Merge branch 'remove-local-tiller-feature-flag' into 'master'

Remove feature flag managed_apps_local_tiller

See merge request gitlab-org/gitlab!37641

app/assets/javascripts/clusters/components/applications.vue

 <script>
-import helmInstallIllustration from '@gitlab/svgs/dist/illustrations/kubernetes-installation.svg';
 import { GlLoadingIcon, GlSprintf, GlLink } from '@gitlab/ui';
 import gitlabLogo from 'images/cluster_app_logos/gitlab.png';
-import helmLogo from 'images/cluster_app_logos/helm.png';
 import jupyterhubLogo from 'images/cluster_app_logos/jupyterhub.png';
 import kubernetesLogo from 'images/cluster_app_logos/kubernetes.png';
 import certManagerLogo from 'images/cluster_app_logos/cert_manager.png';
@@ -95,16 +93,6 @@ export default {
     },
   },
   computed: {
-    managedAppsLocalTillerEnabled() {
-      return Boolean(gon.features?.managedAppsLocalTiller);
-    },
-    helmInstalled() {
-      return (
-        this.managedAppsLocalTillerEnabled ||
-        this.applications.helm.status === APPLICATION_STATUS.INSTALLED ||
-        this.applications.helm.status === APPLICATION_STATUS.UPDATED
-      );
-    },
     ingressId() {
       return INGRESS;
     },
@@ -162,7 +150,6 @@ export default {
   },
   logos: {
     gitlabLogo,
-    helmLogo,
     jupyterhubLogo,
     kubernetesLogo,
     certManagerLogo,
@@ -172,7 +159,6 @@ export default {
     elasticStackLogo,
     fluentdLogo,
   },
-  helmInstallIllustration,
 };
 </script>
 
@@ -180,46 +166,12 @@ export default {
   <section id="cluster-applications">
     <p class="gl-mb-0">
       {{
-        s__(`ClusterIntegration|Choose which applications to install on your Kubernetes cluster.
-            Helm Tiller is required to install any of the following applications.`)
+        s__(`ClusterIntegration|Choose which applications to install on your Kubernetes cluster.`)
       }}
       <gl-link :href="helpPath">{{ __('More information') }}</gl-link>
     </p>
 
     <div class="cluster-application-list gl-mt-3">
-      <application-row
-        v-if="!managedAppsLocalTillerEnabled"
-        id="helm"
-        :logo-url="$options.logos.helmLogo"
-        :title="applications.helm.title"
-        :status="applications.helm.status"
-        :status-reason="applications.helm.statusReason"
-        :request-status="applications.helm.requestStatus"
-        :request-reason="applications.helm.requestReason"
-        :installed="applications.helm.installed"
-        :install-failed="applications.helm.installFailed"
-        :uninstallable="applications.helm.uninstallable"
-        :uninstall-successful="applications.helm.uninstallSuccessful"
-        :uninstall-failed="applications.helm.uninstallFailed"
-        class="rounded-top"
-        title-link="https://docs.helm.sh/"
-      >
-        <template #description>
-          {{
-            s__(`ClusterIntegration|Helm streamlines installing
-                    and managing Kubernetes applications.
-                    Tiller runs inside of your Kubernetes Cluster,
-                    and manages releases of your charts.`)
-          }}
-        </template>
-      </application-row>
-      <div v-show="!helmInstalled" class="cluster-application-warning">
-        <div class="svg-container" v-html="$options.helmInstallIllustration"></div>
-        {{
-          s__(`ClusterIntegration|You must first install Helm Tiller before
-                installing the applications below`)
-        }}
-      </div>
       <application-row
         :id="ingressId"
         :logo-url="$options.logos.kubernetesLogo"
@@ -237,7 +189,6 @@ export default {
         :uninstallable="applications.ingress.uninstallable"
         :uninstall-successful="applications.ingress.uninstallSuccessful"
         :uninstall-failed="applications.ingress.uninstallFailed"
-        :disabled="!helmInstalled"
         :updateable="false"
         title-link="https://kubernetes.io/docs/concepts/services-networking/ingress/"
       >
@@ -340,7 +291,6 @@ export default {
         :uninstallable="applications.cert_manager.uninstallable"
         :uninstall-successful="applications.cert_manager.uninstallSuccessful"
         :uninstall-failed="applications.cert_manager.uninstallFailed"
-        :disabled="!helmInstalled"
         title-link="https://cert-manager.readthedocs.io/en/latest/#"
       >
         <template #description>
@@ -398,7 +348,6 @@ export default {
         :uninstallable="applications.prometheus.uninstallable"
         :uninstall-successful="applications.prometheus.uninstallSuccessful"
         :uninstall-failed="applications.prometheus.uninstallFailed"
-        :disabled="!helmInstalled"
         title-link="https://prometheus.io/docs/introduction/overview/"
       >
         <template #description>
@@ -438,7 +387,6 @@ export default {
         :uninstallable="applications.runner.uninstallable"
         :uninstall-successful="applications.runner.uninstallSuccessful"
         :uninstall-failed="applications.runner.uninstallFailed"
-        :disabled="!helmInstalled"
         title-link="https://docs.gitlab.com/runner/"
       >
         <template #description>
@@ -464,7 +412,6 @@ export default {
         :uninstall-successful="applications.crossplane.uninstallSuccessful"
         :uninstall-failed="applications.crossplane.uninstallFailed"
         :install-application-request-params="{ stack: applications.crossplane.stack }"
-        :disabled="!helmInstalled"
         title-link="https://crossplane.io"
       >
         <template #description>
@@ -509,7 +456,6 @@ export default {
         :uninstall-successful="applications.jupyter.uninstallSuccessful"
         :uninstall-failed="applications.jupyter.uninstallFailed"
         :install-application-request-params="{ hostname: applications.jupyter.hostname }"
-        :disabled="!helmInstalled"
         title-link="https://jupyterhub.readthedocs.io/en/stable/"
       >
         <template #description>
@@ -575,7 +521,6 @@ export default {
         :uninstall-successful="applications.knative.uninstallSuccessful"
         :uninstall-failed="applications.knative.uninstallFailed"
         :updateable="false"
-        :disabled="!helmInstalled"
         v-bind="applications.knative"
         title-link="https://github.com/knative/docs"
       >
@@ -597,7 +542,7 @@ export default {
           </p>
 
           <knative-domain-editor
-            v-if="(knative.installed || (helmInstalled && rbac)) && !preInstalledKnative"
+            v-if="(knative.installed || rbac) && !preInstalledKnative"
             :knative="knative"
             :ingress-dns-help-path="ingressDnsHelpPath"
             @save="saveKnativeDomain"
@@ -634,7 +579,6 @@ export default {
         :uninstallable="applications.elastic_stack.uninstallable"
         :uninstall-successful="applications.elastic_stack.uninstallSuccessful"
         :uninstall-failed="applications.elastic_stack.uninstallFailed"
-        :disabled="!helmInstalled"
         title-link="https://gitlab.com/gitlab-org/charts/elastic-stack"
       >
         <template #description>
@@ -668,7 +612,6 @@ export default {
         :uninstallable="applications.fluentd.uninstallable"
         :uninstall-successful="applications.fluentd.uninstallSuccessful"
         :uninstall-failed="applications.fluentd.uninstallFailed"
-        :disabled="!helmInstalled"
         :updateable="false"
         title-link="https://github.com/helm/charts/tree/master/stable/fluentd"
       >
@@ -694,7 +637,7 @@ export default {
       </application-row>
 
       <div class="gl-mt-7 gl-border-1 gl-border-t-solid gl-border-gray-100">
-        <!-- This empty div serves as a separator between applications that have a dependency on Helm and those that can be enabled without Helm. -->
+        <!-- This empty div serves as a separator. The applications below can be externally installed using a cluster-management project. -->
       </div>
 
       <application-row

app/controllers/clusters/base_controller.rb

@@ -6,10 +6,6 @@ class Clusters::BaseController < ApplicationController
   skip_before_action :authenticate_user!
   before_action :authorize_read_cluster!
 
-  before_action do
-    push_frontend_feature_flag(:managed_apps_local_tiller, clusterable, default_enabled: true)
-  end
-
   helper_method :clusterable
 
   private

app/models/clusters/applications/cert_manager.rb

@@ -38,8 +38,7 @@ module Clusters
           chart: chart,
           files: files.merge(cluster_issuer_file),
           preinstall: pre_install_script,
-          postinstall: post_install_script,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postinstall: post_install_script
         )
       end
 
@@ -48,8 +47,7 @@ module Clusters
           name: 'certmanager',
           rbac: cluster.platform_kubernetes_rbac?,
           files: files,
-          postdelete: post_delete_script,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postdelete: post_delete_script
         )
       end
 

app/models/clusters/applications/crossplane.rb

@@ -35,8 +35,7 @@ module Clusters
           version: VERSION,
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
-          files: files,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          files: files
         )
       end
 

app/models/clusters/applications/elastic_stack.rb

@@ -34,8 +34,7 @@ module Clusters
           repository: repository,
           files: files,
           preinstall: migrate_to_3_script,
-          postinstall: post_install_script,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postinstall: post_install_script
         )
       end
 
@@ -44,8 +43,7 @@ module Clusters
           name: 'elastic-stack',
           rbac: cluster.platform_kubernetes_rbac?,
           files: files,
-          postdelete: post_delete_script,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postdelete: post_delete_script
         )
       end
 
@@ -121,8 +119,7 @@ module Clusters
           Gitlab::Kubernetes::Helm::DeleteCommand.new(
             name: 'elastic-stack',
             rbac: cluster.platform_kubernetes_rbac?,
-            files: files,
-            local_tiller_enabled: cluster.local_tiller_enabled?
+            files: files
           ).delete_command,
           Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", "release=elastic-stack", "--namespace", Gitlab::Kubernetes::Helm::NAMESPACE)
         ]

app/models/clusters/applications/fluentd.rb

@@ -32,8 +32,7 @@ module Clusters
           version: VERSION,
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
-          files: files,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          files: files
         )
       end
 

app/models/clusters/applications/helm.rb

@@ -52,8 +52,7 @@ module Clusters
         Gitlab::Kubernetes::Helm::InitCommand.new(
           name: name,
           files: files,
-          rbac: cluster.platform_kubernetes_rbac?,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          rbac: cluster.platform_kubernetes_rbac?
         )
       end
 
@@ -61,8 +60,7 @@ module Clusters
         Gitlab::Kubernetes::Helm::ResetCommand.new(
           name: name,
           files: files,
-          rbac: cluster.platform_kubernetes_rbac?,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          rbac: cluster.platform_kubernetes_rbac?
         )
       end
 

app/models/clusters/applications/ingress.rb

@@ -63,8 +63,7 @@ module Clusters
           version: VERSION,
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
-          files: files,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          files: files
         )
       end
 

app/models/clusters/applications/jupyter.rb

@@ -45,8 +45,7 @@ module Clusters
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
           files: files,
-          repository: repository,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          repository: repository
         )
       end
 

app/models/clusters/applications/knative.rb

@@ -77,8 +77,7 @@ module Clusters
           chart: chart,
           files: files,
           repository: REPOSITORY,
-          postinstall: install_knative_metrics,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postinstall: install_knative_metrics
         )
       end
 
@@ -100,8 +99,7 @@ module Clusters
           rbac: cluster.platform_kubernetes_rbac?,
           files: files,
           predelete: delete_knative_services_and_metrics,
-          postdelete: delete_knative_istio_leftovers,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postdelete: delete_knative_istio_leftovers
         )
       end
 

app/models/clusters/applications/prometheus.rb

@@ -69,8 +69,7 @@ module Clusters
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
           files: files,
-          postinstall: install_knative_metrics,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          postinstall: install_knative_metrics
         )
       end
 
@@ -80,8 +79,7 @@ module Clusters
           version: version,
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
-          files: files_with_replaced_values(values),
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          files: files_with_replaced_values(values)
         )
       end
 
@@ -90,8 +88,7 @@ module Clusters
           name: name,
           rbac: cluster.platform_kubernetes_rbac?,
           files: files,
-          predelete: delete_knative_istio_metrics,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          predelete: delete_knative_istio_metrics
         )
       end
 

app/models/clusters/applications/runner.rb

@@ -36,8 +36,7 @@ module Clusters
           rbac: cluster.platform_kubernetes_rbac?,
           chart: chart,
           files: files,
-          repository: repository,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          repository: repository
         )
       end
 

app/models/clusters/cluster.rb

@@ -357,10 +357,6 @@ module Clusters
       end
     end
 
-    def local_tiller_enabled?
-      Feature.enabled?(:managed_apps_local_tiller, clusterable, default_enabled: true)
-    end
-
     def prometheus_adapter
       application_prometheus
     end

app/models/clusters/concerns/application_core.rb

@@ -15,7 +15,7 @@ module Clusters
         def set_initial_status
           return unless not_installable?
 
-          self.status = status_states[:installable] if cluster&.application_helm_available? || cluster&.local_tiller_enabled?
+          self.status = status_states[:installable]
         end
 
         def can_uninstall?

app/models/clusters/concerns/application_data.rb

@@ -7,8 +7,7 @@ module Clusters
         Gitlab::Kubernetes::Helm::DeleteCommand.new(
           name: name,
           rbac: cluster.platform_kubernetes_rbac?,
-          files: files,
-          local_tiller_enabled: cluster.local_tiller_enabled?
+          files: files
         )
       end
 
@@ -21,23 +20,11 @@ module Clusters
       end
 
       def files
-        @files ||= begin
-          files = { 'values.yaml': values }
-
-          files.merge!(certificate_files) if use_tiller_ssl?
-
-          files
-        end
+        @files ||= { 'values.yaml': values }
       end
 
       private
 
-      def use_tiller_ssl?
-        return false if cluster.local_tiller_enabled?
-
-        cluster.application_helm.has_ssl?
-      end
-
       def certificate_files
         {
           'ca.pem': ca_cert,

app/models/clusters/concerns/application_status.rb

@@ -97,24 +97,6 @@ module Clusters
             application.status_reason = status_reason if status_reason
           end
 
-          before_transition any => [:installed, :updated] do |application, transition|
-            unless application.cluster.local_tiller_enabled? || application.is_a?(Clusters::Applications::Helm)
-              if transition.event == :make_externally_installed
-                # If an application is externally installed
-                # We assume the helm application is externally installed too
-                helm = application.cluster.application_helm || application.cluster.build_application_helm
-
-                helm.make_externally_installed!
-              else
-                # When installing any application we are also performing an update
-                # of tiller (see Gitlab::Kubernetes::Helm::ClientCommand) so
-                # therefore we need to reflect that in the database.
-
-                application.cluster.application_helm.update!(version: Gitlab::Kubernetes::Helm::HELM_VERSION)
-              end
-            end
-          end
-
           after_transition any => [:uninstalling], :use_transactions => false do |application, _|
             application.prepare_uninstall
           end

changelogs/unreleased/remove-local-tiller-feature-flag.yml

+---
+title: Remove feature flag managed_apps_local_tiller
+merge_request: 37641
+author:
+type: changed

doc/user/clusters/applications.md

@@ -69,47 +69,23 @@ can lead to confusion during deployments.
 
 > - Introduced in GitLab 10.2 for project-level clusters.
 > - Introduced in GitLab 11.6 for group-level clusters.
-> - A local Tiller option was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2 behind a feature flag, enabled by default.
-> - The feature flag for local Tiller is enabled on GitLab.com.
+> - [Uses a local Tiller](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) since GitLab 13.2.
 
 [Helm](https://helm.sh/docs/) is a package manager for Kubernetes and is
 used to install the GitLab-managed apps. GitLab runs each `helm` command
 in a pod within the `gitlab-managed-apps` namespace inside the cluster.
 
-As of GitLab 13.2, the integration uses a local
-[Tiller](https://v2.helm.sh/docs/glossary/#tiller) by default. When using a
-local Tiller, the Helm application does not need to be installed and will not
-be shown in the list of applications.
+GitLab's integration uses Helm 2 with a local
+[Tiller](https://v2.helm.sh/docs/glossary/#tiller) server for managing
+applications. Prior to [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/209736),
+GitLab used an in-cluster Tiller server in the `gitlab-managed-apps`
+namespace. This server can now be safely removed.
 
 NOTE: **Note:**
 GitLab's Helm integration does not support installing applications behind a proxy,
 but a [workaround](../../topics/autodevops/index.md#install-applications-behind-a-proxy)
 is available.
 
-### Enable or disable local Tiller **(CORE ONLY)**
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2
-> - The option to disable local Tiller is [planned for removal](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.3
-
-Local Tiller is under development, but is ready for production use. It is
-deployed behind a feature flag that is **enabled by default**.
-[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md)
-can enable it for your instance.
-
-To enable it:
-
-```ruby
-# Instance-wide
-Feature.enable(:managed_apps_local_tiller)
-```
-
-To disable it:
-
-```ruby
-# Instance-wide
-Feature.disable(:managed_apps_local_tiller)
-```
-
 ### cert-manager
 
 > Introduced in GitLab 11.6 for project- and group-level clusters.

lib/gitlab/kubernetes/helm/base_command.rb

@@ -6,21 +6,16 @@ module Gitlab
       class BaseCommand
         attr_reader :name, :files
 
-        def initialize(rbac:, name:, files:, local_tiller_enabled:)
+        def initialize(rbac:, name:, files:)
           @rbac = rbac
           @name = name
           @files = files
-          @local_tiller_enabled = local_tiller_enabled
         end
 
         def rbac?
           @rbac
         end
 
-        def local_tiller_enabled?
-          @local_tiller_enabled
-        end
-
         def pod_resource
           pod_service_account_name = rbac? ? service_account_name : nil
 

lib/gitlab/kubernetes/helm/client_command.rb

@@ -5,30 +5,11 @@ module Gitlab
     module Helm
       module ClientCommand
         def init_command
-          if local_tiller_enabled?
-            <<~HEREDOC.chomp
+          <<~SHELL.chomp
             export HELM_HOST="localhost:44134"
             tiller -listen ${HELM_HOST} -alsologtostderr &
             helm init --client-only
-            HEREDOC
-          else
-            # Here we are always upgrading to the latest version of Tiller when
-            # installing an app. We ensure the helm version stored in the
-            # database is correct by also updating this after transition to
-            # :installed,:updated in Clusters::Concerns::ApplicationStatus
-            'helm init --upgrade'
-          end
-        end
-
-        def wait_for_tiller_command
-          return if local_tiller_enabled?
-
-          helm_check = ['helm', 'version', *optional_tls_flags].shelljoin
-          # This is necessary to give Tiller time to restart after upgrade.
-          # Ideally we'd be able to use --wait but cannot because of
-          # https://github.com/helm/helm/issues/4855
-
-          "for i in $(seq 1 30); do #{helm_check} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)"
+          SHELL
         end
 
         def repository_command
@@ -37,12 +18,6 @@ module Gitlab
 
         private
 
-        def tls_flags_if_remote_tiller
-          return [] if local_tiller_enabled?
-
-          optional_tls_flags
-        end
-
         def repository_update_command
           'helm repo update'
         end

lib/gitlab/kubernetes/helm/delete_command.rb

@@ -17,7 +17,6 @@ module Gitlab
         def generate_script
           super + [
             init_command,
-            wait_for_tiller_command,
             predelete,
             delete_command,
             postdelete
@@ -29,9 +28,7 @@ module Gitlab
         end
 
         def delete_command
-          command = ['helm', 'delete', '--purge', name] + tls_flags_if_remote_tiller
-
-          command.shelljoin
+          ['helm', 'delete', '--purge', name].shelljoin
         end
       end
     end

lib/gitlab/kubernetes/helm/install_command.rb

@@ -21,7 +21,6 @@ module Gitlab
         def generate_script
           super + [
             init_command,
-            wait_for_tiller_command,
             repository_command,
             repository_update_command,
             preinstall,
@@ -39,7 +38,6 @@ module Gitlab
             install_flag +
             rollback_support_flag +
             reset_values_flag +
-            tls_flags_if_remote_tiller +
             optional_version_flag +
             rbac_create_flag +
             namespace_flag +

lib/gitlab/kubernetes/helm/patch_command.rb

@@ -26,7 +26,6 @@ module Gitlab
         def generate_script
           super + [
             init_command,
-            wait_for_tiller_command,
             repository_command,
             repository_update_command,
             upgrade_command
@@ -38,7 +37,6 @@ module Gitlab
         def upgrade_command
           command = ['helm', 'upgrade', name, chart] +
             reuse_values_flag +
-            tls_flags_if_remote_tiller +
             version_flag +
             namespace_flag +
             value_flag

locale/gitlab.pot

@@ -5177,7 +5177,7 @@ msgstr ""
 msgid "ClusterIntegration|Choose the worker node %{startLink}instance type %{externalLinkIcon} %{endLink}."
 msgstr ""
 
-msgid "ClusterIntegration|Choose which applications to install on your Kubernetes cluster. Helm Tiller is required to install any of the following applications."
+msgid "ClusterIntegration|Choose which applications to install on your Kubernetes cluster."
 msgstr ""
 
 msgid "ClusterIntegration|Choose which of your environments will use this cluster."
@@ -5393,9 +5393,6 @@ msgstr ""
 msgid "ClusterIntegration|Helm release failed to install"
 msgstr ""
 
-msgid "ClusterIntegration|Helm streamlines installing and managing Kubernetes applications. Tiller runs inside of your Kubernetes Cluster, and manages releases of your charts."
-msgstr ""
-
 msgid "ClusterIntegration|If you are setting up multiple clusters and are using Auto DevOps, %{help_link_start}read this first%{help_link_end}."
 msgstr ""
 
@@ -5903,9 +5900,6 @@ msgstr ""
 msgid "ClusterIntegration|You are about to update %{appTitle} on your cluster."
 msgstr ""
 
-msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
-msgstr ""
-
 msgid "ClusterIntegration|You must grant access to your organization’s AWS resources in order to create a new EKS cluster. To grant access, create a provision role using the account and external ID below and provide us the ARN."
 msgstr ""
 

spec/features/clusters/installing_applications_shared_examples.rb

 # frozen_string_literal: true
 
-RSpec.shared_examples "installing applications for a cluster" do |managed_apps_local_tiller|
+RSpec.shared_examples "installing applications for a cluster" do
   before do
     # Reduce interval from 10 seconds which is too long for an automated test
     stub_const("#{Clusters::ClustersController}::STATUS_POLLING_INTERVAL", 500)
 
-    stub_feature_flags(managed_apps_local_tiller: managed_apps_local_tiller)
-
     visit cluster_path
   end
 
@@ -31,12 +29,7 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
     it 'user can install applications' do
       wait_for_requests
 
-      application_row =
-        if managed_apps_local_tiller
-          '.js-cluster-application-row-ingress'
-        else
-          '.js-cluster-application-row-helm'
-        end
+      application_row = '.js-cluster-application-row-ingress'
 
       page.within(application_row) do
         expect(page).not_to have_css('.js-cluster-application-install-button[disabled]')
@@ -44,50 +37,11 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
       end
     end
 
-    if managed_apps_local_tiller
-      it 'does not show the Helm application' do
-        expect(page).not_to have_selector(:css, '.js-cluster-application-row-helm')
-      end
-    else
-      context 'when user installs Helm' do
-        before do
-          allow(ClusterInstallAppWorker).to receive(:perform_async)
-          wait_for_requests
-
-          page.within('.js-cluster-application-row-helm') do
-            page.find(:css, '.js-cluster-application-install-button').click
-          end
-
-          wait_for_requests
-        end
-
-        it 'shows the status transition' do
-          page.within('.js-cluster-application-row-helm') do
-            # FE sends request and gets the response, then the buttons is "Installing"
-            expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Installing')
-
-            Clusters::Cluster.last.application_helm.make_installing!
-
-            # FE starts polling and update the buttons to "Installing"
-            expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Installing')
-
-            Clusters::Cluster.last.application_helm.make_installed!
-
-            expect(page).not_to have_css('button', exact_text: 'Install', visible: :all)
-            expect(page).not_to have_css('button', exact_text: 'Installing', visible: :all)
-            expect(page).to have_css('.js-cluster-application-uninstall-button:not([disabled])', exact_text: 'Uninstall')
-          end
-
-          expect(page).to have_content('Helm Tiller was successfully installed on your Kubernetes cluster')
-        end
-      end
+    it 'does not show the Helm application' do
+      expect(page).not_to have_selector(:css, '.js-cluster-application-row-helm')
     end
 
     context 'when user installs Knative' do
-      before do
-        create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
-      end
-
       context 'on an abac cluster' do
         let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled, *cluster_factory_args) }
 
@@ -166,8 +120,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
         allow(ClusterInstallAppWorker).to receive(:perform_async)
         allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in)
         allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async)
-
-        create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
       end
 
       it 'shows status transition' do
@@ -223,8 +175,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
       before do
         allow(ClusterInstallAppWorker).to receive(:perform_async)
 
-        create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
-
         page.within('.js-cluster-application-row-elastic_stack') do
           click_button 'Install'
         end
@@ -255,8 +205,6 @@ RSpec.shared_examples "installing applications for a cluster" do |managed_apps_l
         allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in)
         allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async)
 
-        create(:clusters_applications_helm, :installed, cluster: cluster) unless managed_apps_local_tiller
-
         page.within('.js-cluster-application-row-ingress') do
           expect(page).to have_css('.js-cluster-application-install-button:not([disabled])')
           page.find(:css, '.js-cluster-application-install-button').click

spec/frontend/clusters/components/applications_spec.js

@@ -14,7 +14,6 @@ describe('Applications', () => {
 
   beforeEach(() => {
     gon.features = gon.features || {};
-    gon.features.managedAppsLocalTiller = false;
   });
 
   const createApp = ({ applications, type, props } = {}, isShallow) => {
@@ -41,10 +40,6 @@ describe('Applications', () => {
       createApp({ type: CLUSTER_TYPE.PROJECT });
     });
 
-    it('renders a row for Helm Tiller', () => {
-      expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
-    });
-
     it('renders a row for Ingress', () => {
       expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
     });
@@ -90,10 +85,6 @@ describe('Applications', () => {
       createApp({ type: CLUSTER_TYPE.GROUP });
     });
 
-    it('renders a row for Helm Tiller', () => {
-      expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
-    });
-
     it('renders a row for Ingress', () => {
       expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
     });
@@ -140,10 +131,6 @@ describe('Applications', () => {
       createApp({ type: CLUSTER_TYPE.INSTANCE });
     });
 
-    it('renders a row for Helm Tiller', () => {
-      expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(true);
-    });
-
     it('renders a row for Ingress', () => {
       expect(wrapper.find('.js-cluster-application-row-ingress').exists()).toBe(true);
     });
@@ -186,15 +173,9 @@ describe('Applications', () => {
   });
 
   describe('Helm application', () => {
-    describe('when managedAppsLocalTiller enabled', () => {
-      beforeEach(() => {
-        gon.features.managedAppsLocalTiller = true;
-      });
-
-      it('does not render a row for Helm Tiller', () => {
-        createApp();
-        expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(false);
-      });
+    it('does not render a row for Helm Tiller', () => {
+      createApp();
+      expect(wrapper.find('.js-cluster-application-row-helm').exists()).toBe(false);
     });
   });
 
@@ -252,7 +233,6 @@ describe('Applications', () => {
                 externalHostname: 'localhost.localdomain',
                 modsecurity_enabled: false,
               },
-              helm: { title: 'Helm Tiller' },
               cert_manager: { title: 'Cert-Manager' },
               crossplane: { title: 'Crossplane', stack: '' },
               runner: { title: 'GitLab Runner' },
@@ -403,14 +383,6 @@ describe('Applications', () => {
           false,
         );
       });
-
-      it('renders disabled install button', () => {
-        expect(
-          wrapper
-            .find('.js-cluster-application-row-jupyter .js-cluster-application-install-button')
-            .attributes('disabled'),
-        ).toEqual('disabled');
-      });
     });
   });
 
@@ -530,7 +502,7 @@ describe('Applications', () => {
 
   describe('Elastic Stack application', () => {
     describe('with elastic stack installable', () => {
-      it('renders hostname active input', () => {
+      it('renders the install button enabled', () => {
         createApp();
 
         expect(
@@ -539,7 +511,7 @@ describe('Applications', () => {
               '.js-cluster-application-row-elastic_stack .js-cluster-application-install-button',
             )
             .attributes('disabled'),
-        ).toEqual('disabled');
+        ).toBeUndefined();
       });
     });
 

spec/lib/gitlab/kubernetes/helm/api_spec.rb

@@ -17,8 +17,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do
       name: application_name,
       chart: 'chart-name',
       rbac: rbac,
-      files: files,
-      local_tiller_enabled: true
+      files: files
     )
   end
 
@@ -143,7 +142,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::API do
     end
 
     context 'with a service account' do
-      let(:command) { Gitlab::Kubernetes::Helm::InitCommand.new(name: application_name, files: files, rbac: rbac, local_tiller_enabled: true) }
+      let(:command) { Gitlab::Kubernetes::Helm::InitCommand.new(name: application_name, files: files, rbac: rbac) }
 
       context 'rbac-enabled cluster' do
         let(:rbac) { true }

spec/lib/gitlab/kubernetes/helm/base_command_spec.rb

@@ -16,8 +16,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::BaseCommand do
         super(
           name: 'test-class-name',
           rbac: rbac,
-          files: { some: 'value' },
-          local_tiller_enabled: false
+          files: { some: 'value' }
         )
       end
     end

spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb

@@ -3,12 +3,11 @@
 require 'spec_helper'
 
 RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do
-  subject(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files, local_tiller_enabled: local_tiller_enabled) }
+  subject(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files) }
 
   let(:app_name) { 'app-name' }
   let(:rbac) { true }
   let(:files) { {} }
-  let(:local_tiller_enabled) { true }
 
   it_behaves_like 'helm command generator' do
     let(:commands) do
@@ -21,50 +20,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::DeleteCommand do
     end
   end
 
-  context 'tillerless feature disabled' do
-    let(:local_tiller_enabled) { false }
-
-    it_behaves_like 'helm command generator' do
-      let(:commands) do
-        <<~EOS
-        helm init --upgrade
-        for i in $(seq 1 30); do helm version && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
-        helm delete --purge app-name
-        EOS
-      end
-    end
-
-    context 'when there is a ca.pem file' do
-      let(:files) { { 'ca.pem': 'some file content' } }
-
-      let(:tls_flags) do
-        <<~EOS.squish
-        --tls
-        --tls-ca-cert /data/helm/app-name/config/ca.pem
-        --tls-cert /data/helm/app-name/config/cert.pem
-        --tls-key /data/helm/app-name/config/key.pem
-        EOS
-      end
-
-      it_behaves_like 'helm command generator' do
-        let(:commands) do
-          <<~EOS
-          helm init --upgrade
-          for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
-          #{helm_delete_command}
-          EOS
-        end
-
-        let(:helm_delete_command) do
-          <<~EOS.squish
-          helm delete --purge app-name
-          #{tls_flags}
-          EOS
-        end
-      end
-    end
-  end
-
   describe '#pod_name' do
     subject { delete_command.pod_name }
 

spec/lib/gitlab/kubernetes/helm/init_command_spec.rb

@@ -3,7 +3,7 @@
 require 'spec_helper'
 
 RSpec.describe Gitlab::Kubernetes::Helm::InitCommand do
-  subject(:init_command) { described_class.new(name: application.name, files: files, rbac: rbac, local_tiller_enabled: false) }
+  subject(:init_command) { described_class.new(name: application.name, files: files, rbac: rbac) }
 
   let(:application) { create(:clusters_applications_helm) }
   let(:rbac) { false }

spec/lib/gitlab/kubernetes/helm/install_command_spec.rb

@@ -12,8 +12,7 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
       version: version,
       repository: repository,
       preinstall: preinstall,
-      postinstall: postinstall,
-      local_tiller_enabled: local_tiller_enabled
+      postinstall: postinstall
     )
   end
 
@@ -23,7 +22,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
   let(:version) { '1.2.3' }
   let(:preinstall) { nil }
   let(:postinstall) { nil }
-  let(:local_tiller_enabled) { true }
 
   it_behaves_like 'helm command generator' do
     let(:commands) do
@@ -52,46 +50,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::InstallCommand do
     end
   end
 
-  context 'tillerless feature disabled' do
-    let(:local_tiller_enabled) { false }
-
-    let(:tls_flags) do
-      <<~EOS.squish
-      --tls
-      --tls-ca-cert /data/helm/app-name/config/ca.pem
-      --tls-cert /data/helm/app-name/config/cert.pem
-      --tls-key /data/helm/app-name/config/key.pem
-      EOS
-    end
-
-    it_behaves_like 'helm command generator' do
-      let(:commands) do
-        <<~EOS
-        helm init --upgrade
-        for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
-        helm repo add app-name https://repository.example.com
-        helm repo update
-        #{helm_install_comand}
-        EOS
-      end
-
-      let(:helm_install_comand) do
-        <<~EOS.squish
-        helm upgrade app-name chart-name
-        --install
-        --atomic
-        --cleanup-on-fail
-        --reset-values
-        #{tls_flags}
-        --version 1.2.3
-        --set rbac.create\\=false,rbac.enabled\\=false
-        --namespace gitlab-managed-apps
-        -f /data/helm/app-name/config/values.yaml
-        EOS
-      end
-    end
-  end
-
   context 'when rbac is true' do
     let(:rbac) { true }
 

spec/lib/gitlab/kubernetes/helm/patch_command_spec.rb

@@ -7,7 +7,6 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do
   let(:repository) { 'https://repository.example.com' }
   let(:rbac) { false }
   let(:version) { '1.2.3' }
-  let(:local_tiller_enabled) { true }
 
   subject(:patch_command) do
     described_class.new(
@@ -16,47 +15,10 @@ RSpec.describe Gitlab::Kubernetes::Helm::PatchCommand do
       rbac: rbac,
       files: files,
       version: version,
-      repository: repository,
-      local_tiller_enabled: local_tiller_enabled
+      repository: repository
     )
   end
 
-  context 'when local tiller feature is disabled' do
-    let(:local_tiller_enabled) { false }
-
-    let(:tls_flags) do
-      <<~EOS.squish
-      --tls
-      --tls-ca-cert /data/helm/app-name/config/ca.pem
-      --tls-cert /data/helm/app-name/config/cert.pem
-      --tls-key /data/helm/app-name/config/key.pem
-      EOS
-    end
-
-    it_behaves_like 'helm command generator' do
-      let(:commands) do
-        <<~EOS
-        helm init --upgrade
-        for i in $(seq 1 30); do helm version #{tls_flags} && s=0 && break || s=$?; sleep 1s; echo \"Retrying ($i)...\"; done; (exit $s)
-        helm repo add app-name https://repository.example.com
-        helm repo update
-        #{helm_upgrade_comand}
-        EOS
-      end
-
-      let(:helm_upgrade_comand) do
-        <<~EOS.squish
-        helm upgrade app-name chart-name
-          --reuse-values
-          #{tls_flags}
-          --version 1.2.3
-          --namespace gitlab-managed-apps
-          -f /data/helm/app-name/config/values.yaml
-        EOS
-      end
-    end
-  end
-
   it_behaves_like 'helm command generator' do
     let(:commands) do
       <<~EOS

spec/lib/gitlab/kubernetes/helm/reset_command_spec.rb

@@ -3,7 +3,7 @@
 require 'spec_helper'
 
 RSpec.describe Gitlab::Kubernetes::Helm::ResetCommand do
-  subject(:reset_command) { described_class.new(name: name, rbac: rbac, files: files, local_tiller_enabled: false) }
+  subject(:reset_command) { described_class.new(name: name, rbac: rbac, files: files) }
 
   let(:rbac) { true }
   let(:name) { 'helm' }

spec/support/shared_examples/models/cluster_application_helm_cert_shared_examples.rb

@@ -28,46 +28,16 @@ RSpec.shared_examples 'cluster application helm specs' do |application_name|
   describe '#files' do
     subject { application.files }
 
-    context 'managed_apps_local_tiller feature flag is disabled' do
-      before do
-        stub_feature_flags(managed_apps_local_tiller: false)
-      end
-
-      context 'when the helm application does not have a ca_cert' do
-        before do
-          application.cluster.application_helm.ca_cert = nil
-        end
-
-        it 'does not include cert files when there is no ca_cert entry' do
-          expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
-        end
-      end
-
-      it 'includes cert files when there is a ca_cert entry' do
-        expect(subject).to include(:'ca.pem', :'cert.pem', :'key.pem')
-        expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-        cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-        expect(cert.not_after).to be < 60.minutes.from_now
-      end
+    it 'does not include cert files' do
+      expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
     end
 
-    context 'managed_apps_local_tiller feature flag is enabled' do
-      before do
-        stub_feature_flags(managed_apps_local_tiller: application.cluster.clusterable)
-      end
+    context 'when cluster does not have helm installed' do
+      let(:application) { create(application_name, :no_helm_installed) }
 
       it 'does not include cert files' do
         expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
       end
-
-      context 'when cluster does not have helm installed' do
-        let(:application) { create(application_name, :no_helm_installed) }
-
-        it 'does not include cert files' do
-          expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
-        end
-      end
     end
   end
 end

spec/support/shared_examples/models/cluster_application_initial_status_shared_examples.rb

@@ -6,46 +6,8 @@ RSpec.shared_examples 'cluster application initial status specs' do
 
     subject { described_class.new(cluster: cluster) }
 
-    context 'local tiller feature flag is disabled' do
-      before do
-        stub_feature_flags(managed_apps_local_tiller: false)
-      end
-
-      it 'sets a default status' do
-        expect(subject.status_name).to be(:not_installable)
-      end
-    end
-
-    context 'local tiller feature flag is enabled' do
-      before do
-        stub_feature_flags(managed_apps_local_tiller: cluster.clusterable)
-      end
-
-      it 'sets a default status' do
-        expect(subject.status_name).to be(:installable)
-      end
-    end
-
-    context 'when application helm is scheduled' do
-      before do
-        stub_feature_flags(managed_apps_local_tiller: false)
-
-        create(:clusters_applications_helm, :scheduled, cluster: cluster)
-      end
-
-      it 'defaults to :not_installable' do
-        expect(subject.status_name).to be(:not_installable)
-      end
-    end
-
-    context 'when application helm is installed' do
-      before do
-        create(:clusters_applications_helm, :installed, cluster: cluster)
-      end
-
-      it 'sets a default status' do
-        expect(subject.status_name).to be(:installable)
-      end
+    it 'sets a default status' do
+      expect(subject.status_name).to be(:installable)
     end
   end
 end

spec/support/shared_examples/models/cluster_application_status_shared_examples.rb

@@ -48,43 +48,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
         expect(subject).to be_installed
       end
 
-      context 'managed_apps_local_tiller feature flag disabled' do
-        before do
-          stub_feature_flags(managed_apps_local_tiller: false)
-        end
-
-        it 'updates helm version' do
-          subject.cluster.application_helm.update!(version: '1.2.3')
+      it 'does not update the helm version' do
+        subject.cluster.application_helm.update!(version: '1.2.3')
 
+        expect do
           subject.make_installed!
 
           subject.cluster.application_helm.reload
-
-          expect(subject.cluster.application_helm.version).to eq(Gitlab::Kubernetes::Helm::HELM_VERSION)
-        end
+        end.not_to change { subject.cluster.application_helm.version }
       end
 
-      context 'managed_apps_local_tiller feature flag enabled' do
-        before do
-          stub_feature_flags(managed_apps_local_tiller: subject.cluster.clusterable)
-        end
-
-        it 'does not update the helm version' do
-          subject.cluster.application_helm.update!(version: '1.2.3')
-
-          expect do
-            subject.make_installed!
-
-            subject.cluster.application_helm.reload
-          end.not_to change { subject.cluster.application_helm.version }
-        end
-
-        context 'the cluster has no helm installed' do
-          subject { create(application_name, :installing, :no_helm_installed) }
+      context 'the cluster has no helm installed' do
+        subject { create(application_name, :installing, :no_helm_installed) }
 
-          it 'runs without errors' do
-            expect { subject.make_installed! }.not_to raise_error
-          end
+        it 'runs without errors' do
+          expect { subject.make_installed! }.not_to raise_error
         end
       end
 
@@ -97,43 +75,21 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
           expect(subject).to be_updated
         end
 
-        context 'managed_apps_local_tiller feature flag disabled' do
-          before do
-            stub_feature_flags(managed_apps_local_tiller: false)
-          end
-
-          it 'updates helm version' do
-            subject.cluster.application_helm.update!(version: '1.2.3')
+        it 'does not update the helm version' do
+          subject.cluster.application_helm.update!(version: '1.2.3')
 
+          expect do
             subject.make_installed!
 
             subject.cluster.application_helm.reload
-
-            expect(subject.cluster.application_helm.version).to eq(Gitlab::Kubernetes::Helm::HELM_VERSION)
-          end
+          end.not_to change { subject.cluster.application_helm.version }
         end
 
-        context 'managed_apps_local_tiller feature flag enabled' do
-          before do
-            stub_feature_flags(managed_apps_local_tiller: true)
-          end
-
-          it 'does not update the helm version' do
-            subject.cluster.application_helm.update!(version: '1.2.3')
-
-            expect do
-              subject.make_installed!
-
-              subject.cluster.application_helm.reload
-            end.not_to change { subject.cluster.application_helm.version }
-          end
-
-          context 'the cluster has no helm installed' do
-            subject { create(application_name, :updating, :no_helm_installed) }
+        context 'the cluster has no helm installed' do
+          subject { create(application_name, :updating, :no_helm_installed) }
 
-            it 'runs without errors' do
-              expect { subject.make_installed! }.not_to raise_error
-            end
+          it 'runs without errors' do
+            expect { subject.make_installed! }.not_to raise_error
           end
         end
       end
@@ -185,62 +141,26 @@ RSpec.shared_examples 'cluster application status specs' do |application_name|
         expect(subject).to be_installed
       end
 
-      context 'local tiller flag enabled' do
-        before do
-          stub_feature_flags(managed_apps_local_tiller: true)
-        end
-
-        context 'helm record does not exist' do
-          subject { build(application_name, :installing, :no_helm_installed) }
-
-          it 'does not create a helm record' do
-            subject.make_externally_installed!
-
-            subject.cluster.reload
-            expect(subject.cluster.application_helm).to be_nil
-          end
-        end
-
-        context 'helm record exists' do
-          subject { build(application_name, :installing, cluster: old_helm.cluster) }
+      context 'helm record does not exist' do
+        subject { build(application_name, :installing, :no_helm_installed) }
 
-          it 'does not update helm version' do
-            subject.make_externally_installed!
-
-            subject.cluster.application_helm.reload
+        it 'does not create a helm record' do
+          subject.make_externally_installed!
 
-            expect(subject.cluster.application_helm.version).to eq('1.2.3')
-          end
+          subject.cluster.reload
+          expect(subject.cluster.application_helm).to be_nil
         end
       end
 
-      context 'local tiller flag disabled' do
-        before do
-          stub_feature_flags(managed_apps_local_tiller: false)
-        end
-
-        context 'helm record does not exist' do
-          subject { build(application_name, :installing, :no_helm_installed) }
+      context 'helm record exists' do
+        subject { build(application_name, :installing, cluster: old_helm.cluster) }
 
-          it 'creates a helm record' do
-            subject.make_externally_installed!
-
-            subject.cluster.reload
-            expect(subject.cluster.application_helm).to be_present
-            expect(subject.cluster.application_helm).to be_persisted
-          end
-        end
-
-        context 'helm record exists' do
-          subject { build(application_name, :installing, cluster: old_helm.cluster) }
-
-          it 'does not update helm version' do
-            subject.make_externally_installed!
+        it 'does not update helm version' do
+          subject.make_externally_installed!
 
-            subject.cluster.application_helm.reload
+          subject.cluster.application_helm.reload
 
-            expect(subject.cluster.application_helm.version).to eq('1.2.3')
-          end
+          expect(subject.cluster.application_helm.version).to eq('1.2.3')
         end
       end