Commit e9d05a2c authored by Shinya Maeda's avatar Shinya Maeda

Add login root. Remove ceration type.

parent 99009334
class Projects::ClustersController < Projects::ApplicationController
# before_action :authenticate_google_api
before_action :cluster
before_action :authorize_google_api, except: [:login]
# before_action :authorize_admin_clusters! # TODO: Authentication
def login
begin
@authorize_url = api_client.authorize_url
rescue GoogleApi::Authentication::ConfigMissingError
end
end
def index
if cluster
redirect_to action: 'edit'
......@@ -12,97 +18,54 @@ class Projects::ClustersController < Projects::ApplicationController
end
end
##
# TODO:
# - Show form for "Create on Google Container Engine"
# - Show form for "Use existing kubernets cluster"
# - If user has not authroized yet, Show "Sign in with Google" button
# - If user has already authroized, Skip "Sign in with Google" button
# - user.is_authenticated_for_gcp?
# - user.authenticate_for_gcp!
# - Create this module which can be used from view
def new
unless session[GoogleApi::CloudPlatform::Client.token_in_session]
@authorize_url = api_client.authorize_url
end
end
##
# TODO:
# - If create on GKE, Use Google::Apis::ContainerV1::ContainerService
# - If create manually, save in db (Prob, Project > Setting)
# - Dry up with Service
# - Transaction
# - Sidekiq
def create
if params['creation_type'] == 'on_gke'
# Create a cluster on GKE
operation = api_client.projects_zones_clusters_create(
params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],
cluster_size: params['cluster_size'], machine_type: params['machine_type']
)
# wait_operation_done
if operation&.operation_type == 'CREATE_CLUSTER'
api_client.wait_operation_done(operation.self_link)
else
raise "TODO: ERROR"
end
# Create a cluster on GKE
operation = api_client.projects_zones_clusters_create(
params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],
cluster_size: params['cluster_size'], machine_type: params['machine_type']
)
# wait_operation_done
if operation&.operation_type == 'CREATE_CLUSTER'
api_client.wait_operation_done(operation.self_link)
else
raise "TODO: ERROR"
end
# Get cluster details (end point, etc)
gke_cluster = api_client.projects_zones_clusters_get(
params['gcp_project_id'], params['cluster_zone'], params['cluster_name']
# Get cluster details (end point, etc)
gke_cluster = api_client.projects_zones_clusters_get(
params['gcp_project_id'], params['cluster_zone'], params['cluster_name']
)
# Update service
kubernetes_service.attributes = service_params(
active: true,
api_url: gke_cluster.endpoint,
ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
namespace: params['project_namespace'],
token: 'aaa' # TODO: username/password
)
# Update service
kubernetes_service.attributes = service_params(
active: true,
api_url: gke_cluster.endpoint,
ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
namespace: params['project_namespace'],
token: 'aaa' # TODO: username/password
)
kubernetes_service.save!
# Save info
project.clusters.create(
creation_type: params['creation_type'],
gcp_project_id: params['gcp_project_id'],
cluster_zone: params['cluster_zone'],
cluster_name: params['cluster_name'],
service: kubernetes_service
)
elsif params['creation_type'] == 'manual'
# TODO: Transaction
project.kubernetes_service.save(
end_point: params['end_point'],
ca_cert: params['ca_cert'],
token: params['token'],
username: params['username'],
password: params['password'],
project_namespace: params['project_namespace']
)
kubernetes_service.save!
project.clusters.create(
creation_type: params['creation_type'],
kubernetes_service: project.kubernetes_service
)
end
# Save info
project.clusters.create(
creation_type: params['creation_type'],
gcp_project_id: params['gcp_project_id'],
cluster_zone: params['cluster_zone'],
cluster_name: params['cluster_name'],
service: kubernetes_service
)
redirect_to action: 'index'
end
# TODO: Show results/status. Edits Swtich for enable/disable.
# If created with GKE, non-editable form. enable/disable switch.
# If created manually, editable form. enable/disable switch.
# GKE params are on-off swtich
# Manul params are on-off swtich, Endpoint, CACert, k8s Token, Proj namespace.
def edit
unless session[GoogleApi::CloudPlatform::Client.token_in_session]
@authorize_url = api_client.authorize_url
render :edit
end
# TODO: If on, do we override parameter?
# TODO: If off, do we override parameter?
end
def update
......@@ -110,40 +73,13 @@ class Projects::ClustersController < Projects::ApplicationController
render :edit
end
# In presenter
# TODO: Generate a link to the cluster on GKE
def gcp_projects
# api_client.blah
# TODO: Return all avaiable GCP Projects.
# TODO: Return json
# TODO: Dry with concern
end
def gke_zones
# api_client.blah
# TODO: Return all avaiable zones on GKE.
# TODO: Return json
# TODO: Dry with concern
end
private
# def authenticate_google_api
# if cluster&.on_gke? && session[access_token_key].blank?
# redirect_to api_client.authorize_url(callback_import_url)
# end
# end
def cluster
# Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters
@cluster ||= project.clusters.last
end
# def cluster_params
# params.require(:cluster).permit(:aaa)
# end
def api_client
@api_client ||=
GoogleApi::CloudPlatform::Client.new(
......@@ -166,4 +102,10 @@ class Projects::ClustersController < Projects::ApplicationController
token: token
}
end
def authorize_google_api
unless session[GoogleApi::CloudPlatform::Client.token_in_session]
redirect_to action: 'login'
end
end
end
......@@ -6,10 +6,5 @@ module Ci
belongs_to :owner, class_name: 'User'
belongs_to :service
enum creation_type: {
unknown: nil,
on_gke: 1,
manual: 2
}
end
end
Create a new cluster
%br
Avaiable GCP project lists
%br
Avaiable zones
%br
= link_to "Create on Google Container Engine", namespace_project_clusters_path(@project.namespace, @project, creation_type: 'on_gke', cluster_name: "gke-test-creation#{Random.rand(100)}", gcp_project_id: 'xxx', cluster_zone: 'us-central1-a', cluster_size: '1', project_namespace: 'aaa', machine_type: '???'), method: :post
%br
= link_to "Use existing kubernets cluster", namespace_project_clusters_path(@project.namespace, @project, creation_type: 'manual', end_point: 'xxx.xxx.xxx.xxx', ca_cert: 'xxx...xxx', token: 'xxx', project_namespace: 'aaa'), method: :post
= link_to "Create on Google Container Engine", namespace_project_clusters_path(@project.namespace, @project, cluster_name: "gke-test-creation#{Random.rand(100)}", gcp_project_id: 'gitlab-internal-153318', cluster_zone: 'us-central1-a', cluster_size: '1', project_namespace: 'aaa', machine_type: '???'), method: :post
Login
%p= link_to("authenticate from here", @authorize_url)
edit/show cluster
- if @authorize_url
= render "login"
- else
= @cluster.inspect
\ No newline at end of file
%br
= @cluster.inspect
Login
%br
- if @authorize_url
= link_to("authenticate from here", @authorize_url)
- else
You have not configrued GitLab properly. So we can not proceed authentication. Please check if you have set up omniauth->providers->google_oauth2 in gitlab.yml
- if @authorize_url
= render "login"
- else
= render "form"
Create a cluster
%br
= render "form"
---
title: Bump google-api-client Gem from 0.8.6 to 0.13.6
merge_request:
author:
type: other
......@@ -185,8 +185,7 @@ constraints(ProjectUrlConstrainer.new) do
resources :clusters, except: [:edit, :show, :destroy] do
collection do
get :gcp_projects # TODO: This doesn't belong here. Grape or under user. Hint. Serilizer
get :gke_zones
get :login
get :edit
end
end
......
......@@ -9,7 +9,6 @@ class CreateCiClusters < ActiveRecord::Migration
# General
t.boolean :enabled, default: true
t.integer :creation_type # manual or on_gke
# k8s integration specific
t.string :project_namespace
......@@ -30,14 +29,6 @@ class CreateCiClusters < ActiveRecord::Migration
t.datetime_with_timezone :updated_at, null: false
end
# create_table :ci_gke_clusters do |t|
# t.integer :ci_cluster_id
# t.string :gcp_project_id
# t.string :cluster_zone
# t.string :cluster_name
# end
# add_foreign_key :ci_gke_clusters, :ci_clusters
# TODO: fk, index, encypt
add_foreign_key :ci_clusters, :projects
......
......@@ -272,7 +272,6 @@ ActiveRecord::Schema.define(version: 20170924094327) do
t.integer "owner_id"
t.integer "service_id"
t.boolean "enabled", default: true
t.integer "creation_type"
t.string "project_namespace"
t.string "end_point"
t.text "ca_cert"
......
......@@ -2,28 +2,14 @@ module GoogleApi
class Authentication
attr_reader :access_token, :redirect_uri, :state
ConfigMissingError = Class.new(StandardError)
def initialize(access_token, redirect_uri, state: nil)
@access_token = access_token
@redirect_uri = redirect_uri
@state = state
end
def client
return @client if defined?(@client)
unless config
raise 'OAuth configuration for google_oauth2 missing.'
end
@client = ::OAuth2::Client.new(
config.app_id,
config.app_secret,
site: 'https://accounts.google.com',
token_url: '/o/oauth2/token',
authorize_url: '/o/oauth2/auth'
)
end
def authorize_url
client.auth_code.authorize_url(
redirect_uri: redirect_uri,
......@@ -47,5 +33,21 @@ module GoogleApi
def config
Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" }
end
def client
return @client if defined?(@client)
unless config
raise ConfigMissingError
end
@client = ::OAuth2::Client.new(
config.app_id,
config.app_secret,
site: 'https://accounts.google.com',
token_url: '/o/oauth2/token',
authorize_url: '/o/oauth2/auth'
)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment