ingress" => {
+            "hosts" => [hostname]
+          },
+          "hub" => {
+            "extraEnv" => {
+              "GITLAB_HOST" => gitlab_url
+            },
+            "cookieSecret" => SecureRandom.hex(32)
+          },
+          "proxy" => {
+            "secretToken" => SecureRandom.hex(32)
+          },
+          "auth" => {
+            "gitlab" => {
+              "clientId" => oauth_application.uid,
+              "clientSecret" => oauth_application.secret,
+              "callbackUrl" => callback_url
+            }
+          }
         }
       end
 
+      def gitlab_url
+        Gitlab.config.gitlab.url
+      end
+
       def content_values
         YAML.load_file(chart_values_file).deep_merge!(specification)
       end

db/migrate/20180511131058_create_clusters_applications_jupyter.rb

@@ -9,6 +9,7 @@ class CreateClustersApplicationsJupyter < ActiveRecord::Migration
   def change
     create_table :clusters_applications_jupyters do |t|
       t.references :cluster, null: false, unique: true, foreign_key: { on_delete: :cascade }
+      t.references :oauth_application
 
       t.integer :status, null: false
       t.string :version, null: false

db/schema.rb

@@ -637,6 +637,7 @@ ActiveRecord::Schema.define(version: 20180521171529) do
 
   create_table "clusters_applications_jupyters", force: :cascade do |t|
     t.integer "cluster_id", null: false
+    t.integer "oauth_application_id"
     t.integer "status", null: false
     t.string "version", null: false
     t.string "hostname"

vendor/jupyter/values.yaml

@@ -7,6 +7,9 @@ hub:
   extraConfig: |
     c.KubeSpawner.cmd = ['jupyter-labhub']
 
+auth:
+  type: gitlab
+
 singleuser:
   defaultUrl: "/lab"