summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Fargher <proglottis@gmail.com>2019-09-02 13:42:36 +1200
committerJames Fargher <proglottis@gmail.com>2019-09-05 09:46:51 +1200
commitbc04a1dcf4b71be46ac24ec6a449374d1db2320a (patch)
treea520532f5ff7dee7b04b3160ef942275dbbabd4b
parent632b4075aa724a51e5c1405d93b12c063d439c4c (diff)
downloadgitlab-ce-bc04a1dcf4b71be46ac24ec6a449374d1db2320a.tar.gz
Allow group install of JupyterHubgroup_level_jupyterhub
Removes limitations on cluster types that can install JupyterHub
-rw-r--r--app/models/clusters/applications/jupyter.rb7
-rw-r--r--app/models/clusters/cluster.rb4
-rw-r--r--changelogs/unreleased/group_level_jupyterhub.yml5
-rw-r--r--spec/models/clusters/applications/jupyter_spec.rb48
-rw-r--r--spec/services/clusters/applications/create_service_spec.rb13
5 files changed, 49 insertions, 28 deletions
diff --git a/app/models/clusters/applications/jupyter.rb b/app/models/clusters/applications/jupyter.rb
index fb74d96efe3..ec65482a846 100644
--- a/app/models/clusters/applications/jupyter.rb
+++ b/app/models/clusters/applications/jupyter.rb
@@ -85,7 +85,8 @@ module Clusters
"clientId" => oauth_application.uid,
"clientSecret" => oauth_application.secret,
"callbackUrl" => callback_url,
- "gitlabProjectIdWhitelist" => [project_id]
+ "gitlabProjectIdWhitelist" => cluster.projects.ids,
+ "gitlabGroupWhitelist" => cluster.groups.map(&:to_param)
}
},
"singleuser" => {
@@ -101,10 +102,6 @@ module Clusters
@crypto_key ||= SecureRandom.hex(32)
end
- def project_id
- cluster&.project&.id
- end
-
def gitlab_url
Gitlab.config.gitlab.url
end
diff --git a/app/models/clusters/cluster.rb b/app/models/clusters/cluster.rb
index 444e1a82c97..ef1af1fc8bc 100644
--- a/app/models/clusters/cluster.rb
+++ b/app/models/clusters/cluster.rb
@@ -10,15 +10,15 @@ module Clusters
self.table_name = 'clusters'
PROJECT_ONLY_APPLICATIONS = {
- Applications::Jupyter.application_name => Applications::Jupyter,
Applications::Knative.application_name => Applications::Knative
}.freeze
APPLICATIONS = {
Applications::Helm.application_name => Applications::Helm,
Applications::Ingress.application_name => Applications::Ingress,
Applications::CertManager.application_name => Applications::CertManager,
+ Applications::Prometheus.application_name => Applications::Prometheus,
Applications::Runner.application_name => Applications::Runner,
- Applications::Prometheus.application_name => Applications::Prometheus
+ Applications::Jupyter.application_name => Applications::Jupyter
}.merge(PROJECT_ONLY_APPLICATIONS).freeze
DEFAULT_ENVIRONMENT = '*'
KUBE_INGRESS_BASE_DOMAIN = 'KUBE_INGRESS_BASE_DOMAIN'
diff --git a/changelogs/unreleased/group_level_jupyterhub.yml b/changelogs/unreleased/group_level_jupyterhub.yml
new file mode 100644
index 00000000000..81fc7600e0e
--- /dev/null
+++ b/changelogs/unreleased/group_level_jupyterhub.yml
@@ -0,0 +1,5 @@
+---
+title: Group level JupyterHub
+merge_request: 32512
+author:
+type: added
diff --git a/spec/models/clusters/applications/jupyter_spec.rb b/spec/models/clusters/applications/jupyter_spec.rb
index 1b39328752d..e1eee014567 100644
--- a/spec/models/clusters/applications/jupyter_spec.rb
+++ b/spec/models/clusters/applications/jupyter_spec.rb
@@ -81,27 +81,45 @@ describe Clusters::Applications::Jupyter do
end
describe '#files' do
- let(:application) { create(:clusters_applications_jupyter) }
+ let(:cluster) { create(:cluster, :with_installed_helm, :provided_by_gcp, :project) }
+ let(:application) { create(:clusters_applications_jupyter, cluster: cluster) }
let(:values) { subject[:'values.yaml'] }
subject { application.files }
- it 'includes valid values' do
- expect(values).to include('ingress')
- expect(values).to include('hub')
- expect(values).to include('rbac')
- expect(values).to include('proxy')
- expect(values).to include('auth')
- expect(values).to include('singleuser')
- expect(values).to match(/clientId: '?#{application.oauth_application.uid}/)
- expect(values).to match(/callbackUrl: '?#{application.callback_url}/)
- expect(values).to include("gitlabProjectIdWhitelist:\n - #{application.cluster.project.id}")
- expect(values).to include("c.GitLabOAuthenticator.scope = ['api read_repository write_repository']")
- expect(values).to match(/GITLAB_HOST: '?#{Gitlab.config.gitlab.host}/)
+ context 'when cluster belongs to a project' do
+ it 'includes valid values' do
+ expect(values).to include('ingress')
+ expect(values).to include('hub')
+ expect(values).to include('rbac')
+ expect(values).to include('proxy')
+ expect(values).to include('auth')
+ expect(values).to include('singleuser')
+ expect(values).to match(/clientId: '?#{application.oauth_application.uid}/)
+ expect(values).to match(/callbackUrl: '?#{application.callback_url}/)
+ expect(values).to include("gitlabProjectIdWhitelist:\n - #{application.cluster.project.id}")
+ expect(values).to include("c.GitLabOAuthenticator.scope = ['api read_repository write_repository']")
+ expect(values).to match(/GITLAB_HOST: '?#{Gitlab.config.gitlab.host}/)
+ expect(values).to match(/GITLAB_CLUSTER_ID: '?#{application.cluster.id}/)
+ end
end
- context 'when cluster belongs to a project' do
- it 'sets GitLab project id' do
+ context 'when cluster belongs to a group' do
+ let(:group) { create(:group) }
+ let(:cluster) { create(:cluster, :with_installed_helm, :provided_by_gcp, :group, groups: [group]) }
+
+ it 'includes valid values' do
+ expect(values).to include('ingress')
+ expect(values).to include('hub')
+ expect(values).to include('rbac')
+ expect(values).to include('proxy')
+ expect(values).to include('auth')
+ expect(values).to include('singleuser')
+ expect(values).to match(/clientId: '?#{application.oauth_application.uid}/)
+ expect(values).to match(/callbackUrl: '?#{application.callback_url}/)
+ expect(values).to include("gitlabGroupWhitelist:\n - #{group.to_param}")
+ expect(values).to include("c.GitLabOAuthenticator.scope = ['api read_repository write_repository']")
+ expect(values).to match(/GITLAB_HOST: '?#{Gitlab.config.gitlab.host}/)
expect(values).to match(/GITLAB_CLUSTER_ID: '?#{application.cluster.id}/)
end
end
diff --git a/spec/services/clusters/applications/create_service_spec.rb b/spec/services/clusters/applications/create_service_spec.rb
index bb86a742f0e..8dd573c3698 100644
--- a/spec/services/clusters/applications/create_service_spec.rb
+++ b/spec/services/clusters/applications/create_service_spec.rb
@@ -147,12 +147,12 @@ describe Clusters::Applications::CreateService do
using RSpec::Parameterized::TableSyntax
- where(:application, :association, :allowed, :pre_create_helm) do
- 'helm' | :application_helm | true | false
- 'ingress' | :application_ingress | true | true
- 'runner' | :application_runner | true | true
- 'prometheus' | :application_prometheus | true | true
- 'jupyter' | :application_jupyter | false | true
+ where(:application, :association, :allowed, :pre_create_helm, :pre_create_ingress) do
+ 'helm' | :application_helm | true | false | false
+ 'ingress' | :application_ingress | true | true | false
+ 'runner' | :application_runner | true | true | false
+ 'prometheus' | :application_prometheus | true | true | false
+ 'jupyter' | :application_jupyter | true | true | true
end
with_them do
@@ -160,6 +160,7 @@ describe Clusters::Applications::CreateService do
klass = "Clusters::Applications::#{application.titleize}"
allow_any_instance_of(klass.constantize).to receive(:make_scheduled!).and_call_original
create(:clusters_applications_helm, :installed, cluster: cluster) if pre_create_helm
+ create(:clusters_applications_ingress, :installed, cluster: cluster, external_hostname: 'example.com') if pre_create_ingress
end
let(:params) { { application: application } }