Port UpgradeCommand to CE

This is a utility class that we will need in the future to update and upgrade our managed helm applications, which we do plan to do in CE.
author: Thong Kuah <tkuah@gitlab.com> 2018-09-27 16:00:59 +1200
committer: Thong Kuah <tkuah@gitlab.com> 2018-09-27 18:15:04 +1200
commit: e6fd3f1986b4588bfa94d57dbf2b3b1bd5948b8a (patch)
tree: 202109fff59b701f218dbb5c401e5e58fa7d65e8
parent: 4392ad80d4c72dcd52cf381a32c428656d2aaa77 (diff)
download: gitlab-ce-e6fd3f1986b4588bfa94d57dbf2b3b1bd5948b8a.tar.gz
2 files changed, 207 insertions, 0 deletions
diff --git a/lib/gitlab/kubernetes/helm/upgrade_command.rb b/lib/gitlab/kubernetes/helm/upgrade_command.rb
new file mode 100644
index 00000000000..74188046739
--- /dev/null
+++ b/lib/gitlab/kubernetes/helm/upgrade_command.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Kubernetes
+    module Helm
+      class UpgradeCommand
+        include BaseCommand
+
+        attr_reader :name, :chart, :version, :repository, :files
+
+        def initialize(name, chart:, files:, rbac:, version: nil, repository: nil)
+          @name = name
+          @chart = chart
+          @rbac = rbac
+          @version = version
+          @files = files
+          @repository = repository
+        end
+
+        def generate_script
+          super + [
+            init_command,
+            repository_command,
+            script_command
+          ].compact.join("\n")
+        end
+
+        def rbac?
+          @rbac
+        end
+
+        def pod_name
+          "upgrade-#{name}"
+        end
+
+        private
+
+        def init_command
+          'helm init --client-only >/dev/null'
+        end
+
+        def repository_command
+          "helm repo add #{name} #{repository}" if repository
+        end
+
+        def script_command
+          upgrade_flags = "#{optional_version_flag}#{optional_tls_flags}" \
+            " --reset-values" \
+            " --install" \
+            " --namespace #{::Gitlab::Kubernetes::Helm::NAMESPACE}" \
+            " -f /data/helm/#{name}/config/values.yaml"
+
+          "helm upgrade #{name} #{chart}#{upgrade_flags} >/dev/null\n"
+        end
+
+        def optional_version_flag
+          " --version #{version}" if version
+        end
+
+        def optional_tls_flags
+          return unless files.key?(:'ca.pem')
+
+          " --tls" \
+            " --tls-ca-cert #{files_dir}/ca.pem" \
+            " --tls-cert #{files_dir}/cert.pem" \
+            " --tls-key #{files_dir}/key.pem"
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/kubernetes/helm/upgrade_command_spec.rb b/spec/lib/gitlab/kubernetes/helm/upgrade_command_spec.rb
new file mode 100644
index 00000000000..3dabf04413e
--- /dev/null
+++ b/spec/lib/gitlab/kubernetes/helm/upgrade_command_spec.rb
@@ -0,0 +1,136 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Gitlab::Kubernetes::Helm::UpgradeCommand do
+  let(:application) { build(:clusters_applications_prometheus) }
+  let(:files) { { 'ca.pem': 'some file content' } }
+  let(:namespace) { ::Gitlab::Kubernetes::Helm::NAMESPACE }
+  let(:rbac) { false }
+  let(:upgrade_command) do
+    described_class.new(
+      application.name,
+      chart: application.chart,
+      files: files,
+      rbac: rbac
+    )
+  end
+
+  subject { upgrade_command }
+
+  it_behaves_like 'helm commands' do
+    let(:commands) do
+      <<~EOS
+         helm init --client-only >/dev/null
+         helm upgrade #{application.name} #{application.chart} --tls --tls-ca-cert /data/helm/#{application.name}/config/ca.pem --tls-cert /data/helm/#{application.name}/config/cert.pem --tls-key /data/helm/#{application.name}/config/key.pem --reset-values --install --namespace #{namespace} -f /data/helm/#{application.name}/config/values.yaml >/dev/null
+      EOS
+    end
+  end
+
+  context 'rbac is true' do
+    let(:rbac) { true }
+
+    it_behaves_like 'helm commands' do
+      let(:commands) do
+        <<~EOS
+         helm init --client-only >/dev/null
+         helm upgrade #{application.name} #{application.chart} --tls --tls-ca-cert /data/helm/#{application.name}/config/ca.pem --tls-cert /data/helm/#{application.name}/config/cert.pem --tls-key /data/helm/#{application.name}/config/key.pem --reset-values --install --namespace #{namespace} -f /data/helm/#{application.name}/config/values.yaml >/dev/null
+        EOS
+      end
+    end
+  end
+
+  context 'with an application with a repository' do
+    let(:ci_runner) { create(:ci_runner) }
+    let(:application) { build(:clusters_applications_runner, runner: ci_runner) }
+    let(:upgrade_command) do
+      described_class.new(
+        application.name,
+        chart: application.chart,
+        files: files,
+        rbac: rbac,
+        repository: application.repository
+      )
+    end
+
+    it_behaves_like 'helm commands' do
+      let(:commands) do
+        <<~EOS
+           helm init --client-only >/dev/null
+           helm repo add #{application.name} #{application.repository}
+           helm upgrade #{application.name} #{application.chart} --tls --tls-ca-cert /data/helm/#{application.name}/config/ca.pem --tls-cert /data/helm/#{application.name}/config/cert.pem --tls-key /data/helm/#{application.name}/config/key.pem --reset-values --install --namespace #{namespace} -f /data/helm/#{application.name}/config/values.yaml >/dev/null
+        EOS
+      end
+    end
+  end
+
+  context 'when there is no ca.pem file' do
+    let(:files) { { 'file.txt': 'some content' } }
+
+    it_behaves_like 'helm commands' do
+      let(:commands) do
+        <<~EOS
+         helm init --client-only >/dev/null
+         helm upgrade #{application.name} #{application.chart} --reset-values --install --namespace #{namespace} -f /data/helm/#{application.name}/config/values.yaml >/dev/null
+        EOS
+      end
+    end
+  end
+
+  describe '#pod_resource' do
+    subject { upgrade_command.pod_resource }
+
+    context 'rbac is enabled' do
+      let(:rbac) { true }
+
+      it 'generates a pod that uses the tiller serviceAccountName' do
+        expect(subject.spec.serviceAccountName).to eq('tiller')
+      end
+    end
+
+    context 'rbac is not enabled' do
+      let(:rbac) { false }
+
+      it 'generates a pod that uses the default serviceAccountName' do
+        expect(subject.spec.serviceAcccountName).to be_nil
+      end
+    end
+  end
+
+  describe '#config_map_resource' do
+    let(:metadata) do
+      {
+        name: "values-content-configuration-#{application.name}",
+        namespace: namespace,
+        labels: { name: "values-content-configuration-#{application.name}" }
+      }
+    end
+    let(:resource) { ::Kubeclient::Resource.new(metadata: metadata, data: files) }
+
+    it 'returns a KubeClient resource with config map content for the application' do
+      expect(subject.config_map_resource).to eq(resource)
+    end
+  end
+
+  describe '#rbac?' do
+    subject { upgrade_command.rbac? }
+
+    context 'rbac is enabled' do
+      let(:rbac) { true }
+
+      it { is_expected.to be_truthy }
+    end
+
+    context 'rbac is not enabled' do
+      let(:rbac) { false }
+
+      it { is_expected.to be_falsey }
+    end
+  end
+
+  describe '#pod_name' do
+    it 'returns the pod name' do
+      expect(subject.pod_name).to eq("upgrade-#{application.name}")
+    end
+  end
+end
author	Thong Kuah <tkuah@gitlab.com>	2018-09-27 16:00:59 +1200
committer	Thong Kuah <tkuah@gitlab.com>	2018-09-27 18:15:04 +1200
commit	e6fd3f1986b4588bfa94d57dbf2b3b1bd5948b8a (patch)
tree	202109fff59b701f218dbb5c401e5e58fa7d65e8
parent	4392ad80d4c72dcd52cf381a32c428656d2aaa77 (diff)
download	gitlab-ce-e6fd3f1986b4588bfa94d57dbf2b3b1bd5948b8a.tar.gz