Drive creation of a rbac platform_kubernetes off provider#legacy_abac so that...

Drive creation of a rbac platform_kubernetes off provider#legacy_abac so that there is one single source of truth.

app/services/clusters/gcp/finalize_creation_service.rb

@@ -25,7 +25,7 @@ module Clusters
       private
 
       def create_gitlab_service_account!
-        if rbac_clusters_feature_enabled?
+        if create_rbac_cluster?
           Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute
         end
       end
@@ -47,17 +47,17 @@ module Clusters
       end
 
       def request_kubernetes_token
-        service_account_name = rbac_clusters_feature_enabled? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default'
+        service_account_name = create_rbac_cluster? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default'
 
         Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client, service_account_name).execute
       end
 
       def authorization_type
-        rbac_clusters_feature_enabled? ? 'rbac' : 'abac'
+        create_rbac_cluster? ? 'rbac' : 'abac'
       end
 
-      def rbac_clusters_feature_enabled?
-        Feature.enabled?(:rbac_clusters)
+      def create_rbac_cluster?
+        !provider.legacy_abac?
       end
 
       def kube_client

spec/services/clusters/gcp/finalize_creation_service_spec.rb

@@ -28,10 +28,6 @@ describe Clusters::Gcp::FinalizeCreationService do
       end
     end
 
-    before do
-      stub_feature_flags(rbac_clusters: false)
-    end
-
     context 'when suceeded to fetch gke cluster info' do
       let(:endpoint) { '111.111.111.111' }
       let(:api_url) { 'https://' + endpoint }
@@ -85,7 +81,8 @@ describe Clusters::Gcp::FinalizeCreationService do
           let(:secret_name) { 'gitlab-token-Y1a' }
 
           before do
-            stub_feature_flags(rbac_clusters: true)
+            provider.legacy_abac = false
+
             stub_kubeclient_create_service_account(api_url)
             stub_kubeclient_create_cluster_role_binding(api_url)
           end
@@ -118,7 +115,8 @@ describe Clusters::Gcp::FinalizeCreationService do
 
         context 'rbac_clusters feature enabled' do
           before do
-            stub_feature_flags(rbac_clusters: true)
+            provider.legacy_abac = false
+
             stub_kubeclient_create_service_account(api_url)
             stub_kubeclient_create_cluster_role_binding(api_url)
           end
@@ -140,7 +138,8 @@ describe Clusters::Gcp::FinalizeCreationService do
           let(:secret_name) { 'gitlab-token-321' }
 
           before do
-            stub_feature_flags(rbac_clusters: true)
+            provider.legacy_abac = false
+
             stub_kubeclient_create_service_account(api_url)
             stub_kubeclient_create_cluster_role_binding(api_url)
           end
@@ -158,7 +157,8 @@ describe Clusters::Gcp::FinalizeCreationService do
 
         context 'rbac_clusters feature enabled' do
           before do
-            stub_feature_flags(rbac_clusters: true)
+            provider.legacy_abac = false
+
             stub_kubeclient_create_service_account(api_url)
             stub_kubeclient_create_cluster_role_binding(api_url)
           end