Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
e9d05a2c
Commit
e9d05a2c
authored
Sep 27, 2017
by
Shinya Maeda
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add login root. Remove ceration type.
parent
99009334
Changes
12
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
80 additions
and
163 deletions
+80
-163
app/controllers/projects/clusters_controller.rb
app/controllers/projects/clusters_controller.rb
+49
-107
app/models/ci/cluster.rb
app/models/ci/cluster.rb
+0
-5
app/views/projects/clusters/_form.html.haml
app/views/projects/clusters/_form.html.haml
+1
-7
app/views/projects/clusters/_login.html.haml
app/views/projects/clusters/_login.html.haml
+0
-2
app/views/projects/clusters/edit.html.haml
app/views/projects/clusters/edit.html.haml
+2
-5
app/views/projects/clusters/login.html.haml
app/views/projects/clusters/login.html.haml
+6
-0
app/views/projects/clusters/new.html.haml
app/views/projects/clusters/new.html.haml
+3
-4
changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
...em-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
+0
-5
config/routes/project.rb
config/routes/project.rb
+1
-2
db/migrate/20170924094327_create_ci_clusters.rb
db/migrate/20170924094327_create_ci_clusters.rb
+0
-9
db/schema.rb
db/schema.rb
+0
-1
lib/google_api/authentication.rb
lib/google_api/authentication.rb
+18
-16
No files found.
app/controllers/projects/clusters_controller.rb
View file @
e9d05a2c
class
Projects::ClustersController
<
Projects
::
ApplicationController
# before_action :authenticate_google_api
before_action
:cluster
before_action
:authorize_google_api
,
except:
[
:login
]
# before_action :authorize_admin_clusters! # TODO: Authentication
def
login
begin
@authorize_url
=
api_client
.
authorize_url
rescue
GoogleApi
::
Authentication
::
ConfigMissingError
end
end
def
index
if
cluster
redirect_to
action:
'edit'
...
...
@@ -12,97 +18,54 @@ class Projects::ClustersController < Projects::ApplicationController
end
end
##
# TODO:
# - Show form for "Create on Google Container Engine"
# - Show form for "Use existing kubernets cluster"
# - If user has not authroized yet, Show "Sign in with Google" button
# - If user has already authroized, Skip "Sign in with Google" button
# - user.is_authenticated_for_gcp?
# - user.authenticate_for_gcp!
# - Create this module which can be used from view
def
new
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
@authorize_url
=
api_client
.
authorize_url
end
end
##
# TODO:
# - If create on GKE, Use Google::Apis::ContainerV1::ContainerService
# - If create manually, save in db (Prob, Project > Setting)
# - Dry up with Service
# - Transaction
# - Sidekiq
def
create
if
params
[
'creation_type'
]
==
'on_gke'
# Create a cluster on GKE
operation
=
api_client
.
projects_zones_clusters_create
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
],
cluster_size:
params
[
'cluster_size'
],
machine_type:
params
[
'machine_type'
]
)
# wait_operation_done
if
operation
&
.
operation_type
==
'CREATE_CLUSTER'
api_client
.
wait_operation_done
(
operation
.
self_link
)
else
raise
"TODO: ERROR"
end
# Create a cluster on GKE
operation
=
api_client
.
projects_zones_clusters_create
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
],
cluster_size:
params
[
'cluster_size'
],
machine_type:
params
[
'machine_type'
]
)
# wait_operation_done
if
operation
&
.
operation_type
==
'CREATE_CLUSTER'
api_client
.
wait_operation_done
(
operation
.
self_link
)
else
raise
"TODO: ERROR"
end
# Get cluster details (end point, etc)
gke_cluster
=
api_client
.
projects_zones_clusters_get
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
]
# Get cluster details (end point, etc)
gke_cluster
=
api_client
.
projects_zones_clusters_get
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
]
)
# Update service
kubernetes_service
.
attributes
=
service_params
(
active:
true
,
api_url:
gke_cluster
.
endpoint
,
ca_pem:
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
),
namespace:
params
[
'project_namespace'
],
token:
'aaa'
# TODO: username/password
)
# Update service
kubernetes_service
.
attributes
=
service_params
(
active:
true
,
api_url:
gke_cluster
.
endpoint
,
ca_pem:
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
),
namespace:
params
[
'project_namespace'
],
token:
'aaa'
# TODO: username/password
)
kubernetes_service
.
save!
# Save info
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
gcp_project_id:
params
[
'gcp_project_id'
],
cluster_zone:
params
[
'cluster_zone'
],
cluster_name:
params
[
'cluster_name'
],
service:
kubernetes_service
)
elsif
params
[
'creation_type'
]
==
'manual'
# TODO: Transaction
project
.
kubernetes_service
.
save
(
end_point:
params
[
'end_point'
],
ca_cert:
params
[
'ca_cert'
],
token:
params
[
'token'
],
username:
params
[
'username'
],
password:
params
[
'password'
],
project_namespace:
params
[
'project_namespace'
]
)
kubernetes_service
.
save!
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
kubernetes_service:
project
.
kubernetes_service
)
end
# Save info
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
gcp_project_id:
params
[
'gcp_project_id'
],
cluster_zone:
params
[
'cluster_zone'
],
cluster_name:
params
[
'cluster_name'
],
service:
kubernetes_service
)
redirect_to
action:
'index'
end
# TODO: Show results/status. Edits Swtich for enable/disable.
# If created with GKE, non-editable form. enable/disable switch.
# If created manually, editable form. enable/disable switch.
# GKE params are on-off swtich
# Manul params are on-off swtich, Endpoint, CACert, k8s Token, Proj namespace.
def
edit
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
@authorize_url
=
api_client
.
authorize_url
render
:edit
end
# TODO: If on, do we override parameter?
# TODO: If off, do we override parameter?
end
def
update
...
...
@@ -110,40 +73,13 @@ class Projects::ClustersController < Projects::ApplicationController
render
:edit
end
# In presenter
# TODO: Generate a link to the cluster on GKE
def
gcp_projects
# api_client.blah
# TODO: Return all avaiable GCP Projects.
# TODO: Return json
# TODO: Dry with concern
end
def
gke_zones
# api_client.blah
# TODO: Return all avaiable zones on GKE.
# TODO: Return json
# TODO: Dry with concern
end
private
# def authenticate_google_api
# if cluster&.on_gke? && session[access_token_key].blank?
# redirect_to api_client.authorize_url(callback_import_url)
# end
# end
def
cluster
# Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters
@cluster
||=
project
.
clusters
.
last
end
# def cluster_params
# params.require(:cluster).permit(:aaa)
# end
def
api_client
@api_client
||=
GoogleApi
::
CloudPlatform
::
Client
.
new
(
...
...
@@ -166,4 +102,10 @@ class Projects::ClustersController < Projects::ApplicationController
token:
token
}
end
def
authorize_google_api
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
redirect_to
action:
'login'
end
end
end
app/models/ci/cluster.rb
View file @
e9d05a2c
...
...
@@ -6,10 +6,5 @@ module Ci
belongs_to
:owner
,
class_name:
'User'
belongs_to
:service
enum
creation_type:
{
unknown:
nil
,
on_gke:
1
,
manual:
2
}
end
end
app/views/projects/clusters/_form.html.haml
View file @
e9d05a2c
Create a new cluster
%br
Avaiable GCP project lists
%br
Avaiable zones
%br
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
creation_type:
'on_gke'
,
cluster_name:
"gke-test-creation
#{
Random
.
rand
(
100
)
}
"
,
gcp_project_id:
'xxx'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
%br
=
link_to
"Use existing kubernets cluster"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
creation_type:
'manual'
,
end_point:
'xxx.xxx.xxx.xxx'
,
ca_cert:
'xxx...xxx'
,
token:
'xxx'
,
project_namespace:
'aaa'
),
method: :post
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
cluster_name:
"gke-test-creation
#{
Random
.
rand
(
100
)
}
"
,
gcp_project_id:
'gitlab-internal-153318'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
app/views/projects/clusters/_login.html.haml
deleted
100644 → 0
View file @
99009334
Login
%p
=
link_to
(
"authenticate from here"
,
@authorize_url
)
app/views/projects/clusters/edit.html.haml
View file @
e9d05a2c
edit/show cluster
-
if
@authorize_url
=
render
"login"
-
else
=
@cluster
.
inspect
\ No newline at end of file
%br
=
@cluster
.
inspect
app/views/projects/clusters/login.html.haml
0 → 100644
View file @
e9d05a2c
Login
%br
-
if
@authorize_url
=
link_to
(
"authenticate from here"
,
@authorize_url
)
-
else
You have not configrued GitLab properly. So we can not proceed authentication. Please check if you have set up omniauth->providers->google_oauth2 in gitlab.yml
app/views/projects/clusters/new.html.haml
View file @
e9d05a2c
-
if
@authorize_url
=
render
"login"
-
else
=
render
"form"
Create a cluster
%br
=
render
"form"
changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
deleted
100644 → 0
View file @
99009334
---
title
:
Bump google-api-client Gem from 0.8.6 to 0.13.6
merge_request
:
author
:
type
:
other
config/routes/project.rb
View file @
e9d05a2c
...
...
@@ -185,8 +185,7 @@ constraints(ProjectUrlConstrainer.new) do
resources
:clusters
,
except:
[
:edit
,
:show
,
:destroy
]
do
collection
do
get
:gcp_projects
# TODO: This doesn't belong here. Grape or under user. Hint. Serilizer
get
:gke_zones
get
:login
get
:edit
end
end
...
...
db/migrate/20170924094327_create_ci_clusters.rb
View file @
e9d05a2c
...
...
@@ -9,7 +9,6 @@ class CreateCiClusters < ActiveRecord::Migration
# General
t
.
boolean
:enabled
,
default:
true
t
.
integer
:creation_type
# manual or on_gke
# k8s integration specific
t
.
string
:project_namespace
...
...
@@ -30,14 +29,6 @@ class CreateCiClusters < ActiveRecord::Migration
t
.
datetime_with_timezone
:updated_at
,
null:
false
end
# create_table :ci_gke_clusters do |t|
# t.integer :ci_cluster_id
# t.string :gcp_project_id
# t.string :cluster_zone
# t.string :cluster_name
# end
# add_foreign_key :ci_gke_clusters, :ci_clusters
# TODO: fk, index, encypt
add_foreign_key
:ci_clusters
,
:projects
...
...
db/schema.rb
View file @
e9d05a2c
...
...
@@ -272,7 +272,6 @@ ActiveRecord::Schema.define(version: 20170924094327) do
t
.
integer
"owner_id"
t
.
integer
"service_id"
t
.
boolean
"enabled"
,
default:
true
t
.
integer
"creation_type"
t
.
string
"project_namespace"
t
.
string
"end_point"
t
.
text
"ca_cert"
...
...
lib/google_api/authentication.rb
View file @
e9d05a2c
...
...
@@ -2,28 +2,14 @@ module GoogleApi
class
Authentication
attr_reader
:access_token
,
:redirect_uri
,
:state
ConfigMissingError
=
Class
.
new
(
StandardError
)
def
initialize
(
access_token
,
redirect_uri
,
state:
nil
)
@access_token
=
access_token
@redirect_uri
=
redirect_uri
@state
=
state
end
def
client
return
@client
if
defined?
(
@client
)
unless
config
raise
'OAuth configuration for google_oauth2 missing.'
end
@client
=
::
OAuth2
::
Client
.
new
(
config
.
app_id
,
config
.
app_secret
,
site:
'https://accounts.google.com'
,
token_url:
'/o/oauth2/token'
,
authorize_url:
'/o/oauth2/auth'
)
end
def
authorize_url
client
.
auth_code
.
authorize_url
(
redirect_uri:
redirect_uri
,
...
...
@@ -47,5 +33,21 @@ module GoogleApi
def
config
Gitlab
.
config
.
omniauth
.
providers
.
find
{
|
provider
|
provider
.
name
==
"google_oauth2"
}
end
def
client
return
@client
if
defined?
(
@client
)
unless
config
raise
ConfigMissingError
end
@client
=
::
OAuth2
::
Client
.
new
(
config
.
app_id
,
config
.
app_secret
,
site:
'https://accounts.google.com'
,
token_url:
'/o/oauth2/token'
,
authorize_url:
'/o/oauth2/auth'
)
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment