diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
commit | 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch) | |
tree | 544930fb309b30317ae9797a9683768705d664c4 /app/services/clusters | |
parent | 4b1de649d0168371549608993deac953eb692019 (diff) |
Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42
Diffstat (limited to 'app/services/clusters')
3 files changed, 35 insertions, 4 deletions
diff --git a/app/services/clusters/applications/prometheus_health_check_service.rb b/app/services/clusters/applications/prometheus_health_check_service.rb index e609d9f0b7b..eda47f56e72 100644 --- a/app/services/clusters/applications/prometheus_health_check_service.rb +++ b/app/services/clusters/applications/prometheus_health_check_service.rb @@ -63,8 +63,10 @@ module Clusters def send_notification(project) notification_payload = build_notification_payload(project) - token = project.alerts_service.data.token - Projects::Alerting::NotifyService.new(project, nil, notification_payload).execute(token) + integration = project.alert_management_http_integrations.active.first + + Projects::Alerting::NotifyService.new(project, notification_payload).execute(integration&.token, integration) + @logger.info(message: 'Successfully notified of Prometheus newly unhealthy', cluster_id: @cluster.id, project_id: project.id) end diff --git a/app/services/clusters/aws/authorize_role_service.rb b/app/services/clusters/aws/authorize_role_service.rb index 188c4aebc5f..7ca20289bf7 100644 --- a/app/services/clusters/aws/authorize_role_service.rb +++ b/app/services/clusters/aws/authorize_role_service.rb @@ -29,7 +29,7 @@ module Clusters rescue *ERRORS => e Gitlab::ErrorTracking.track_exception(e) - Response.new(:unprocessable_entity, {}) + Response.new(:unprocessable_entity, response_details(e)) end private @@ -47,6 +47,28 @@ module Clusters def credentials Clusters::Aws::FetchCredentialsService.new(role).execute end + + def response_details(exception) + message = + case exception + when ::Aws::STS::Errors::AccessDenied + _("Access denied: %{error}") % { error: exception.message } + when ::Aws::STS::Errors::ServiceError + _("AWS service error: %{error}") % { error: exception.message } + when ActiveRecord::RecordNotFound + _("Error: Unable to find AWS role for current user") + when ActiveRecord::RecordInvalid + exception.message + when Clusters::Aws::FetchCredentialsService::MissingRoleError + _("Error: No AWS provision role found for user") + when ::Aws::Errors::MissingCredentialsError + _("Error: No AWS credentials were supplied") + else + _('An error occurred while authorizing your role') + end + + { message: message }.compact + end end end end diff --git a/app/services/clusters/aws/fetch_credentials_service.rb b/app/services/clusters/aws/fetch_credentials_service.rb index 96abbb43969..497e676f549 100644 --- a/app/services/clusters/aws/fetch_credentials_service.rb +++ b/app/services/clusters/aws/fetch_credentials_service.rb @@ -30,10 +30,17 @@ module Clusters attr_reader :provider, :region def client - ::Aws::STS::Client.new(credentials: gitlab_credentials, region: region) + ::Aws::STS::Client.new(**client_args) + end + + def client_args + { region: region, credentials: gitlab_credentials }.compact end def gitlab_credentials + # These are not needed for IAM instance profiles + return unless access_key_id.present? && secret_access_key.present? + ::Aws::Credentials.new(access_key_id, secret_access_key) end |