Add login root. Remove ceration type.

e9d05a2c · Shinya Maeda · 99009334 · e9d05a2c · e9d05a2c · e9d05a2c
12 changed file
--- a/app/controllers/projects/clusters_controller.rb
+++ b/app/controllers/projects/clusters_controller.rb
 class Projects::ClustersController < Projects::ApplicationController
-  # before_action :authenticate_google_api
  before_action :cluster
-
+  before_action :authorize_google_api, except: [:login]
  # before_action :authorize_admin_clusters! # TODO: Authentication

+  def login
+    begin
+      @authorize_url = api_client.authorize_url
+    rescue GoogleApi::Authentication::ConfigMissingError
+    end
+  end
+
  def index
    if cluster
      redirect_to action: 'edit'
@@ -12,97 +18,54 @@ class Projects::ClustersController < Projects::ApplicationController
    end
  end

-  ##
-  # TODO: 
-  # - Show form for "Create on Google Container Engine"
-  # - Show form for "Use existing kubernets cluster"
-  # - If user has not authroized yet, Show "Sign in with Google" button
-  # - If user has already authroized, Skip "Sign in with Google" button
-  # - user.is_authenticated_for_gcp?
-  # - user.authenticate_for_gcp!
-  # - Create this module which can be used from view
  def new
-    unless session[GoogleApi::CloudPlatform::Client.token_in_session]
-      @authorize_url = api_client.authorize_url
-    end
  end

-  ##
-  # TODO: 
-  # - If create on GKE, Use Google::Apis::ContainerV1::ContainerService
-  # - If create manually, save in db (Prob, Project > Setting)
-  # - Dry up with Service
-  # - Transaction
-  # - Sidekiq
  def create
-    if params['creation_type'] == 'on_gke'
-      # Create a cluster on GKE
-      operation = api_client.projects_zones_clusters_create(
-        params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],
-        cluster_size: params['cluster_size'], machine_type: params['machine_type']
-      )
-
-      # wait_operation_done
-      if operation&.operation_type == 'CREATE_CLUSTER'
-        api_client.wait_operation_done(operation.self_link)
-      else
-        raise "TODO: ERROR"
-      end
+    # Create a cluster on GKE
+    operation = api_client.projects_zones_clusters_create(
+      params['gcp_project_id'], params['cluster_zone'], params['cluster_name'],
+      cluster_size: params['cluster_size'], machine_type: params['machine_type']
+    )
+
+    # wait_operation_done
+    if operation&.operation_type == 'CREATE_CLUSTER'
+      api_client.wait_operation_done(operation.self_link)
+    else
+      raise "TODO: ERROR"
+    end

-      # Get cluster details (end point, etc)
-      gke_cluster = api_client.projects_zones_clusters_get(
-        params['gcp_project_id'], params['cluster_zone'], params['cluster_name']
+    # Get cluster details (end point, etc)
+    gke_cluster = api_client.projects_zones_clusters_get(
+      params['gcp_project_id'], params['cluster_zone'], params['cluster_name']
+    )
+
+    # Update service
+    kubernetes_service.attributes = service_params(
+        active: true,
+        api_url: gke_cluster.endpoint,
+        ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
+        namespace: params['project_namespace'],
+        token: 'aaa' # TODO: username/password
      )

-      # Update service
-      kubernetes_service.attributes = service_params(
-          active: true,
-          api_url: gke_cluster.endpoint,
-          ca_pem: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
-          namespace: params['project_namespace'],
-          token: 'aaa' # TODO: username/password
-        )
-
-      kubernetes_service.save!
-
-      # Save info
-      project.clusters.create(
-        creation_type: params['creation_type'],
-        gcp_project_id: params['gcp_project_id'],
-        cluster_zone: params['cluster_zone'],
-        cluster_name: params['cluster_name'],
-        service: kubernetes_service
-      )
-    elsif params['creation_type'] == 'manual'
-      # TODO: Transaction
-      project.kubernetes_service.save(
-        end_point: params['end_point'],
-        ca_cert: params['ca_cert'],
-        token: params['token'],
-        username: params['username'],
-        password: params['password'],
-        project_namespace: params['project_namespace']
-      )
+    kubernetes_service.save!

-      project.clusters.create(
-        creation_type: params['creation_type'],
-        kubernetes_service: project.kubernetes_service
-      )
-    end
+    # Save info
+    project.clusters.create(
+      creation_type: params['creation_type'],
+      gcp_project_id: params['gcp_project_id'],
+      cluster_zone: params['cluster_zone'],
+      cluster_name: params['cluster_name'],
+      service: kubernetes_service
+    )

    redirect_to action: 'index'
  end

-  # TODO: Show results/status. Edits Swtich for enable/disable.
-  # If created with GKE, non-editable form. enable/disable switch.
-  # If created manually, editable form. enable/disable switch.
-  # GKE params are   on-off swtich
-  # Manul params are on-off swtich, Endpoint, CACert, k8s Token, Proj namespace.
  def edit
-    unless session[GoogleApi::CloudPlatform::Client.token_in_session]
-      @authorize_url = api_client.authorize_url
-      render :edit
-    end
+    # TODO: If on, do we override parameter?
+    # TODO: If off, do we override parameter?
  end

  def update
@@ -110,40 +73,13 @@ class Projects::ClustersController < Projects::ApplicationController
    render :edit
  end

-  # In presenter
-  # TODO: Generate a link to the cluster on GKE
-
-  def gcp_projects
-    # api_client.blah
-    # TODO: Return all avaiable GCP Projects.
-    # TODO: Return json
-    # TODO: Dry with concern
-  end
-
-  def gke_zones
-    # api_client.blah
-    # TODO: Return all avaiable zones on GKE.
-    # TODO: Return json
-    # TODO: Dry with concern
-  end
-
  private

-  # def authenticate_google_api
-  #   if cluster&.on_gke? && session[access_token_key].blank?
-  #     redirect_to api_client.authorize_url(callback_import_url)
-  #   end
-  # end
-
  def cluster
    # Each project has only one cluster, for now. In the future iteraiton, we'll support multiple clusters
    @cluster ||= project.clusters.last
  end

-  # def cluster_params
-  #   params.require(:cluster).permit(:aaa)
-  # end
-
  def api_client
    @api_client ||=
      GoogleApi::CloudPlatform::Client.new(
@@ -166,4 +102,10 @@ class Projects::ClustersController < Projects::ApplicationController
      token: token
    }
  end
+
+  def authorize_google_api
+    unless session[GoogleApi::CloudPlatform::Client.token_in_session]
+      redirect_to action: 'login'
+    end
+  end
 end
--- a/app/models/ci/cluster.rb
+++ b/app/models/ci/cluster.rb
@@ -6,10 +6,5 @@ module Ci
    belongs_to :owner, class_name: 'User'
    belongs_to :service

-    enum creation_type: {
-      unknown: nil,
-      on_gke: 1,
-      manual: 2
-    }    
  end
 end
--- a/app/views/projects/clusters/_form.html.haml
+++ b/app/views/projects/clusters/_form.html.haml
 Create a new cluster
 %br
-Avaiable GCP project lists
-%br
-Avaiable zones
-%br
-= link_to "Create on Google Container Engine", namespace_project_clusters_path(@project.namespace, @project, creation_type: 'on_gke', cluster_name: "gke-test-creation#{Random.rand(100)}", gcp_project_id: 'xxx', cluster_zone: 'us-central1-a', cluster_size: '1', project_namespace: 'aaa', machine_type: '???'), method: :post
-%br
-= link_to "Use existing kubernets cluster", namespace_project_clusters_path(@project.namespace, @project, creation_type: 'manual', end_point: 'xxx.xxx.xxx.xxx', ca_cert: 'xxx...xxx', token: 'xxx', project_namespace: 'aaa'), method: :post
+= link_to "Create on Google Container Engine", namespace_project_clusters_path(@project.namespace, @project, cluster_name: "gke-test-creation#{Random.rand(100)}", gcp_project_id: 'gitlab-internal-153318', cluster_zone: 'us-central1-a', cluster_size: '1', project_namespace: 'aaa', machine_type: '???'), method: :post
--- a/app/views/projects/clusters/_login.html.haml
+++ b/app/views/projects/clusters/_login.html.haml
-Login
-%p= link_to("authenticate from here", @authorize_url)
--- a/app/views/projects/clusters/edit.html.haml
+++ b/app/views/projects/clusters/edit.html.haml
 edit/show cluster
-
- if @authorize_url
-  = render "login"
- else
-  = @cluster.inspect
\ No newline at end of file
+%br
+= @cluster.inspect
--- a/app/views/projects/clusters/login.html.haml
+++ b/app/views/projects/clusters/login.html.haml
+Login
+%br
+- if @authorize_url
+  = link_to("authenticate from here", @authorize_url)
+- else
+  You have not configrued GitLab properly. So we can not proceed authentication. Please check if you have set up omniauth->providers->google_oauth2 in gitlab.yml
--- a/app/views/projects/clusters/new.html.haml
+++ b/app/views/projects/clusters/new.html.haml
- if @authorize_url
-  = render "login"
- else
-  = render "form"
+Create a cluster
+%br
+= render "form"
--- a/changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
+++ b/changelogs/unreleased/gem-sm-bump-google-api-client-gem-from-0-8-6-to-0-13-6.yml
---
-title: Bump google-api-client Gem from 0.8.6 to 0.13.6
-merge_request: 
-author:
-type: other
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -185,8 +185,7 @@ constraints(ProjectUrlConstrainer.new) do

      resources :clusters, except: [:edit, :show, :destroy] do
        collection do
-          get :gcp_projects # TODO: This doesn't belong here. Grape or under user. Hint. Serilizer
-          get :gke_zones
+          get :login
          get :edit
        end
      end

--- a/db/migrate/20170924094327_create_ci_clusters.rb
+++ b/db/migrate/20170924094327_create_ci_clusters.rb
@@ -9,7 +9,6 @@ class CreateCiClusters < ActiveRecord::Migration

      # General
      t.boolean :enabled, default: true
-      t.integer :creation_type # manual or on_gke

      # k8s integration specific
      t.string :project_namespace
@@ -30,14 +29,6 @@ class CreateCiClusters < ActiveRecord::Migration
      t.datetime_with_timezone :updated_at, null: false
    end

-    # create_table :ci_gke_clusters do |t|
-    #   t.integer :ci_cluster_id
-    #   t.string :gcp_project_id
-    #   t.string :cluster_zone
-    #   t.string :cluster_name
-    # end
-    # add_foreign_key :ci_gke_clusters, :ci_clusters
-
    # TODO: fk, index, encypt

    add_foreign_key :ci_clusters, :projects

--- a/db/schema.rb
+++ b/db/schema.rb
@@ -272,7 +272,6 @@ ActiveRecord::Schema.define(version: 20170924094327) do
    t.integer "owner_id"
    t.integer "service_id"
    t.boolean "enabled", default: true
-    t.integer "creation_type"
    t.string "project_namespace"
    t.string "end_point"
    t.text "ca_cert"

--- a/lib/google_api/authentication.rb
+++ b/lib/google_api/authentication.rb
@@ -2,28 +2,14 @@ module GoogleApi
  class Authentication
    attr_reader :access_token, :redirect_uri, :state

+    ConfigMissingError = Class.new(StandardError)
+
    def initialize(access_token, redirect_uri, state: nil)
      @access_token = access_token
      @redirect_uri = redirect_uri
      @state = state
    end

-    def client
-      return @client if defined?(@client)
-
-      unless config
-        raise 'OAuth configuration for google_oauth2 missing.'
-      end
-
-      @client = ::OAuth2::Client.new(
-        config.app_id,
-        config.app_secret,
-        site: 'https://accounts.google.com',
-        token_url: '/o/oauth2/token', 
-        authorize_url: '/o/oauth2/auth'
-      )
-    end
-
    def authorize_url
      client.auth_code.authorize_url(
        redirect_uri: redirect_uri,
@@ -47,5 +33,21 @@ module GoogleApi
    def config
      Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" }
    end
+
+    def client
+      return @client if defined?(@client)
+
+      unless config
+        raise ConfigMissingError
+      end
+
+      @client = ::OAuth2::Client.new(
+        config.app_id,
+        config.app_secret,
+        site: 'https://accounts.google.com',
+        token_url: '/o/oauth2/token', 
+        authorize_url: '/o/oauth2/auth'
+      )
+    end
  end
 end