Skip to content

G
gitlab-ce
Commit e014ebc5 authored by Thong Kuah's avatar Thong Kuah
Browse files
Options

Merge branch '31000-api-for-instance-level-kubernetes-clusters' into 'master' 

Add API support for instance clusters

Closes #31000

See merge request gitlab-org/gitlab!36001
parents 5f65c332 494e5bf5
Hide whitespace changes
Inline Side-by-side
Showing with 895 additions and 0 deletions
changelogs/unreleased/31000-api-for-instance-level-kubernetes-clusters.yml 0 → 100644
View file @ e014ebc5
---
title: Add API support for instance-level Kubernetes clusters
merge_request: 36001
author:
type: added
doc/api/api_resources.md
View file @ e014ebc5
......@@ -129,6 +129,7 @@ The following API resources are available outside of project and group contexts
| [Geo Nodes](geo_nodes.md) **(PREMIUM ONLY)** | `/geo_nodes` |
| [Group Activity Analytics](group_activity_analytics.md) **(STARTER)** | `/analytics/group_activity/{issues_count | merge_requests_count | new_members_count }` |
| [Import repository from GitHub](import.md) | `/import/github` |
| [Instance clusters](instance_clusters.md) | `/admin/clusters` |
| [Issues](issues.md) | `/issues` (also available for groups and projects) |
| [Issues Statistics](issues_statistics.md) | `/issues_statistics` (also available for groups and projects) |
| [Keys](keys.md) | `/keys` |
......
doc/api/instance_clusters.md 0 → 100644
View file @ e014ebc5
# Instance clusters API
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36001) in GitLab 13.2.
NOTE: **Note:**
User will need admin access to use these endpoints.
Use these API endpoints with your instance clusters, which enable you to use the same cluster across multiple projects. [More information](../user/instance/clusters/index.md)
## List instance clusters
Returns a list of instance clusters.
```plaintext
GET /admin/clusters
```
Example request:
```shell
curl --header "Private-Token: <your_access_token>" "https://gitlab.example.com/api/v4/admin/clusters"
```
Example response:
```json
[
{
"id": 9,
"name": "cluster-1",
"created_at": "2020-07-14T18:36:10.440Z",
"domain": null,
"provider_type": "user",
"platform_type": "kubernetes",
"environment_scope": "*",
"cluster_type": "instance_type",
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "https://gitlab.example.com/root"
},
"platform_kubernetes": {
"api_url": "https://example.com",
"namespace": null,
"authorization_type": "rbac",
"ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----"
},
"provider_gcp": null,
"management_project": null
},
{
"id": 10,
"name": "cluster-2",
"created_at": "2020-07-14T18:39:05.383Z",
"domain": null,
"provider_type": "user",
"platform_type": "kubernetes",
"environment_scope": "staging",
"cluster_type": "instance_type",
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "https://gitlab.example.com/root"
},
"platform_kubernetes": {
"api_url": "https://example.com",
"namespace": null,
"authorization_type": "rbac",
"ca_cert":"-----BEGIN CERTIFICATE-----LzEtMCadtaLGxcsGAZjM...-----END CERTIFICATE-----"
},
"provider_gcp": null,
"management_project": null
}
{
"id": 11,
"name": "cluster-3",
...
}
]
```
## Get a single instance cluster
Returns a single instance cluster.
Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `cluster_id` | integer | yes | The ID of the cluster |
```plaintext
GET /admin/clusters/:cluster_id
```
Example request:
```shell
curl --header "Private-Token: <your_access_token>" "https://gitlab.example.com/api/v4/admin/clusters/9"
```
Example response:
```json
{
"id": 9,
"name": "cluster-1",
"created_at": "2020-07-14T18:36:10.440Z",
"domain": null,
"provider_type": "user",
"platform_type": "kubernetes",
"environment_scope": "*",
"cluster_type": "instance_type",
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "https://gitlab.example.com/root"
},
"platform_kubernetes": {
"api_url": "https://example.com",
"namespace": null,
"authorization_type": "rbac",
"ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----"
},
"provider_gcp": null,
"management_project": null
}
```
## Add existing instance cluster
Adds an existing Kubernetes instance cluster.
```plaintext
POST /admin/clusters/add
```
Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `name` | string | yes | The name of the cluster |
| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster |
| `environment_scope` | string | no | The associated environment to the cluster. Defaults to `*` |
| `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster |
| `enabled` | boolean | no | Determines if cluster is active or not, defaults to true |
| `managed` | boolean | no | Determines if GitLab will manage namespaces and service accounts for this cluster, defaults to true |
| `platform_kubernetes_attributes[api_url]` | string | yes | The URL to access the Kubernetes API |
| `platform_kubernetes_attributes[token]` | string | yes | The token to authenticate against Kubernetes |
| `platform_kubernetes_attributes[ca_cert]` | string | no | TLS certificate. Required if API is using a self-signed TLS certificate. |
| `platform_kubernetes_attributes[namespace]` | string | no | The unique namespace related to the project |
| `platform_kubernetes_attributes[authorization_type]` | string | no | The cluster authorization type: `rbac`, `abac` or `unknown_authorization`. Defaults to `rbac`. |
Example request:
```shell
curl --header "Private-Token:<your_access_token>" "http://gitlab.example.com/api/v4/admin/clusters/add" \
-H "Accept:application/json" \
-H "Content-Type:application/json" \
-X POST --data '{"name":"cluster-3", "environment_scope":"production", "platform_kubernetes_attributes":{"api_url":"https://example.com", "token":"12345", "ca_cert":"-----BEGIN CERTIFICATE-----qpoeiXXZafCM0ZDJkZjM...-----END CERTIFICATE-----"}}'
```
Example response:
```json
{
"id": 11,
"name": "cluster-3",
"created_at": "2020-07-14T18:42:50.805Z",
"domain": null,
"provider_type": "user",
"platform_type": "kubernetes",
"environment_scope": "production",
"cluster_type": "instance_type",
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "http://gitlab.example.com:3000/root"
},
"platform_kubernetes": {
"api_url": "https://example.com",
"namespace": null,
"authorization_type": "rbac",
"ca_cert":"-----BEGIN CERTIFICATE-----qpoeiXXZafCM0ZDJkZjM...-----END CERTIFICATE-----"
},
"provider_gcp": null,
"management_project": null
}
```
## Edit instance cluster
Updates an existing instance cluster.
```shell
PUT /admin/clusters/:cluster_id
```
Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `cluster_id` | integer | yes | The ID of the cluster |
| `name` | string | no | The name of the cluster |
| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster |
| `environment_scope` | string | no | The associated environment to the cluster |
| `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster |
| `enabled` | boolean | no | Determines if cluster is active or not, defaults to true |
| `platform_kubernetes_attributes[api_url]` | string | no | The URL to access the Kubernetes API |
| `platform_kubernetes_attributes[token]` | string | no | The token to authenticate against Kubernetes |
| `platform_kubernetes_attributes[ca_cert]` | string | no | TLS certificate. Required if API is using a self-signed TLS certificate. |
| `platform_kubernetes_attributes[namespace]` | string | no | The unique namespace related to the project |
NOTE: **Note:**
`name`, `api_url`, `ca_cert` and `token` can only be updated if the cluster was added
through the [Add existing Kubernetes cluster](../user/project/clusters/add_remove_clusters.md#add-existing-cluster) option or
through the [Add existing instance cluster](#add-existing-instance-cluster) endpoint.
Example request:
```shell
curl --header "Private-Token: <your_access_token>" "http://gitlab.example.com/api/v4/admin/clusters/9" \
-H "Content-Type:application/json" \
-X PUT --data '{"name":"update-cluster-name", "platform_kubernetes_attributes":{"api_url":"https://new-example.com","token":"new-token"}}'
```
Example response:
```json
{
"id": 9,
"name": "update-cluster-name",
"created_at": "2020-07-14T18:36:10.440Z",
"domain": null,
"provider_type": "user",
"platform_type": "kubernetes",
"environment_scope": "*",
"cluster_type": "instance_type",
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "https://gitlab.example.com/root"
},
"platform_kubernetes": {
"api_url": "https://new-example.com",
"namespace": null,
"authorization_type": "rbac",
"ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----"
},
"provider_gcp": null,
"management_project": null,
"project": null
}
```
## Delete instance cluster
Deletes an existing instance cluster.
```plaintext
DELETE /admin/clusters/:cluster_id
```
Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `cluster_id` | integer | yes | The ID of the cluster |
Example request:
```shell
curl --request DELETE --header "Private-Token: <your_access_token>" "https://gitlab.example.com/api/v4/admin/clusters/11"
```
lib/api/admin/instance_clusters.rb 0 → 100644
View file @ e014ebc5
# frozen_string_literal: true
module API
module Admin
class InstanceClusters < Grape::API::Instance
include PaginationParams
before do
authenticated_as_admin!
end
namespace 'admin' do
desc "Get list of all instance clusters" do
detail "This feature was introduced in GitLab 13.2."
end
get '/clusters' do
authorize! :read_cluster, clusterable_instance
present paginate(clusters_for_current_user), with: Entities::Cluster
end
desc "Get a single instance cluster" do
detail "This feature was introduced in GitLab 13.2."
end
params do
requires :cluster_id, type: Integer, desc: "The cluster ID"
end
get '/clusters/:cluster_id' do
authorize! :read_cluster, cluster
present cluster, with: Entities::Cluster
end
desc "Add an instance cluster" do
detail "This feature was introduced in GitLab 13.2."
end
params do
requires :name, type: String, desc: 'Cluster name'
optional :enabled, type: Boolean, default: true, desc: 'Determines if cluster is active or not, defaults to true'
optional :environment_scope, default: '*', type: String, desc: 'The associated environment to the cluster'
optional :domain, type: String, desc: 'Cluster base domain'
optional :management_project_id, type: Integer, desc: 'The ID of the management project'
optional :managed, type: Boolean, default: true, desc: 'Determines if GitLab will manage namespaces and service accounts for this cluster, defaults to true'
requires :platform_kubernetes_attributes, type: Hash, desc: %q(Platform Kubernetes data) do
requires :api_url, type: String, allow_blank: false, desc: 'URL to access the Kubernetes API'
requires :token, type: String, desc: 'Token to authenticate against Kubernetes'
optional :ca_cert, type: String, desc: 'TLS certificate (needed if API is using a self-signed TLS certificate)'
optional :namespace, type: String, desc: 'Unique namespace related to Project'
optional :authorization_type, type: String, values: ::Clusters::Platforms::Kubernetes.authorization_types.keys, default: 'rbac', desc: 'Cluster authorization type, defaults to RBAC'
end
end
post '/clusters/add' do
authorize! :add_cluster, clusterable_instance
user_cluster = ::Clusters::CreateService
.new(current_user, create_cluster_user_params)
.execute
if user_cluster.persisted?
present user_cluster, with: Entities::Cluster
else
render_validation_error!(user_cluster)
end
end
desc "Update an instance cluster" do
detail "This feature was introduced in GitLab 13.2."
end
params do
requires :cluster_id, type: Integer, desc: 'The cluster ID'
optional :name, type: String, desc: 'Cluster name'
optional :enabled, type: Boolean, desc: 'Enable or disable Gitlab\'s connection to your Kubernetes cluster'
optional :environment_scope, type: String, desc: 'The associated environment to the cluster'
optional :domain, type: String, desc: 'Cluster base domain'
optional :management_project_id, type: Integer, desc: 'The ID of the management project'
optional :platform_kubernetes_attributes, type: Hash, desc: %q(Platform Kubernetes data) do
optional :api_url, type: String, desc: 'URL to access the Kubernetes API'
optional :token, type: String, desc: 'Token to authenticate against Kubernetes'
optional :ca_cert, type: String, desc: 'TLS certificate (needed if API is using a self-signed TLS certificate)'
optional :namespace, type: String, desc: 'Unique namespace related to Project'
end
end
put '/clusters/:cluster_id' do
authorize! :update_cluster, cluster
update_service = ::Clusters::UpdateService.new(current_user, update_cluster_params)
if update_service.execute(cluster)
present cluster, with: Entities::ClusterProject
else
render_validation_error!(cluster)
end
end
desc "Remove a cluster" do
detail "This feature was introduced in GitLab 13.2."
end
params do
requires :cluster_id, type: Integer, desc: "The cluster ID"
end
delete '/clusters/:cluster_id' do
authorize! :admin_cluster, cluster
destroy_conditionally!(cluster)
end
end
helpers do
def clusterable_instance
Clusters::Instance.new
end
def clusters_for_current_user
@clusters_for_current_user ||= ClustersFinder.new(clusterable_instance, current_user, :all).execute
end
def cluster
@cluster ||= clusters_for_current_user.find(params[:cluster_id])
end
def create_cluster_user_params
declared_params.merge({
provider_type: :user,
platform_type: :kubernetes,
clusterable: clusterable_instance
})
end
def update_cluster_params
declared_params(include_missing: false).without(:cluster_id)
end
end
end
end
end
lib/api/api.rb
View file @ e014ebc5
......@@ -125,6 +125,7 @@ module API
# Keep in alphabetical order
mount ::API::AccessRequests
mount ::API::Admin::Ci::Variables
mount ::API::Admin::InstanceClusters
mount ::API::Admin::Sidekiq
mount ::API::Appearance
mount ::API::Applications
......
spec/requests/api/admin/instance_clusters_spec.rb 0 → 100644
View file @ e014ebc5
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe ::API::Admin::InstanceClusters do
include KubernetesHelpers
let_it_be(:regular_user) { create(:user) }
let_it_be(:admin_user) { create(:admin) }
let_it_be(:project) { create(:project) }
let_it_be(:project_cluster) do
create(:cluster, :project, :provided_by_gcp,
user: admin_user,
projects: [project])
end
let(:project_cluster_id) { project_cluster.id }
describe "GET /admin/clusters" do
let_it_be(:clusters) do
create_list(:cluster, 3, :provided_by_gcp, :instance, :production_environment)
end
context "when authenticated as a non-admin user" do
it 'returns 403' do
get api('/admin/clusters', regular_user)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context "when authenticated as admin" do
before do
get api("/admin/clusters", admin_user)
end
it 'returns 200' do
expect(response).to have_gitlab_http_status(:ok)
end
it 'includes pagination headers' do
expect(response).to include_pagination_headers
end
it 'only returns the instance clusters' do
cluster_ids = json_response.map { |cluster| cluster['id'] }
expect(cluster_ids).to match_array(clusters.pluck(:id))
expect(cluster_ids).not_to include(project_cluster_id)
end
end
end
describe "GET /admin/clusters/:cluster_id" do
let_it_be(:platform_kubernetes) do
create(:cluster_platform_kubernetes, :configured)
end
let_it_be(:cluster) do
create(:cluster, :instance, :provided_by_gcp, :with_domain,
platform_kubernetes: platform_kubernetes,
user: admin_user)
end
let(:cluster_id) { cluster.id }
context "when authenticated as admin" do
before do
get api("/admin/clusters/#{cluster_id}", admin_user)
end
context "when no cluster associated to the ID" do
let(:cluster_id) { 1337 }
it 'returns 404' do
expect(response).to have_gitlab_http_status(:not_found)
end
end
context "when cluster with cluster_id exists" do
it 'returns 200' do
expect(response).to have_gitlab_http_status(:ok)
end
it 'returns the cluster with cluster_id' do
expect(json_response['id']).to eq(cluster.id)
end
it 'returns the cluster information' do
expect(json_response['provider_type']).to eq('gcp')
expect(json_response['platform_type']).to eq('kubernetes')
expect(json_response['environment_scope']).to eq('*')
expect(json_response['cluster_type']).to eq('instance_type')
expect(json_response['domain']).to eq('example.com')
end
it 'returns kubernetes platform information' do
platform = json_response['platform_kubernetes']
expect(platform['api_url']).to eq('https://kubernetes.example.com')
expect(platform['ca_cert']).to be_present
end
it 'returns user information' do
user = json_response['user']
expect(user['id']).to eq(admin_user.id)
expect(user['username']).to eq(admin_user.username)
end
it 'returns GCP provider information' do
gcp_provider = json_response['provider_gcp']
expect(gcp_provider['cluster_id']).to eq(cluster.id)
expect(gcp_provider['status_name']).to eq('created')
expect(gcp_provider['gcp_project_id']).to eq('test-gcp-project')
expect(gcp_provider['zone']).to eq('us-central1-a')
expect(gcp_provider['machine_type']).to eq('n1-standard-2')
expect(gcp_provider['num_nodes']).to eq(3)
expect(gcp_provider['endpoint']).to eq('111.111.111.111')
end
context 'when cluster has no provider' do
let(:cluster) do
create(:cluster, :instance, :provided_by_user, :production_environment)
end
it 'does not include GCP provider info' do
expect(json_response['provider_gcp']).not_to be_present
end
end
context 'when trying to get a project cluster via the instance cluster endpoint' do
it 'returns 404' do
get api("/admin/clusters/#{project_cluster_id}", admin_user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context "when authenticated as a non-admin user" do
it 'returns 403' do
get api("/admin/clusters/#{cluster_id}", regular_user)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
end
describe "POST /admin/clusters/add" do
let(:api_url) { 'https://example.com' }
let(:authorization_type) { 'rbac' }
let(:clusterable) { Clusters::Instance.new }
let(:platform_kubernetes_attributes) do
{
api_url: api_url,
token: 'sample-token',
authorization_type: authorization_type
}
end
let(:cluster_params) do
{
name: 'test-instance-cluster',
domain: 'domain.example.com',
managed: false,
platform_kubernetes_attributes: platform_kubernetes_attributes,
clusterable: clusterable
}
end
let(:multiple_cluster_params) do
{
name: 'multiple-instance-cluster',
environment_scope: 'staging/*',
platform_kubernetes_attributes: platform_kubernetes_attributes
}
end
let(:invalid_cluster_params) do
{
environment_scope: 'production/*',
domain: 'domain.example.com',
platform_kubernetes_attributes: platform_kubernetes_attributes
}
end
context 'authorized user' do
before do
post api('/admin/clusters/add', admin_user), params: cluster_params
end
context 'with valid params' do
it 'responds with 201' do
expect(response).to have_gitlab_http_status(:created)
end
it 'creates a new Clusters::Cluster', :aggregate_failures do
cluster_result = Clusters::Cluster.find(json_response["id"])
platform_kubernetes = cluster_result.platform
expect(cluster_result).to be_user
expect(cluster_result).to be_kubernetes
expect(cluster_result.clusterable).to be_a Clusters::Instance
expect(cluster_result.cluster_type).to eq('instance_type')
expect(cluster_result.name).to eq('test-instance-cluster')
expect(cluster_result.domain).to eq('domain.example.com')
expect(cluster_result.environment_scope).to eq('*')
expect(cluster_result.enabled).to eq(true)
expect(platform_kubernetes.authorization_type).to eq('rbac')
expect(cluster_result.managed).to be_falsy
expect(platform_kubernetes.api_url).to eq("https://example.com")
expect(platform_kubernetes.token).to eq('sample-token')
end
context 'when user does not indicate authorization type' do
let(:platform_kubernetes_attributes) do
{
api_url: api_url,
token: 'sample-token'
}
end
it 'defaults to RBAC' do
cluster_result = Clusters::Cluster.find(json_response['id'])
expect(cluster_result.platform_kubernetes.rbac?).to be_truthy
end
end
context 'when user sets authorization type as ABAC' do
let(:authorization_type) { 'abac' }
it 'creates an ABAC cluster' do
cluster_result = Clusters::Cluster.find(json_response['id'])
expect(cluster_result.platform.abac?).to be_truthy
end
end
context 'when an instance cluster already exists' do
it 'allows user to add multiple clusters' do
post api('/admin/clusters/add', admin_user), params: multiple_cluster_params
expect(Clusters::Instance.new.clusters.count).to eq(2)
end
end
end
context 'with invalid params' do
context 'when missing a required parameter' do
it 'responds with 400' do
post api('/admin/clusters/add', admin_user), params: invalid_cluster_params
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['error']).to eql('name is missing')
end
end
context 'with a malformed api url' do
let(:api_url) { 'invalid_api_url' }
it 'responds with 400' do
expect(response).to have_gitlab_http_status(:bad_request)
end
it 'returns validation errors' do
expect(json_response['message']['platform_kubernetes.api_url'].first).to be_present
end
end
end
end
context 'non-authorized user' do
it 'responds with 403' do
post api('/admin/clusters/add', regular_user), params: cluster_params
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
describe 'PUT /admin/clusters/:cluster_id' do
let(:api_url) { 'https://example.com' }
let(:update_params) do
{
domain: domain,
platform_kubernetes_attributes: platform_kubernetes_attributes
}
end
let(:domain) { 'new-domain.com' }
let(:platform_kubernetes_attributes) { {} }
let_it_be(:cluster) do
create(:cluster, :instance, :provided_by_gcp, domain: 'old-domain.com')
end
context 'authorized user' do
before do
put api("/admin/clusters/#{cluster.id}", admin_user), params: update_params
cluster.reload
end
context 'with valid params' do
it 'responds with 200' do
expect(response).to have_gitlab_http_status(:ok)
end
it 'updates cluster attributes' do
expect(cluster.domain).to eq('new-domain.com')
end
end
context 'with invalid params' do
let(:domain) { 'invalid domain' }
it 'responds with 400' do
expect(response).to have_gitlab_http_status(:bad_request)
end
it 'does not update cluster attributes' do
expect(cluster.domain).to eq('old-domain.com')
end
it 'returns validation errors' do
expect(json_response['message']['domain'].first).to match('contains invalid characters (valid characters: [a-z0-9\\-])')
end
end
context 'with a GCP cluster' do
context 'when user tries to change GCP specific fields' do
let(:platform_kubernetes_attributes) do
{
api_url: 'https://new-api-url.com',
token: 'new-sample-token'
}
end
it 'responds with 400' do
expect(response).to have_gitlab_http_status(:bad_request)
end
it 'returns validation error' do
expect(json_response['message']['platform_kubernetes.base'].first).to eq(_('Cannot modify managed Kubernetes cluster'))
end
end
context 'when user tries to change domain' do
let(:domain) { 'new-domain.com' }
it 'responds with 200' do
expect(response).to have_gitlab_http_status(:ok)
end
end
end
context 'with an user cluster' do
let(:api_url) { 'https://new-api-url.com' }
let(:cluster) do
create(:cluster, :instance, :provided_by_user, :production_environment)
end
let(:platform_kubernetes_attributes) do
{
api_url: api_url,
token: 'new-sample-token'
}
end
let(:update_params) do
{
name: 'new-name',
platform_kubernetes_attributes: platform_kubernetes_attributes
}
end
it 'responds with 200' do
expect(response).to have_gitlab_http_status(:ok)
end
it 'updates platform kubernetes attributes' do
platform_kubernetes = cluster.platform_kubernetes
expect(cluster.name).to eq('new-name')
expect(platform_kubernetes.api_url).to eq('https://new-api-url.com')
expect(platform_kubernetes.token).to eq('new-sample-token')
end
end
context 'with a cluster that does not exist' do
let(:cluster_id) { 1337 }
it 'returns 404' do
put api("/admin/clusters/#{cluster_id}", admin_user), params: update_params
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'when trying to update a project cluster via the instance cluster endpoint' do
it 'returns 404' do
put api("/admin/clusters/#{project_cluster_id}", admin_user), params: update_params
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'non-authorized user' do
it 'responds with 403' do
put api("/admin/clusters/#{cluster.id}", regular_user), params: update_params
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
describe 'DELETE /admin/clusters/:cluster_id' do
let(:cluster_params) { { cluster_id: cluster.id } }
let_it_be(:cluster) do
create(:cluster, :instance, :provided_by_gcp)
end
context 'authorized user' do
before do
delete api("/admin/clusters/#{cluster.id}", admin_user), params: cluster_params
end
it 'responds with 204' do
expect(response).to have_gitlab_http_status(:no_content)
end
it 'deletes the cluster' do
expect(Clusters::Cluster.exists?(id: cluster.id)).to be_falsy
end
context 'with a cluster that does not exist' do
let(:cluster_id) { 1337 }
it 'returns 404' do
delete api("/admin/clusters/#{cluster_id}", admin_user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'when trying to update a project cluster via the instance cluster endpoint' do
it 'returns 404' do
delete api("/admin/clusters/#{project_cluster_id}", admin_user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'non-authorized user' do
it 'responds with 403' do
delete api("/admin/clusters/#{cluster.id}", regular_user), params: cluster_params
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7