Commit c9af170d authored by Thong Kuah's avatar Thong Kuah

Create a GKE cluster with legacy_abac disabled when the `:rbac_clusters` feature flag is enabled

Explicitly persist the legacy_abac value of the cluster_provider_gcp so that we can disable abac if the `:rbac_clusters` feature flag is enabled
parent 2e47e1f8
......@@ -25,11 +25,16 @@ module Clusters
params[:provider_gcp_attributes].try do |provider|
provider[:access_token] = access_token
provider[:legacy_abac] = legacy_abac_value
end
@cluster_params = params.merge(user: current_user, projects: [project])
end
def legacy_abac_value
!Feature.enabled?(:rbac_clusters)
end
def can_create_cluster?
project.clusters.empty?
end
......
......@@ -28,7 +28,7 @@ module Clusters
provider.cluster.name,
provider.num_nodes,
machine_type: provider.machine_type,
legacy_abac: true
legacy_abac: provider.legacy_abac
)
unless operation.status == 'PENDING' || operation.status == 'RUNNING'
......
# frozen_string_literal: true
class AddLegacyAbacToClusterProvidersGcp < ActiveRecord::Migration
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
disable_ddl_transaction!
def up
add_column_with_default(:cluster_providers_gcp, :legacy_abac, :boolean, default: true)
end
def down
remove_column(:cluster_providers_gcp, :legacy_abac)
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20180906101639) do
ActiveRecord::Schema.define(version: 20180907015926) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
......@@ -620,6 +620,7 @@ ActiveRecord::Schema.define(version: 20180906101639) do
t.string "endpoint"
t.text "encrypted_access_token"
t.string "encrypted_access_token_iv"
t.boolean "legacy_abac", default: true, null: false
end
add_index "cluster_providers_gcp", ["cluster_id"], name: "index_cluster_providers_gcp_on_cluster_id", unique: true, using: :btree
......
......@@ -74,6 +74,24 @@ describe Clusters::Providers::Gcp do
end
end
describe '#legacy_abac?' do
let(:gcp) { build(:cluster_provider_gcp) }
subject { gcp }
it 'should default to true' do
is_expected.to be_legacy_abac
end
context 'legacy_abac is set to false' do
let(:gcp) { build(:cluster_provider_gcp, legacy_abac: false) }
it 'is false' do
is_expected.not_to be_legacy_abac
end
end
end
describe '#state_machine' do
context 'when any => [:created]' do
let(:gcp) { build(:cluster_provider_gcp, :creating) }
......
......@@ -29,9 +29,12 @@ shared_context 'invalid cluster create params' do
end
shared_examples 'create cluster service success' do
it 'creates a cluster object and performs a worker' do
before do
stub_feature_flags(rbac_clusters: false)
expect(ClusterProvisionWorker).to receive(:perform_async)
end
it 'creates a cluster object and performs a worker' do
expect { subject }
.to change { Clusters::Cluster.count }.by(1)
.and change { Clusters::Providers::Gcp.count }.by(1)
......@@ -44,8 +47,19 @@ shared_examples 'create cluster service success' do
expect(subject.provider.num_nodes).to eq(1)
expect(subject.provider.machine_type).to eq('machine_type-a')
expect(subject.provider.access_token).to eq(access_token)
expect(subject.provider).to be_legacy_abac
expect(subject.platform).to be_nil
end
context 'rbac_clusters feature is enabled' do
before do
stub_feature_flags(rbac_clusters: true)
end
it 'has legacy_abac false' do
expect(subject.provider).not_to be_legacy_abac
end
end
end
shared_examples 'create cluster service error' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment