clusters_controller.rb 6.04 KB
Newer Older
1 2
# frozen_string_literal: true

3 4 5
class Clusters::ClustersController < Clusters::BaseController
  include RoutableActions

6 7 8
  before_action :cluster, except: [:index, :new, :create_gcp, :create_user]
  before_action :generate_gcp_authorize_url, only: [:new]
  before_action :validate_gcp_token, only: [:new]
9 10
  before_action :gcp_cluster, only: [:new]
  before_action :user_cluster, only: [:new]
11
  before_action :authorize_create_cluster!, only: [:new]
12 13
  before_action :authorize_update_cluster!, only: [:update]
  before_action :authorize_admin_cluster!, only: [:destroy]
14
  before_action :update_applications_status, only: [:cluster_status]
15

16
  helper_method :token_in_session
17

Kamil Trzcinski's avatar
Kamil Trzcinski committed
18 19
  STATUS_POLLING_INTERVAL = 10_000

20
  def index
21 22 23 24 25 26
    finder = ClusterAncestorsFinder.new(clusterable.subject, current_user)
    clusters = finder.execute

    # Note: We are paginating through an array here but this should OK as:
    #
    # In CE, we can have a maximum group nesting depth of 21, so including
27
    # project cluster, we can have max 22 clusters for a group hierarchy.
28 29 30 31
    # In EE (Premium) we can have any number, as multiple clusters are
    # supported, but the number of clusters are fairly low currently.
    #
    # See https://gitlab.com/gitlab-org/gitlab-ce/issues/55260 also.
32
    @clusters = Kaminari.paginate_array(clusters).page(params[:page]).per(20)
33 34

    @has_ancestor_clusters = finder.has_ancestor_clusters?
35 36
  end

37 38 39
  def new
  end

40 41
  # Overridding ActionController::Metal#status is NOT a good idea
  def cluster_status
42 43
    respond_to do |format|
      format.json do
44
        Gitlab::PollingInterval.set_header(response, interval: STATUS_POLLING_INTERVAL)
45

46
        render json: ClusterSerializer
47
          .new(current_user: @current_user)
48
          .represent_status(@cluster)
49 50
      end
    end
51 52
  end

53
  def show
54 55 56
  end

  def update
Shinya Maeda's avatar
Shinya Maeda committed
57
    Clusters::UpdateService
58
      .new(current_user, update_params)
59
      .execute(cluster)
60

Kamil Trzcinski's avatar
Kamil Trzcinski committed
61
    if cluster.valid?
62 63 64 65 66
      respond_to do |format|
        format.json do
          head :no_content
        end
        format.html do
67
          flash[:notice] = _('Kubernetes cluster was successfully updated.')
68
          redirect_to cluster.show_path
69 70
        end
      end
Kamil Trzcinski's avatar
Kamil Trzcinski committed
71
    else
72 73 74 75
      respond_to do |format|
        format.json { head :bad_request }
        format.html { render :show }
      end
Kamil Trzcinski's avatar
Kamil Trzcinski committed
76
    end
77 78
  end

79
  def destroy
80
    if cluster.destroy
81
      flash[:notice] = _('Kubernetes cluster integration was successfully removed.')
82
      redirect_to clusterable.index_path, status: :found
83
    else
84
      flash[:notice] = _('Kubernetes cluster integration was not removed.')
85
      render :show
86
    end
87 88
  end

89 90
  def create_gcp
    @gcp_cluster = ::Clusters::CreateService
91
      .new(current_user, create_gcp_cluster_params)
92
      .execute(access_token: token_in_session)
93
      .present(current_user: current_user)
94 95

    if @gcp_cluster.persisted?
96
      redirect_to @gcp_cluster.show_path
97 98 99 100 101 102 103 104 105 106 107
    else
      generate_gcp_authorize_url
      validate_gcp_token
      user_cluster

      render :new, locals: { active_tab: 'gcp' }
    end
  end

  def create_user
    @user_cluster = ::Clusters::CreateService
108
      .new(current_user, create_user_cluster_params)
109
      .execute(access_token: token_in_session)
110
      .present(current_user: current_user)
111 112

    if @user_cluster.persisted?
113
      redirect_to @user_cluster.show_path
114 115 116 117 118 119 120 121 122
    else
      generate_gcp_authorize_url
      validate_gcp_token
      gcp_cluster

      render :new, locals: { active_tab: 'user' }
    end
  end

123 124
  private

125
  def update_params
Kamil Trzcinski's avatar
Kamil Trzcinski committed
126 127 128
    if cluster.managed?
      params.require(:cluster).permit(
        :enabled,
129
        :environment_scope,
130
        :base_domain,
Kamil Trzcinski's avatar
Kamil Trzcinski committed
131 132 133 134 135 136 137 138
        platform_kubernetes_attributes: [
          :namespace
        ]
      )
    else
      params.require(:cluster).permit(
        :enabled,
        :name,
139
        :environment_scope,
140
        :base_domain,
Kamil Trzcinski's avatar
Kamil Trzcinski committed
141 142 143 144 145
        platform_kubernetes_attributes: [
          :api_url,
          :token,
          :ca_cert,
          :namespace
Kamil Trzcinski's avatar
Kamil Trzcinski committed
146
        ]
Kamil Trzcinski's avatar
Kamil Trzcinski committed
147 148
      )
    end
149 150
  end

151 152 153 154 155 156 157 158 159
  def create_gcp_cluster_params
    params.require(:cluster).permit(
      :enabled,
      :name,
      :environment_scope,
      provider_gcp_attributes: [
        :gcp_project_id,
        :zone,
        :num_nodes,
160 161
        :machine_type,
        :legacy_abac
162 163
      ]).merge(
        provider_type: :gcp,
164
        platform_type: :kubernetes,
165
        clusterable: clusterable.subject
166 167 168 169 170 171 172 173 174 175 176 177
      )
  end

  def create_user_cluster_params
    params.require(:cluster).permit(
      :enabled,
      :name,
      :environment_scope,
      platform_kubernetes_attributes: [
        :namespace,
        :api_url,
        :token,
178 179
        :ca_cert,
        :authorization_type
180 181
      ]).merge(
        provider_type: :user,
182
        platform_type: :kubernetes,
183
        clusterable: clusterable.subject
184 185 186 187
      )
  end

  def generate_gcp_authorize_url
188
    state = generate_session_key_redirect(clusterable.new_path.to_s)
189 190 191 192 193 194 195 196 197

    @authorize_url = GoogleApi::CloudPlatform::Client.new(
      nil, callback_google_api_auth_url,
      state: state).authorize_url
  rescue GoogleApi::Auth::ConfigMissingError
    # no-op
  end

  def gcp_cluster
198 199 200
    cluster = Clusters::BuildService.new(clusterable.subject).execute
    cluster.build_provider_gcp
    @gcp_cluster = cluster.present(current_user: current_user)
201 202 203
  end

  def user_cluster
204 205 206
    cluster = Clusters::BuildService.new(clusterable.subject).execute
    cluster.build_platform_kubernetes
    @user_cluster = cluster.present(current_user: current_user)
207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228
  end

  def validate_gcp_token
    @valid_gcp_token = GoogleApi::CloudPlatform::Client.new(token_in_session, nil)
      .validate_token(expires_at_in_session)
  end

  def token_in_session
    session[GoogleApi::CloudPlatform::Client.session_key_for_token]
  end

  def expires_at_in_session
    @expires_at_in_session ||=
      session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at]
  end

  def generate_session_key_redirect(uri)
    GoogleApi::CloudPlatform::Client.new_session_key_for_redirect_uri do |key|
      session[key] = uri
    end
  end

229 230
  def update_applications_status
    @cluster.applications.each(&:schedule_status_update)
231
  end
232
end