Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
5142bd73
Commit
5142bd73
authored
Aug 30, 2019
by
James Fargher
Committed by
Kamil Trzciński
Aug 30, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Install cert-manager v0.9.1
This does not support upgrading from earlier versions
parent
e668b1e2
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
54 additions
and
11 deletions
+54
-11
app/models/clusters/applications/cert_manager.rb
app/models/clusters/applications/cert_manager.rb
+29
-4
changelogs/unreleased/cert_manager_v0_9.yml
changelogs/unreleased/cert_manager_v0_9.yml
+5
-0
spec/models/clusters/applications/cert_manager_spec.rb
spec/models/clusters/applications/cert_manager_spec.rb
+20
-7
No files found.
app/models/clusters/applications/cert_manager.rb
View file @
5142bd73
...
@@ -3,7 +3,8 @@
...
@@ -3,7 +3,8 @@
module
Clusters
module
Clusters
module
Applications
module
Applications
class
CertManager
<
ApplicationRecord
class
CertManager
<
ApplicationRecord
VERSION
=
'v0.5.2'
.
freeze
VERSION
=
'v0.9.1'
CRD_VERSION
=
'0.9'
self
.
table_name
=
'clusters_applications_cert_managers'
self
.
table_name
=
'clusters_applications_cert_managers'
...
@@ -21,16 +22,22 @@ module Clusters
...
@@ -21,16 +22,22 @@ module Clusters
validates
:email
,
presence:
true
validates
:email
,
presence:
true
def
chart
def
chart
'stable/cert-manager'
'certmanager/cert-manager'
end
def
repository
'https://charts.jetstack.io'
end
end
def
install_command
def
install_command
Gitlab
::
Kubernetes
::
Helm
::
InstallCommand
.
new
(
Gitlab
::
Kubernetes
::
Helm
::
InstallCommand
.
new
(
name:
'certmanager'
,
name:
'certmanager'
,
repository:
repository
,
version:
VERSION
,
version:
VERSION
,
rbac:
cluster
.
platform_kubernetes_rbac?
,
rbac:
cluster
.
platform_kubernetes_rbac?
,
chart:
chart
,
chart:
chart
,
files:
files
.
merge
(
cluster_issuer_file
),
files:
files
.
merge
(
cluster_issuer_file
),
preinstall:
pre_install_script
,
postinstall:
post_install_script
postinstall:
post_install_script
)
)
end
end
...
@@ -46,16 +53,30 @@ module Clusters
...
@@ -46,16 +53,30 @@ module Clusters
private
private
def
pre_install_script
[
apply_file
(
"https://raw.githubusercontent.com/jetstack/cert-manager/release-
#{
CRD_VERSION
}
/deploy/manifests/00-crds.yaml"
),
"kubectl label --overwrite namespace
#{
Gitlab
::
Kubernetes
::
Helm
::
NAMESPACE
}
certmanager.k8s.io/disable-validation=true"
]
end
def
post_install_script
def
post_install_script
[
"kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml"
]
[
retry_command
(
apply_file
(
'/data/helm/certmanager/config/cluster_issuer.yaml'
))]
end
def
retry_command
(
command
)
"for i in $(seq 1 30); do
#{
command
}
&& break; sleep 1s; echo
\"
Retrying ($i)...
\"
; done"
end
end
def
post_delete_script
def
post_delete_script
[
[
delete_private_key
,
delete_private_key
,
delete_crd
(
'certificates.certmanager.k8s.io'
),
delete_crd
(
'certificates.certmanager.k8s.io'
),
delete_crd
(
'certificaterequests.certmanager.k8s.io'
),
delete_crd
(
'challenges.certmanager.k8s.io'
),
delete_crd
(
'clusterissuers.certmanager.k8s.io'
),
delete_crd
(
'clusterissuers.certmanager.k8s.io'
),
delete_crd
(
'issuers.certmanager.k8s.io'
)
delete_crd
(
'issuers.certmanager.k8s.io'
),
delete_crd
(
'orders.certmanager.k8s.io'
)
].
compact
].
compact
end
end
...
@@ -75,6 +96,10 @@ module Clusters
...
@@ -75,6 +96,10 @@ module Clusters
Gitlab
::
Kubernetes
::
KubectlCmd
.
delete
(
"crd"
,
definition
,
"--ignore-not-found"
)
Gitlab
::
Kubernetes
::
KubectlCmd
.
delete
(
"crd"
,
definition
,
"--ignore-not-found"
)
end
end
def
apply_file
(
filename
)
Gitlab
::
Kubernetes
::
KubectlCmd
.
apply_file
(
filename
)
end
def
cluster_issuer_file
def
cluster_issuer_file
{
{
'cluster_issuer.yaml'
:
cluster_issuer_yaml_content
'cluster_issuer.yaml'
:
cluster_issuer_yaml_content
...
...
changelogs/unreleased/cert_manager_v0_9.yml
0 → 100644
View file @
5142bd73
---
title
:
Install cert-manager v0.9.1
merge_request
:
32243
author
:
type
:
changed
spec/models/clusters/applications/cert_manager_spec.rb
View file @
5142bd73
...
@@ -44,11 +44,18 @@ describe Clusters::Applications::CertManager do
...
@@ -44,11 +44,18 @@ describe Clusters::Applications::CertManager do
it
'is initialized with cert_manager arguments'
do
it
'is initialized with cert_manager arguments'
do
expect
(
subject
.
name
).
to
eq
(
'certmanager'
)
expect
(
subject
.
name
).
to
eq
(
'certmanager'
)
expect
(
subject
.
chart
).
to
eq
(
'stable/cert-manager'
)
expect
(
subject
.
chart
).
to
eq
(
'certmanager/cert-manager'
)
expect
(
subject
.
version
).
to
eq
(
'v0.5.2'
)
expect
(
subject
.
repository
).
to
eq
(
'https://charts.jetstack.io'
)
expect
(
subject
.
version
).
to
eq
(
'v0.9.1'
)
expect
(
subject
).
to
be_rbac
expect
(
subject
).
to
be_rbac
expect
(
subject
.
files
).
to
eq
(
cert_manager
.
files
.
merge
(
cluster_issuer_file
))
expect
(
subject
.
files
).
to
eq
(
cert_manager
.
files
.
merge
(
cluster_issuer_file
))
expect
(
subject
.
postinstall
).
to
eq
([
'kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml'
])
expect
(
subject
.
preinstall
).
to
eq
([
'kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.9/deploy/manifests/00-crds.yaml'
,
'kubectl label --overwrite namespace gitlab-managed-apps certmanager.k8s.io/disable-validation=true'
])
expect
(
subject
.
postinstall
).
to
eq
([
'for i in $(seq 1 30); do kubectl apply -f /data/helm/certmanager/config/cluster_issuer.yaml && break; sleep 1s; echo "Retrying ($i)..."; done'
])
end
end
context
'for a specific user'
do
context
'for a specific user'
do
...
@@ -75,7 +82,7 @@ describe Clusters::Applications::CertManager do
...
@@ -75,7 +82,7 @@ describe Clusters::Applications::CertManager do
let
(
:cert_manager
)
{
create
(
:clusters_applications_cert_manager
,
:errored
,
version:
'0.0.1'
)
}
let
(
:cert_manager
)
{
create
(
:clusters_applications_cert_manager
,
:errored
,
version:
'0.0.1'
)
}
it
'is initialized with the locked version'
do
it
'is initialized with the locked version'
do
expect
(
subject
.
version
).
to
eq
(
'v0.
5.2
'
)
expect
(
subject
.
version
).
to
eq
(
'v0.
9.1
'
)
end
end
end
end
end
end
...
@@ -93,10 +100,13 @@ describe Clusters::Applications::CertManager do
...
@@ -93,10 +100,13 @@ describe Clusters::Applications::CertManager do
it
'specifies a post delete command to remove custom resource definitions'
do
it
'specifies a post delete command to remove custom resource definitions'
do
expect
(
subject
.
postdelete
).
to
eq
([
expect
(
subject
.
postdelete
).
to
eq
([
"kubectl delete secret -n gitlab-managed-apps letsencrypt-prod --ignore-not-found"
,
'kubectl delete secret -n gitlab-managed-apps letsencrypt-prod --ignore-not-found'
,
'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd certificaterequests.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd challenges.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd orders.certmanager.k8s.io --ignore-not-found'
])
])
end
end
...
@@ -111,8 +121,11 @@ describe Clusters::Applications::CertManager do
...
@@ -111,8 +121,11 @@ describe Clusters::Applications::CertManager do
it
'does not try and delete the secret'
do
it
'does not try and delete the secret'
do
expect
(
subject
.
postdelete
).
to
eq
([
expect
(
subject
.
postdelete
).
to
eq
([
'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd certificaterequests.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd challenges.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
,
'kubectl delete crd orders.certmanager.k8s.io --ignore-not-found'
])
])
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment