Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
5fbf4069
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
5fbf4069
编写于
9月 27, 2017
作者:
S
Shinya Maeda
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fetch k8s token from k8s username/password
上级
e9d05a2c
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
39 addition
and
6 deletion
+39
-6
app/controllers/projects/clusters_controller.rb
app/controllers/projects/clusters_controller.rb
+20
-3
app/models/project_services/kubernetes_service.rb
app/models/project_services/kubernetes_service.rb
+16
-2
app/views/projects/clusters/_form.html.haml
app/views/projects/clusters/_form.html.haml
+2
-1
app/views/projects/clusters/edit.html.haml
app/views/projects/clusters/edit.html.haml
+1
-0
未找到文件。
app/controllers/projects/clusters_controller.rb
浏览文件 @
5fbf4069
...
...
@@ -40,20 +40,37 @@ class Projects::ClustersController < Projects::ApplicationController
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
]
)
# Get k8s token
token
=
''
KubernetesService
.
new
.
tap
do
|
ks
|
ks
.
api_url
=
'https://'
+
gke_cluster
.
endpoint
ks
.
ca_pem
=
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
)
ks
.
username
=
gke_cluster
.
master_auth
.
username
ks
.
password
=
gke_cluster
.
master_auth
.
password
secrets
=
ks
.
read_secrets
secrets
.
each
do
|
secret
|
name
=
secret
.
dig
(
'metadata'
,
'name'
)
if
/default-token/
=~
name
token_base64
=
secret
.
dig
(
'data'
,
'token'
)
token
=
Base64
.
decode64
(
token_base64
)
break
end
end
end
# Update service
kubernetes_service
.
attributes
=
service_params
(
active:
true
,
api_url:
gke_cluster
.
endpoint
,
api_url:
'https://'
+
gke_cluster
.
endpoint
,
ca_pem:
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
),
namespace:
params
[
'project_namespace'
],
token:
'aaa'
# TODO: username/password
token:
token
)
kubernetes_service
.
save!
# Save info
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
gcp_project_id:
params
[
'gcp_project_id'
],
cluster_zone:
params
[
'cluster_zone'
],
cluster_name:
params
[
'cluster_name'
],
...
...
app/models/project_services/kubernetes_service.rb
浏览文件 @
5fbf4069
...
...
@@ -15,6 +15,7 @@ class KubernetesService < DeploymentService
# Bearer authentication
# TODO: user/password auth, client certificates
prop_accessor
:token
attr_accessor
:username
,
:password
# Provide a custom CA bundle for self-signed deployments
prop_accessor
:ca_pem
...
...
@@ -138,6 +139,15 @@ class KubernetesService < DeploymentService
TEMPLATE_PLACEHOLDER
=
'Kubernetes namespace'
.
freeze
def
read_secrets
kubeclient
=
build_kubeclient!
kubeclient
.
get_secrets
.
as_json
rescue
KubeException
=>
err
raise
err
unless
err
.
error_code
==
404
[]
end
private
def
kubeconfig
...
...
@@ -157,7 +167,7 @@ class KubernetesService < DeploymentService
end
def
build_kubeclient!
(
api_path:
'api'
,
api_version:
'v1'
)
raise
"Incomplete settings"
unless
api_url
&&
actual_namespace
&&
token
raise
"Incomplete settings"
unless
api_url
&&
(
token
||
(
username
&&
password
))
::
Kubeclient
::
Client
.
new
(
join_api_url
(
api_path
),
...
...
@@ -190,7 +200,11 @@ class KubernetesService < DeploymentService
end
def
kubeclient_auth_options
{
bearer_token:
token
}
if
token
{
bearer_token:
token
}
else
{
username:
username
,
password:
password
}
end
end
def
join_api_url
(
api_path
)
...
...
app/views/projects/clusters/_form.html.haml
浏览文件 @
5fbf4069
Create a new cluster
%br
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
cluster_name:
"gke-test-creation
#{
Random
.
rand
(
100
)
}
"
,
gcp_project_id:
'gitlab-internal-153318'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
cluster_name:
"gke-test-creation42"
,
gcp_project_id:
'gitlab-internal-153318'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
-# gke-test-creation#{Random.rand(100)}
app/views/projects/clusters/edit.html.haml
浏览文件 @
5fbf4069
edit/show cluster
%br
=
@cluster
.
inspect
=
@cluster
.
service
.
inspect
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录