Commit dc8ccbb6 authored by Dylan Griffith's avatar Dylan Griffith

Minor refactoring of Helm and ApplicationData

parent 628ff2cf
...@@ -17,20 +17,7 @@ module Clusters ...@@ -17,20 +17,7 @@ module Clusters
before_create :create_keys_and_certs before_create :create_keys_and_certs
def create_keys_and_certs def issue_client_cert
ca_cert = Gitlab::Kubernetes::Helm::Certificate.generate_root
self.ca_key = ca_cert.key_string
self.ca_cert = ca_cert.cert_string
end
def ca_cert_obj
return unless has_ssl?
Gitlab::Kubernetes::Helm::Certificate
.from_strings(ca_key, ca_cert)
end
def issue_cert
ca_cert_obj.issue ca_cert_obj.issue
end end
...@@ -41,20 +28,41 @@ module Clusters ...@@ -41,20 +28,41 @@ module Clusters
end end
def install_command def install_command
tiller_cert = ca_cert_obj.issue(expires_in: Gitlab::Kubernetes::Helm::Certificate::INFINITE_EXPIRY)
Gitlab::Kubernetes::Helm::InitCommand.new( Gitlab::Kubernetes::Helm::InitCommand.new(
name: name, name: name,
files: { files: files
)
end
def has_ssl?
ca_key.present? && ca_cert.present?
end
private
def files
{
'ca.pem': ca_cert, 'ca.pem': ca_cert,
'cert.pem': tiller_cert.cert_string, 'cert.pem': tiller_cert.cert_string,
'key.pem': tiller_cert.key_string 'key.pem': tiller_cert.key_string
} }
)
end end
def has_ssl? def create_keys_and_certs
ca_key.present? && ca_cert.present? ca_cert = Gitlab::Kubernetes::Helm::Certificate.generate_root
self.ca_key = ca_cert.key_string
self.ca_cert = ca_cert.cert_string
end
def tiller_cert
@tiller_cert ||= ca_cert_obj.issue(expires_in: Gitlab::Kubernetes::Helm::Certificate::INFINITE_EXPIRY)
end
def ca_cert_obj
return unless has_ssl?
Gitlab::Kubernetes::Helm::Certificate
.from_strings(ca_key, ca_cert)
end end
end end
end end
......
...@@ -15,21 +15,30 @@ module Clusters ...@@ -15,21 +15,30 @@ module Clusters
def files def files
@files ||= begin @files ||= begin
files = { 'values.yaml': values } files = { 'values.yaml': values }
if cluster.application_helm.has_ssl?
ca_cert = cluster.application_helm.ca_cert files.merge!(certificate_files) if cluster.application_helm.has_ssl?
helm_cert = cluster.application_helm.issue_cert
files.merge!({ files
end
end
private
def certificate_files
{
'ca.pem': ca_cert, 'ca.pem': ca_cert,
'cert.pem': helm_cert.cert_string, 'cert.pem': helm_cert.cert_string,
'key.pem': helm_cert.key_string 'key.pem': helm_cert.key_string
}) }
end end
files def ca_cert
end cluster.application_helm.ca_cert
end end
private def helm_cert
@helm_cert ||= cluster.application_helm.issue_client_cert
end
def chart_values_file def chart_values_file
"#{Rails.root}/vendor/#{name}/values.yaml" "#{Rails.root}/vendor/#{name}/values.yaml"
......
...@@ -15,9 +15,9 @@ describe Clusters::Applications::Helm do ...@@ -15,9 +15,9 @@ describe Clusters::Applications::Helm do
it { is_expected.to contain_exactly(installed_cluster) } it { is_expected.to contain_exactly(installed_cluster) }
end end
describe '#issue_cert' do describe '#issue_client_cert' do
let(:application) { create(:clusters_applications_helm) } let(:application) { create(:clusters_applications_helm) }
subject { application.issue_cert } subject { application.issue_client_cert }
it 'returns a new cert' do it 'returns a new cert' do
is_expected.to be_kind_of(Gitlab::Kubernetes::Helm::Certificate) is_expected.to be_kind_of(Gitlab::Kubernetes::Helm::Certificate)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment