Commit ec1f20a2 authored by GitLab Bot's avatar GitLab Bot

Automatic merge of gitlab-org/gitlab-ce master

parents 235e49c8 006da56c
...@@ -32,6 +32,7 @@ export default class Clusters { ...@@ -32,6 +32,7 @@ export default class Clusters {
installKnativePath, installKnativePath,
installPrometheusPath, installPrometheusPath,
managePrometheusPath, managePrometheusPath,
hasRbac,
clusterType, clusterType,
clusterStatus, clusterStatus,
clusterStatusReason, clusterStatusReason,
...@@ -45,6 +46,7 @@ export default class Clusters { ...@@ -45,6 +46,7 @@ export default class Clusters {
this.store.setManagePrometheusPath(managePrometheusPath); this.store.setManagePrometheusPath(managePrometheusPath);
this.store.updateStatus(clusterStatus); this.store.updateStatus(clusterStatus);
this.store.updateStatusReason(clusterStatusReason); this.store.updateStatusReason(clusterStatusReason);
this.store.updateRbac(hasRbac);
this.service = new ClustersService({ this.service = new ClustersService({
endpoint: statusPath, endpoint: statusPath,
installHelmEndpoint: installHelmPath, installHelmEndpoint: installHelmPath,
...@@ -102,6 +104,7 @@ export default class Clusters { ...@@ -102,6 +104,7 @@ export default class Clusters {
ingressHelpPath: this.state.ingressHelpPath, ingressHelpPath: this.state.ingressHelpPath,
managePrometheusPath: this.state.managePrometheusPath, managePrometheusPath: this.state.managePrometheusPath,
ingressDnsHelpPath: this.state.ingressDnsHelpPath, ingressDnsHelpPath: this.state.ingressDnsHelpPath,
rbac: this.state.rbac,
}, },
}); });
}, },
......
...@@ -52,6 +52,11 @@ export default { ...@@ -52,6 +52,11 @@ export default {
required: false, required: false,
default: '', default: '',
}, },
rbac: {
type: Boolean,
required: false,
default: false,
},
}, },
data: () => ({ data: () => ({
elasticsearchLogo, elasticsearchLogo,
...@@ -442,6 +447,18 @@ export default { ...@@ -442,6 +447,18 @@ export default {
title-link="https://github.com/knative/docs" title-link="https://github.com/knative/docs"
> >
<div slot="description"> <div slot="description">
<span v-if="!rbac">
<p v-if="!rbac" class="bs-callout bs-callout-info append-bottom-0">
{{
s__(`ClusterIntegration|You must have an RBAC-enabled cluster
to install Knative.`)
}}
<a :href="helpPath" target="_blank" rel="noopener noreferrer">
{{ __('More information') }}
</a>
</p>
<br />
</span>
<p> <p>
{{ {{
s__(`ClusterIntegration|Knative extends Kubernetes to provide s__(`ClusterIntegration|Knative extends Kubernetes to provide
...@@ -465,7 +482,7 @@ export default { ...@@ -465,7 +482,7 @@ export default {
/> />
</div> </div>
</template> </template>
<template v-else-if="helmInstalled"> <template v-else-if="helmInstalled && rbac">
<div class="form-group"> <div class="form-group">
<label for="knative-domainname"> <label for="knative-domainname">
{{ s__('ClusterIntegration|Knative Domain Name:') }} {{ s__('ClusterIntegration|Knative Domain Name:') }}
......
import { s__ } from '../../locale'; import { s__ } from '../../locale';
import { parseBoolean } from '../../lib/utils/common_utils';
import { INGRESS, JUPYTER, KNATIVE, CERT_MANAGER } from '../constants'; import { INGRESS, JUPYTER, KNATIVE, CERT_MANAGER } from '../constants';
export default class ClusterStore { export default class ClusterStore {
...@@ -7,6 +8,7 @@ export default class ClusterStore { ...@@ -7,6 +8,7 @@ export default class ClusterStore {
helpPath: null, helpPath: null,
ingressHelpPath: null, ingressHelpPath: null,
status: null, status: null,
rbac: false,
statusReason: null, statusReason: null,
applications: { applications: {
helm: { helm: {
...@@ -81,6 +83,10 @@ export default class ClusterStore { ...@@ -81,6 +83,10 @@ export default class ClusterStore {
this.state.status = status; this.state.status = status;
} }
updateRbac(rbac) {
this.state.rbac = parseBoolean(rbac);
}
updateStatusReason(reason) { updateStatusReason(reason) {
this.state.statusReason = reason; this.state.statusReason = reason;
} }
......
...@@ -19,6 +19,13 @@ module Clusters ...@@ -19,6 +19,13 @@ module Clusters
self.reactive_cache_key = ->(knative) { [knative.class.model_name.singular, knative.id] } self.reactive_cache_key = ->(knative) { [knative.class.model_name.singular, knative.id] }
def set_initial_status
return unless not_installable?
return unless verify_cluster?
self.status = 'installable'
end
state_machine :status do state_machine :status do
after_transition any => [:installed] do |application| after_transition any => [:installed] do |application|
application.run_after_commit do application.run_after_commit do
...@@ -99,6 +106,10 @@ module Clusters ...@@ -99,6 +106,10 @@ module Clusters
def install_knative_metrics def install_knative_metrics
["kubectl apply -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available? ["kubectl apply -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available?
end end
def verify_cluster?
cluster&.application_helm_available? && cluster&.platform_kubernetes_rbac?
end
end end
end end
end end
...@@ -16,6 +16,7 @@ ...@@ -16,6 +16,7 @@
install_jupyter_path: clusterable.install_applications_cluster_path(@cluster, :jupyter), install_jupyter_path: clusterable.install_applications_cluster_path(@cluster, :jupyter),
install_knative_path: clusterable.install_applications_cluster_path(@cluster, :knative), install_knative_path: clusterable.install_applications_cluster_path(@cluster, :knative),
toggle_status: @cluster.enabled? ? 'true': 'false', toggle_status: @cluster.enabled? ? 'true': 'false',
has_rbac: @cluster.platform_kubernetes_rbac? ? 'true': 'false',
cluster_type: @cluster.cluster_type, cluster_type: @cluster.cluster_type,
cluster_status: @cluster.status_name, cluster_status: @cluster.status_name,
cluster_status_reason: @cluster.status_reason, cluster_status_reason: @cluster.status_reason,
......
---
title: Require Knative to be installed only on an RBAC kubernetes cluster
merge_request: 23807
author: Chris Baumbauer
type: changed
...@@ -2213,6 +2213,9 @@ msgstr "" ...@@ -2213,6 +2213,9 @@ msgstr ""
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below" msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgstr "" msgstr ""
msgid "ClusterIntegration|You must have an RBAC-enabled cluster to install Knative."
msgstr ""
msgid "ClusterIntegration|Your account must have %{link_to_kubernetes_engine}" msgid "ClusterIntegration|Your account must have %{link_to_kubernetes_engine}"
msgstr "" msgstr ""
......
...@@ -44,6 +44,10 @@ FactoryBot.define do ...@@ -44,6 +44,10 @@ FactoryBot.define do
provider_gcp factory: [:cluster_provider_gcp, :creating] provider_gcp factory: [:cluster_provider_gcp, :creating]
end end
trait :rbac_disabled do
platform_kubernetes factory: [:cluster_platform_kubernetes, :configured, :rbac_disabled]
end
trait :disabled do trait :disabled do
enabled false enabled false
end end
......
...@@ -16,8 +16,8 @@ FactoryBot.define do ...@@ -16,8 +16,8 @@ FactoryBot.define do
end end
end end
trait :rbac_enabled do trait :rbac_disabled do
authorization_type :rbac authorization_type :abac
end end
end end
end end
...@@ -70,6 +70,34 @@ describe 'Clusters Applications', :js do ...@@ -70,6 +70,34 @@ describe 'Clusters Applications', :js do
end end
end end
context 'when user installs Knative' do
before do
create(:clusters_applications_helm, :installed, cluster: cluster)
end
context 'on an abac cluster' do
let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled, projects: [project])}
it 'should show info block and not be installable' do
page.within('.js-cluster-application-row-knative') do
expect(page).to have_css('.bs-callout-info')
expect(page.find(:css, '.js-cluster-application-install-button')['disabled']).to eq('true')
end
end
end
context 'on an rbac cluster' do
let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project])}
it 'should not show callout block and be installable' do
page.within('.js-cluster-application-row-knative') do
expect(page).not_to have_css('.bs-callout-info')
expect(page).to have_css('.js-cluster-application-install-button:not([disabled])')
end
end
end
end
context 'when user installs Cert Manager' do context 'when user installs Cert Manager' do
before do before do
allow(ClusterInstallAppWorker).to receive(:perform_async) allow(ClusterInstallAppWorker).to receive(:perform_async)
......
...@@ -62,6 +62,7 @@ describe('Clusters Store', () => { ...@@ -62,6 +62,7 @@ describe('Clusters Store', () => {
ingressHelpPath: null, ingressHelpPath: null,
status: mockResponseData.status, status: mockResponseData.status,
statusReason: mockResponseData.status_reason, statusReason: mockResponseData.status_reason,
rbac: false,
applications: { applications: {
helm: { helm: {
title: 'Helm Tiller', title: 'Helm Tiller',
......
...@@ -15,6 +15,13 @@ describe Clusters::Applications::Knative do ...@@ -15,6 +15,13 @@ describe Clusters::Applications::Knative do
allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async) allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async)
end end
describe 'when rbac is not enabled' do
let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled) }
let(:knative_no_rbac) { create(:clusters_applications_knative, cluster: cluster) }
it { expect(knative_no_rbac).to be_not_installable }
end
describe '.installed' do describe '.installed' do
subject { described_class.installed } subject { described_class.installed }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment