Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
e9d05a2c
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e9d05a2c
编写于
9月 27, 2017
作者:
S
Shinya Maeda
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add login root. Remove ceration type.
上级
99009334
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
80 addition
and
163 deletion
+80
-163
app/controllers/projects/clusters_controller.rb
app/controllers/projects/clusters_controller.rb
+49
-107
app/models/ci/cluster.rb
app/models/ci/cluster.rb
+0
-5
app/views/projects/clusters/_form.html.haml
app/views/projects/clusters/_form.html.haml
+1
-7
app/views/projects/clusters/_login.html.haml
app/views/projects/clusters/_login.html.haml
+0
-2
app/views/projects/clusters/edit.html.haml
app/views/projects/clusters/edit.html.haml
+2
-5
app/views/projects/clusters/login.html.haml
app/views/projects/clusters/login.html.haml
+6
-0
app/views/projects/clusters/new.html.haml
app/views/projects/clusters/new.html.haml
+3
-4
changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
...em-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
+0
-5
config/routes/project.rb
config/routes/project.rb
+1
-2
db/migrate/20170924094327_create_ci_clusters.rb
db/migrate/20170924094327_create_ci_clusters.rb
+0
-9
db/schema.rb
db/schema.rb
+0
-1
lib/google_api/authentication.rb
lib/google_api/authentication.rb
+18
-16
未找到文件。
app/controllers/projects/clusters_controller.rb
浏览文件 @
e9d05a2c
class
Projects::ClustersController
<
Projects
::
ApplicationController
# before_action :authenticate_google_api
before_action
:cluster
before_action
:authorize_google_api
,
except:
[
:login
]
# before_action :authorize_admin_clusters! # TODO: Authentication
def
login
begin
@authorize_url
=
api_client
.
authorize_url
rescue
GoogleApi
::
Authentication
::
ConfigMissingError
end
end
def
index
if
cluster
redirect_to
action:
'edit'
...
...
@@ -12,97 +18,54 @@ class Projects::ClustersController < Projects::ApplicationController
end
end
##
# TODO:
# - Show form for "Create on Google Container Engine"
# - Show form for "Use existing kubernets cluster"
# - If user has not authroized yet, Show "Sign in with Google" button
# - If user has already authroized, Skip "Sign in with Google" button
# - user.is_authenticated_for_gcp?
# - user.authenticate_for_gcp!
# - Create this module which can be used from view
def
new
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
@authorize_url
=
api_client
.
authorize_url
end
end
##
# TODO:
# - If create on GKE, Use Google::Apis::ContainerV1::ContainerService
# - If create manually, save in db (Prob, Project > Setting)
# - Dry up with Service
# - Transaction
# - Sidekiq
def
create
if
params
[
'creation_type'
]
==
'on_gke'
# Create a cluster on GKE
operation
=
api_client
.
projects_zones_clusters_create
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
],
cluster_size:
params
[
'cluster_size'
],
machine_type:
params
[
'machine_type'
]
)
# wait_operation_done
if
operation
&
.
operation_type
==
'CREATE_CLUSTER'
api_client
.
wait_operation_done
(
operation
.
self_link
)
else
raise
"TODO: ERROR"
end
# Create a cluster on GKE
operation
=
api_client
.
projects_zones_clusters_create
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
],
cluster_size:
params
[
'cluster_size'
],
machine_type:
params
[
'machine_type'
]
)
# wait_operation_done
if
operation
&
.
operation_type
==
'CREATE_CLUSTER'
api_client
.
wait_operation_done
(
operation
.
self_link
)
else
raise
"TODO: ERROR"
end
# Get cluster details (end point, etc)
gke_cluster
=
api_client
.
projects_zones_clusters_get
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
]
# Get cluster details (end point, etc)
gke_cluster
=
api_client
.
projects_zones_clusters_get
(
params
[
'gcp_project_id'
],
params
[
'cluster_zone'
],
params
[
'cluster_name'
]
)
# Update service
kubernetes_service
.
attributes
=
service_params
(
active:
true
,
api_url:
gke_cluster
.
endpoint
,
ca_pem:
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
),
namespace:
params
[
'project_namespace'
],
token:
'aaa'
# TODO: username/password
)
# Update service
kubernetes_service
.
attributes
=
service_params
(
active:
true
,
api_url:
gke_cluster
.
endpoint
,
ca_pem:
Base64
.
decode64
(
gke_cluster
.
master_auth
.
cluster_ca_certificate
),
namespace:
params
[
'project_namespace'
],
token:
'aaa'
# TODO: username/password
)
kubernetes_service
.
save!
# Save info
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
gcp_project_id:
params
[
'gcp_project_id'
],
cluster_zone:
params
[
'cluster_zone'
],
cluster_name:
params
[
'cluster_name'
],
service:
kubernetes_service
)
elsif
params
[
'creation_type'
]
==
'manual'
# TODO: Transaction
project
.
kubernetes_service
.
save
(
end_point:
params
[
'end_point'
],
ca_cert:
params
[
'ca_cert'
],
token:
params
[
'token'
],
username:
params
[
'username'
],
password:
params
[
'password'
],
project_namespace:
params
[
'project_namespace'
]
)
kubernetes_service
.
save!
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
kubernetes_service:
project
.
kubernetes_service
)
end
# Save info
project
.
clusters
.
create
(
creation_type:
params
[
'creation_type'
],
gcp_project_id:
params
[
'gcp_project_id'
],
cluster_zone:
params
[
'cluster_zone'
],
cluster_name:
params
[
'cluster_name'
],
service:
kubernetes_service
)
redirect_to
action:
'index'
end
# TODO: Show results/status. Edits Swtich for enable/disable.
# If created with GKE, non-editable form. enable/disable switch.
# If created manually, editable form. enable/disable switch.
# GKE params are on-off swtich
# Manul params are on-off swtich, Endpoint, CACert, k8s Token, Proj namespace.
def
edit
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
@authorize_url
=
api_client
.
authorize_url
render
:edit
end
# TODO: If on, do we override parameter?
# TODO: If off, do we override parameter?
end
def
update
...
...
@@ -110,40 +73,13 @@ class Projects::ClustersController < Projects::ApplicationController
render
:edit
end
# In presenter
# TODO: Generate a link to the cluster on GKE
def
gcp_projects
# api_client.blah
# TODO: Return all avaiable GCP Projects.
# TODO: Return json
# TODO: Dry with concern
end
def
gke_zones
# api_client.blah
# TODO: Return all avaiable zones on GKE.
# TODO: Return json
# TODO: Dry with concern
end
private
# def authenticate_google_api
# if cluster&.on_gke? && session[access_token_key].blank?
# redirect_to api_client.authorize_url(callback_import_url)
# end
# end
def
cluster
# Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters
@cluster
||=
project
.
clusters
.
last
end
# def cluster_params
# params.require(:cluster).permit(:aaa)
# end
def
api_client
@api_client
||=
GoogleApi
::
CloudPlatform
::
Client
.
new
(
...
...
@@ -166,4 +102,10 @@ class Projects::ClustersController < Projects::ApplicationController
token:
token
}
end
def
authorize_google_api
unless
session
[
GoogleApi
::
CloudPlatform
::
Client
.
token_in_session
]
redirect_to
action:
'login'
end
end
end
app/models/ci/cluster.rb
浏览文件 @
e9d05a2c
...
...
@@ -6,10 +6,5 @@ module Ci
belongs_to
:owner
,
class_name:
'User'
belongs_to
:service
enum
creation_type:
{
unknown:
nil
,
on_gke:
1
,
manual:
2
}
end
end
app/views/projects/clusters/_form.html.haml
浏览文件 @
e9d05a2c
Create a new cluster
%br
Avaiable GCP project lists
%br
Avaiable zones
%br
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
creation_type:
'on_gke'
,
cluster_name:
"gke-test-creation
#{
Random
.
rand
(
100
)
}
"
,
gcp_project_id:
'xxx'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
%br
=
link_to
"Use existing kubernets cluster"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
creation_type:
'manual'
,
end_point:
'xxx.xxx.xxx.xxx'
,
ca_cert:
'xxx...xxx'
,
token:
'xxx'
,
project_namespace:
'aaa'
),
method: :post
=
link_to
"Create on Google Container Engine"
,
namespace_project_clusters_path
(
@project
.
namespace
,
@project
,
cluster_name:
"gke-test-creation
#{
Random
.
rand
(
100
)
}
"
,
gcp_project_id:
'gitlab-internal-153318'
,
cluster_zone:
'us-central1-a'
,
cluster_size:
'1'
,
project_namespace:
'aaa'
,
machine_type:
'???'
),
method: :post
app/views/projects/clusters/_login.html.haml
已删除
100644 → 0
浏览文件 @
99009334
Login
%p
=
link_to
(
"authenticate from here"
,
@authorize_url
)
app/views/projects/clusters/edit.html.haml
浏览文件 @
e9d05a2c
edit/show cluster
-
if
@authorize_url
=
render
"login"
-
else
=
@cluster
.
inspect
\ No newline at end of file
%br
=
@cluster
.
inspect
app/views/projects/clusters/login.html.haml
0 → 100644
浏览文件 @
e9d05a2c
Login
%br
-
if
@authorize_url
=
link_to
(
"authenticate from here"
,
@authorize_url
)
-
else
You have not configrued GitLab properly. So we can not proceed authentication. Please check if you have set up omniauth->providers->google_oauth2 in gitlab.yml
app/views/projects/clusters/new.html.haml
浏览文件 @
e9d05a2c
-
if
@authorize_url
=
render
"login"
-
else
=
render
"form"
Create a cluster
%br
=
render
"form"
changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
已删除
100644 → 0
浏览文件 @
99009334
---
title
:
Bump google-api-client Gem from 0.8.6 to 0.13.6
merge_request
:
author
:
type
:
other
config/routes/project.rb
浏览文件 @
e9d05a2c
...
...
@@ -185,8 +185,7 @@ constraints(ProjectUrlConstrainer.new) do
resources
:clusters
,
except:
[
:edit
,
:show
,
:destroy
]
do
collection
do
get
:gcp_projects
# TODO: This doesn't belong here. Grape or under user. Hint. Serilizer
get
:gke_zones
get
:login
get
:edit
end
end
...
...
db/migrate/20170924094327_create_ci_clusters.rb
浏览文件 @
e9d05a2c
...
...
@@ -9,7 +9,6 @@ class CreateCiClusters < ActiveRecord::Migration
# General
t
.
boolean
:enabled
,
default:
true
t
.
integer
:creation_type
# manual or on_gke
# k8s integration specific
t
.
string
:project_namespace
...
...
@@ -30,14 +29,6 @@ class CreateCiClusters < ActiveRecord::Migration
t
.
datetime_with_timezone
:updated_at
,
null:
false
end
# create_table :ci_gke_clusters do |t|
# t.integer :ci_cluster_id
# t.string :gcp_project_id
# t.string :cluster_zone
# t.string :cluster_name
# end
# add_foreign_key :ci_gke_clusters, :ci_clusters
# TODO: fk, index, encypt
add_foreign_key
:ci_clusters
,
:projects
...
...
db/schema.rb
浏览文件 @
e9d05a2c
...
...
@@ -272,7 +272,6 @@ ActiveRecord::Schema.define(version: 20170924094327) do
t
.
integer
"owner_id"
t
.
integer
"service_id"
t
.
boolean
"enabled"
,
default:
true
t
.
integer
"creation_type"
t
.
string
"project_namespace"
t
.
string
"end_point"
t
.
text
"ca_cert"
...
...
lib/google_api/authentication.rb
浏览文件 @
e9d05a2c
...
...
@@ -2,28 +2,14 @@ module GoogleApi
class
Authentication
attr_reader
:access_token
,
:redirect_uri
,
:state
ConfigMissingError
=
Class
.
new
(
StandardError
)
def
initialize
(
access_token
,
redirect_uri
,
state:
nil
)
@access_token
=
access_token
@redirect_uri
=
redirect_uri
@state
=
state
end
def
client
return
@client
if
defined?
(
@client
)
unless
config
raise
'OAuth configuration for google_oauth2 missing.'
end
@client
=
::
OAuth2
::
Client
.
new
(
config
.
app_id
,
config
.
app_secret
,
site:
'https://accounts.google.com'
,
token_url:
'/o/oauth2/token'
,
authorize_url:
'/o/oauth2/auth'
)
end
def
authorize_url
client
.
auth_code
.
authorize_url
(
redirect_uri:
redirect_uri
,
...
...
@@ -47,5 +33,21 @@ module GoogleApi
def
config
Gitlab
.
config
.
omniauth
.
providers
.
find
{
|
provider
|
provider
.
name
==
"google_oauth2"
}
end
def
client
return
@client
if
defined?
(
@client
)
unless
config
raise
ConfigMissingError
end
@client
=
::
OAuth2
::
Client
.
new
(
config
.
app_id
,
config
.
app_secret
,
site:
'https://accounts.google.com'
,
token_url:
'/o/oauth2/token'
,
authorize_url:
'/o/oauth2/auth'
)
end
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录