diff options
4 files changed, 68 insertions, 221 deletions
diff --git a/app/controllers/projects/clusters/gcp_controller.rb b/app/controllers/projects/clusters/gcp_controller.rb index 5e909a57345..66fcceccb37 100644 --- a/app/controllers/projects/clusters/gcp_controller.rb +++ b/app/controllers/projects/clusters/gcp_controller.rb @@ -50,14 +50,6 @@ class Projects::Clusters::GcpController < Projects::ApplicationController ) end - def update_params - params.require(:cluster).permit( - :enabled, - platform_kubernetes_attributes: [ - :namespace - ]) - end - def authorize_google_api unless GoogleApi::CloudPlatform::Client.new(token_in_session, nil) .validate_token(expires_at_in_session) diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb index ab32930a434..3c8cecc6425 100644 --- a/app/controllers/projects/clusters_controller.rb +++ b/app/controllers/projects/clusters_controller.rb @@ -77,7 +77,7 @@ class Projects::ClustersController < Projects::ApplicationController :token, :ca_cert, :namespace - ] + ] ) end end diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml index ff638f17ffc..8b2d2a5c74d 100644 --- a/app/views/layouts/nav/sidebar/_project.html.haml +++ b/app/views/layouts/nav/sidebar/_project.html.haml @@ -146,7 +146,7 @@ = number_with_delimiter(@project.open_merge_requests_count) - if project_nav_tab? :pipelines - = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts, :clusters]) do + = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts, :clusters, :user, :gcp]) do = link_to project_pipelines_path(@project), class: 'shortcuts-pipelines' do .nav-icon-container = sprite_icon('pipeline') @@ -154,7 +154,7 @@ CI / CD %ul.sidebar-sub-level-items - = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts, :clusters, :kubernetes, :gcp], html_options: { class: "fly-out-top-item" } ) do + = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts, :clusters, :user, :gcp], html_options: { class: "fly-out-top-item" } ) do = link_to project_pipelines_path(@project) do %strong.fly-out-top-item-name #{ _('CI / CD') } @@ -184,7 +184,7 @@ Environments - if project_nav_tab? :clusters - = nav_link(controller: [:clusters, :kubernetes, :gcp]) do + = nav_link(controller: [:clusters, :user, :gcp]) do = link_to project_clusters_path(@project), title: 'Cluster', class: 'shortcuts-cluster' do %span Cluster diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb index ca2bcb2b5ae..5b3bac59bca 100644 --- a/spec/controllers/projects/clusters_controller_spec.rb +++ b/spec/controllers/projects/clusters_controller_spec.rb @@ -4,6 +4,8 @@ describe Projects::ClustersController do include AccessMatchersForController include GoogleApi::CloudPlatformHelpers + set(:project) { create(:project) } + describe 'GET index' do describe 'functionality' do let(:user) { create(:user) } @@ -14,22 +16,20 @@ describe Projects::ClustersController do end context 'when project has a cluster' do - let(:cluster) { create(:cluster, :project, :provided_by_gcp) } - let(:project) { cluster.project } + let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } it { expect(go).to redirect_to(project_cluster_path(project, project.cluster)) } end context 'when project does not have a cluster' do - let(:project) { create(:project) } + let(:cluster) { create(:cluster, :provided_by_gcp) } it { expect(go).to redirect_to(new_project_cluster_path(project)) } end end describe 'security' do - let(:cluster) { create(:cluster, :project, :provided_by_gcp) } - let(:project) { cluster.project } + let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } it { expect { go }.to be_allowed_for(:admin) } it { expect { go }.to be_allowed_for(:owner).of(project) } @@ -46,198 +46,8 @@ describe Projects::ClustersController do end end - describe 'GET login' do - let(:project) { create(:project) } - - describe 'functionality' do - let(:user) { create(:user) } - - before do - project.add_master(user) - sign_in(user) - end - - context 'when omniauth has been configured' do - let(:key) { 'secere-key' } - - let(:session_key_for_redirect_uri) do - GoogleApi::CloudPlatform::Client.session_key_for_redirect_uri(key) - end - - before do - allow(SecureRandom).to receive(:hex).and_return(key) - end - - it 'has authorize_url' do - go - - expect(assigns(:authorize_url)).to include(key) - expect(session[session_key_for_redirect_uri]).to eq(providers_gcp_new_project_clusters_url(project)) - end - end - - context 'when omniauth has not configured' do - before do - stub_omniauth_setting(providers: []) - end - - it 'does not have authorize_url' do - go - - expect(assigns(:authorize_url)).to be_nil - end - end - end - - describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } - it { expect { go }.to be_allowed_for(:owner).of(project) } - it { expect { go }.to be_allowed_for(:master).of(project) } - it { expect { go }.to be_denied_for(:developer).of(project) } - it { expect { go }.to be_denied_for(:reporter).of(project) } - it { expect { go }.to be_denied_for(:guest).of(project) } - it { expect { go }.to be_denied_for(:user) } - it { expect { go }.to be_denied_for(:external) } - end - - def go - get :login, namespace_id: project.namespace, project_id: project - end - end - - shared_examples 'requires to login' do - it 'redirects to create a cluster' do - subject - - expect(response).to redirect_to(login_project_clusters_path(project)) - end - end - - describe 'GET new_gcp' do - let(:project) { create(:project) } - - describe 'functionality' do - let(:user) { create(:user) } - - before do - project.add_master(user) - sign_in(user) - end - - context 'when access token is valid' do - before do - stub_google_api_validate_token - end - - it 'has new object' do - go - - expect(assigns(:cluster)).to be_an_instance_of(Clusters::Cluster) - end - end - - context 'when access token is expired' do - before do - stub_google_api_expired_token - end - - it { expect(go).to redirect_to(login_project_clusters_path(project)) } - end - - context 'when access token is not stored in session' do - it { expect(go).to redirect_to(login_project_clusters_path(project)) } - end - end - - describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } - it { expect { go }.to be_allowed_for(:owner).of(project) } - it { expect { go }.to be_allowed_for(:master).of(project) } - it { expect { go }.to be_denied_for(:developer).of(project) } - it { expect { go }.to be_denied_for(:reporter).of(project) } - it { expect { go }.to be_denied_for(:guest).of(project) } - it { expect { go }.to be_denied_for(:user) } - it { expect { go }.to be_denied_for(:external) } - end - - def go - get :new_gcp, namespace_id: project.namespace, project_id: project - end - end - - describe 'POST create' do - let(:project) { create(:project) } - - let(:params) do - { - cluster: { - name: 'new-cluster', - provider_type: :gcp, - provider_gcp_attributes: { - gcp_project_id: '111' - } - } - } - end - - describe 'functionality' do - let(:user) { create(:user) } - - before do - project.add_master(user) - sign_in(user) - end - - context 'when access token is valid' do - before do - stub_google_api_validate_token - end - - context 'when creates a cluster on gke' do - it 'creates a new cluster' do - expect(ClusterProvisionWorker).to receive(:perform_async) - expect { go }.to change { Clusters::Cluster.count } - expect(response).to redirect_to(project_cluster_path(project, project.cluster)) - end - end - end - - context 'when access token is expired' do - before do - stub_google_api_expired_token - end - - it 'redirects to login page' do - expect(go).to redirect_to(login_project_clusters_path(project)) - end - end - - context 'when access token is not stored in session' do - it 'redirects to login page' do - expect(go).to redirect_to(login_project_clusters_path(project)) - end - end - end - - describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } - it { expect { go }.to be_allowed_for(:owner).of(project) } - it { expect { go }.to be_allowed_for(:master).of(project) } - it { expect { go }.to be_denied_for(:developer).of(project) } - it { expect { go }.to be_denied_for(:reporter).of(project) } - it { expect { go }.to be_denied_for(:guest).of(project) } - it { expect { go }.to be_denied_for(:user) } - it { expect { go }.to be_denied_for(:external) } - end - - def go - post :create, params.merge(namespace_id: project.namespace, project_id: project) - end - end - describe 'GET status' do - let(:cluster) { create(:cluster, :project, :providing_by_gcp) } - let(:project) { cluster.project } + let(:cluster) { create(:cluster, :providing_by_gcp, projects: [project]) } describe 'functionality' do let(:user) { create(:user) } @@ -275,8 +85,7 @@ describe Projects::ClustersController do end describe 'GET show' do - let(:cluster) { create(:cluster, :project, :provided_by_gcp) } - let(:project) { cluster.project } + let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } describe 'functionality' do let(:user) { create(:user) } @@ -313,21 +122,66 @@ describe Projects::ClustersController do end describe 'PUT update' do - let(:cluster) { create(:cluster, :project, :provided_by_gcp) } - let(:project) { cluster.project } + context 'Managed' do + let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } - describe 'functionality' do - let(:user) { create(:user) } + describe 'functionality' do + let(:user) { create(:user) } + + before do + project.add_master(user) + sign_in(user) + end + + context 'when update enabled' do + let(:params) do + { + cluster: { enabled: false } + } + end + + it "updates and redirects back to show page" do + go + + cluster.reload + expect(response).to redirect_to(project_cluster_path(project, project.cluster)) + expect(flash[:notice]).to eq('Cluster was successfully updated.') + expect(cluster.enabled).to be_falsey + end + + context 'when cluster is being created' do + let(:cluster) { create(:cluster, :providing_by_gcp, projects: [project]) } + + it "rejects changes" do + go + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:show) + expect(cluster.enabled).to be_truthy + end + end + end + end + end + + context 'User' do + let(:cluster) { create(:cluster, :provided_by_user, projects: [project]) } + let(:user) { create(:user) } before do project.add_master(user) sign_in(user) end - context 'when update enabled' do + context 'when changing parameters' do let(:params) do { - cluster: { enabled: false } + cluster: { + enabled: false, name: 'my-new-cluster-name', + platform_kubernetes_attributes: [ + namespace: 'my-namespace' + ] + } } end @@ -338,10 +192,12 @@ describe Projects::ClustersController do expect(response).to redirect_to(project_cluster_path(project, project.cluster)) expect(flash[:notice]).to eq('Cluster was successfully updated.') expect(cluster.enabled).to be_falsey + expect(cluster.name).to eq('my-new-cluster-name') + expect(cluster.platform_kubernetes.namespace).to eq('my-namespace') end context 'when cluster is being created' do - let(:cluster) { create(:cluster, :project, :providing_by_gcp) } + let(:cluster) { create(:cluster, :providing_by_gcp, projects: [project]) } it "rejects changes" do go @@ -379,8 +235,7 @@ describe Projects::ClustersController do end describe 'delete update' do - let(:cluster) { create(:cluster, :project, :provided_by_gcp) } - let(:project) { cluster.project } + let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } describe 'functionality' do let(:user) { create(:user) } @@ -401,7 +256,7 @@ describe Projects::ClustersController do end context 'when cluster is being created' do - let(:cluster) { create(:cluster, :project, :providing_by_gcp) } + let(:cluster) { create(:cluster, :providing_by_gcp, projects: [project]) } it "destroys and redirects back to clusters list" do expect { go } @@ -414,7 +269,7 @@ describe Projects::ClustersController do end context 'when provider is user' do - let(:cluster) { create(:cluster, :project, :provided_by_user) } + let(:cluster) { create(:cluster, :provided_by_user, projects: [project]) } it "destroys and redirects back to clusters list" do expect { go } |