Service Accounts for `Project :: Google Cloud`

- Return service accounts from project ci vars for the `project :: infra :: google_cloud` route - Return illustration path for empty state

Service Accounts for `Project :: Google Cloud`
- Return service accounts from project ci vars for the `project :: infra :: google_cloud` route - Return illustration path for empty state
681706ee · Sri · 275af535 · 681706ee · 681706ee · 681706ee
Commit 681706ee authored Nov 07, 2021 by Sri
5 changed files
--- a/app/assets/javascripts/google_cloud/index.js
+++ b/app/assets/javascripts/google_cloud/index.js
@@ -6,14 +6,6 @@ const elementRenderer = (element, props = {}) => (createElement) =>

 export default () => {
  const root = document.querySelector('#js-google-cloud');
-
-  // uncomment this once backend is ready
-  // const dataset = JSON.parse(root.getAttribute('data'));
-  const mockDataset = {
-    createServiceAccountUrl: '#create-url',
-    serviceAccounts: [],
-    emptyIllustrationUrl:
-      'https://gitlab.com/gitlab-org/gitlab-svgs/-/raw/main/illustrations/pipelines_empty.svg',
-  };
-  return new Vue({ el: root, render: elementRenderer(App, mockDataset) });
+  const props = JSON.parse(root.getAttribute('data'));
+  return new Vue({ el: root, render: elementRenderer(App, props) });
 };
--- a/app/controllers/projects/google_cloud_controller.rb
+++ b/app/controllers/projects/google_cloud_controller.rb
@@ -8,6 +8,11 @@ class Projects::GoogleCloudController < Projects::ApplicationController
  before_action :feature_flag_enabled?

  def index
+    @js_data = {
+      serviceAccounts: GoogleCloud::ServiceAccountsService.new(project).find_for_project,
+      createServiceAccountUrl: '#mocked-url-create-service',
+      emptyIllustrationUrl: ActionController::Base.helpers.image_path('illustrations/pipelines_empty.svg')
+    }.to_json
  end

  private

--- a/app/services/google_cloud/service_accounts_service.rb
+++ b/app/services/google_cloud/service_accounts_service.rb
+# frozen_string_literal: true
+
+module GoogleCloud
+  ##
+  # This service deals with GCP Service Accounts in GitLab
+
+  class ServiceAccountsService < ::BaseService
+    ##
+    # Find GCP Service accounts in a GitLab project
+    #
+    # This method looks up GitLab project's CI vars
+    # and returns Google Cloud service accounts cominations
+    # lining GitLab project and environment to GCP projects
+
+    def find_for_project
+      list = []
+      group_vars_by_environment.each do |environment_scope, value|
+        list.append({ environment: environment_scope,
+                      gcp_project: value['GCP_PROJECT_ID'],
+                      service_account_exists: !value['GCP_SERVICE_ACCOUNT'].nil?,
+                      service_account_key_exists: !value['GCP_SERVICE_ACCOUNT_KEY'].nil? })
+      end
+      list
+    end
+
+    private
+
+    def group_vars_by_environment
+      gcp_keys = %w[GCP_PROJECT_ID GCP_SERVICE_ACCOUNT GCP_SERVICE_ACCOUNT_KEY]
+      grouped = {}
+      filtered_vars = @project.variables.filter { |variable| gcp_keys.include? variable.key }
+      filtered_vars.each do |variable|
+        unless grouped[variable.environment_scope]
+          grouped[variable.environment_scope] = {}
+        end
+
+        grouped[variable.environment_scope][variable.key] = variable.value
+      end
+      grouped
+    end
+  end
+end
--- a/app/views/projects/google_cloud/index.html.haml
+++ b/app/views/projects/google_cloud/index.html.haml
@@ -3,4 +3,4 @@

 - @content_class = "limit-container-width" unless fluid_layout

-#js-google-cloud
+#js-google-cloud{ data: @js_data }
--- a/spec/services/google_cloud/service_accounts_service_spec.rb
+++ b/spec/services/google_cloud/service_accounts_service_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe GoogleCloud::ServiceAccountsService do
+  let_it_be(:project) { create(:project) }
+
+  let(:service) { described_class.new(project) }
+
+  describe 'find_for_project' do
+    context 'when a project does not have GCP service account vars' do
+      before do
+        project.variables.build(key: 'blah', value: 'foo', environment_scope: 'world')
+        project.save!
+      end
+
+      it 'returns an empty list' do
+        expect(service.find_for_project.length).to equal(0)
+      end
+    end
+
+    context 'when a project has GCP service account ci vars' do
+      before do
+        project.variables.build(environment_scope: '*', key: 'GCP_PROJECT_ID', value: 'prj1')
+        project.variables.build(environment_scope: '*', key: 'GCP_SERVICE_ACCOUNT_KEY', value: '')
+        project.variables.build(environment_scope: 'staging', key: 'GCP_PROJECT_ID', value: 'prj2')
+        project.variables.build(environment_scope: 'staging', key: 'GCP_SERVICE_ACCOUNT', value: '')
+        project.variables.build(environment_scope: 'production', key: 'GCP_PROJECT_ID', value: 'prj3')
+        project.variables.build(environment_scope: 'production', key: 'GCP_SERVICE_ACCOUNT', value: '')
+        project.variables.build(environment_scope: 'production', key: 'GCP_SERVICE_ACCOUNT_KEY', value: '')
+        project.save!
+      end
+
+      it 'returns a list of service accounts' do
+        list = service.find_for_project
+        first = list[0]
+        second = list[1]
+        third = list[2]
+
+        expect(list.length).to equal(3)
+
+        expect(first[:environment]).to equal('*')
+        expect(first[:gcp_project]).to equal('prj1')
+        expect(first[:service_account_exists]).to equal(false)
+        expect(first[:service_account_key_exists]).to equal(true)
+
+        expect(second[:environment]).to equal('staging')
+        expect(second[:gcp_project]).to equal('prj2')
+        expect(second[:service_account_exists]).to equal(true)
+        expect(second[:service_account_key_exists]).to equal(false)
+
+        expect(third[:environment]).to equal('production')
+        expect(third[:gcp_project]).to equal('prj3')
+        expect(third[:service_account_exists]).to equal(true)
+        expect(third[:service_account_key_exists]).to equal(true)
+      end
+    end
+  end
+end